urlscan.io logo urlscan.io
SecurityTrails logo

ua.korrespondent.net Open in urlscan Pro
2606:4700::6812:1fb6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ua.korrespondent.net/
Effective URL: https://ua.korrespondent.net/
Submission: On May 17 via manual from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 130 IPs in 15 countries across 121 domains to perform 1367 HTTP transactions. The main IP is 2606:4700::6812:1fb6, located in United States and belongs to CLOUDFLARENET, US. The main domain is ua.korrespondent.net. The Cisco Umbrella rank of the primary domain is 352810.
TLS certificate: Issued by E1 on May 16th 2022. Valid for: 3 months.
This is the only time ua.korrespondent.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2606:4700::68... 13335 (CLOUDFLAR...)
29 193.29.200.151 197203 (UMHAS)
2 2a00:1450:400... 15169 (GOOGLE)
1 91.198.36.26 43405 (DIGITAL-V...)
10 2a03:90c0:41:... 199524 (GCORE)
36 193.29.200.157 197203 (UMHAS)
1 193.29.200.140 197203 (UMHAS)
1 104.18.3.81 13335 (CLOUDFLAR...)
5 78.159.118.240 28753 (LEASEWEB-...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 185.180.220.208 49981 (WORLDSTREAM)
2 13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
15 91.198.36.35 43405 (DIGITAL-V...)
1 5 146.59.10.80 16276 (OVH)
125 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
21 2a00:1450:400... 15169 (GOOGLE)
3 7 2620:116:800d... 16509 (AMAZON-02)
4 167.71.9.19 14061 (DIGITALOC...)
4 6 35.211.178.172 19527 (GOOGLE-2)
1 34.98.67.61 15169 (GOOGLE)
1 146.59.30.96 16276 (OVH)
2 194.247.175.38 196831 (BEMOBILE-AS)
44 2a00:1450:400... 15169 (GOOGLE)
18 142.250.74.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.184.226 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 146.0.227.109 29066 (VELIANET-...)
7 194.247.175.26 196831 (BEMOBILE-AS)
3 11 51.89.9.251 16276 (OVH)
4 4 185.29.132.241 30419 (MEDIAMATH...)
8 13 69.173.144.138 26667 (RUBICONPR...)
2 5 37.157.2.239 198622 (ADFORM)
3 79 185.33.221.13 29990 (ASN-APPNEX)
35 72 142.250.181.226 15169 (GOOGLE)
1 185.86.137.122 201081 (SMARTADSE...)
2 5 35.244.174.68 15169 (GOOGLE)
4 8 209.54.180.3 16509 (AMAZON-02)
1 185.64.190.79 62713 (AS-PUBMATIC)
5 9 18.156.0.31 16509 (AMAZON-02)
2 185.119.59.4 9123 (TIMEWEB-AS)
1 145.40.89.200 54825 (PACKET)
62 2a00:1450:400... 15169 (GOOGLE)
16 168.119.79.239 24940 (HETZNER-AS)
1 176.9.4.243 24940 (HETZNER-AS)
1 2a02:6b8:a::a 208722 (GLOBAL_DC)
3 65.9.66.173 16509 (AMAZON-02)
1 217.69.133.145 47764 (MAILRU-AS...)
1 4 2a02:6b8::1:119 208722 (GLOBAL_DC)
99 2a00:1450:400... 15169 (GOOGLE)
4 96 23.35.236.247 16625 (AKAMAI-AS)
32 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
2 3 185.94.180.126 35220 (SPOTX-AMS)
3 5 52.59.71.183 16509 (AMAZON-02)
32 172.217.16.130 15169 (GOOGLE)
1 2a02:6b8::16b 208722 (GLOBAL_DC)
2 35.186.253.211 15169 (GOOGLE)
5 5 185.64.190.78 62713 (AS-PUBMATIC)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
6 7 193.0.160.128 54312 (ROCKETFUEL)
7 15.197.193.217 16509 (AMAZON-02)
2 66.155.71.150 13768 (COGECO-PEER1)
1 1 188.72.107.228 208677 (SBERCLOUD-AS)
4 4 52.59.40.31 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 4 2a05:d018:d29... 16509 (AMAZON-02)
2 2 213.19.147.44 3356 (LEVEL3)
3 4 13.248.245.213 16509 (AMAZON-02)
1 2a02:6b8:20::215 208722 (GLOBAL_DC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 2a00:1148:db0... 47764 (MAILRU-AS...)
1 138.201.65.75 24940 (HETZNER-AS)
1 188.42.196.115 7979 (SERVERS-COM)
17 178.250.0.165 44788 (ASN-CRITE...)
16 143.204.215.116 16509 (AMAZON-02)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
30 37.157.3.29 198622 (ADFORM)
2 31 216.52.2.30 29791 (VOXEL-DOT...)
15 23.32.59.34 16625 (AKAMAI-AS)
15 2602:803:c003... 26667 (RUBICONPR...)
15 81.17.55.113 60781 (LEASEWEB-...)
14 141.95.98.68 16276 (OVH)
24 2a02:2638:1::3 44788 (ASN-CRITE...)
14 151.101.1.108 54113 (FASTLY)
54 185.33.221.53 29990 (ASN-APPNEX)
1 138.201.63.145 24940 (HETZNER-AS)
2 185.29.134.249 30419 (MEDIAMATH...)
14 18.203.96.5 16509 (AMAZON-02)
1 2.18.233.201 16625 (AKAMAI-AS)
2 151.101.193.108 54113 (FASTLY)
1 1 80.82.217.90 24961 (MYLOC-AS ...)
1 1 139.162.159.252 63949 (LINODE-AP...)
1 2 35.186.194.101 15169 (GOOGLE)
1 96.16.132.239 16625 (AKAMAI-AS)
1 37.157.3.28 198622 (ADFORM)
2 185.64.190.80 62713 (AS-PUBMATIC)
1 2600:1f18:612... 14618 (AMAZON-AES)
6 2a00:1288:80:... 203220 (YAHOO-DEB)
1 4 79.125.102.158 16509 (AMAZON-02)
1 2 52.208.103.128 16509 (AMAZON-02)
1 5 138.201.63.150 24940 (HETZNER-AS)
4 34.95.69.49 396982 (GOOGLE-CL...)
16 32 2a02:2638:1::13 44788 (ASN-CRITE...)
1 3 104.111.215.191 16625 (AKAMAI-AS)
4 4 2.18.234.233 16625 (AKAMAI-AS)
1 1 18.134.84.21 16509 (AMAZON-02)
2 185.86.137.131 201081 (SMARTADSE...)
1 54.171.37.193 16509 (AMAZON-02)
1 52.213.153.112 16509 (AMAZON-02)
3 4 34.255.218.80 16509 (AMAZON-02)
2 2 34.254.143.3 16509 (AMAZON-02)
1 216.52.2.39 29791 (VOXEL-DOT...)
2 99.81.121.75 16509 (AMAZON-02)
28 151.101.65.108 54113 (FASTLY)
16 178.250.0.157 44788 (ASN-CRITE...)
1 2 198.148.27.139 19189 (PULSEPOINT)
2 54.36.108.3 16276 (OVH)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2 213.155.156.185 1299 (TWELVE99 ...)
1 1 2600:9000:205... 16509 (AMAZON-02)
28 23.205.235.133 16625 (AKAMAI-AS)
3 185.33.221.15 29990 (ASN-APPNEX)
6 6 135.125.160.160 16276 (OVH)
2 63.251.232.165 29791 (VOXEL-DOT...)
3 5 151.101.130.49 54113 (FASTLY)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 54.209.104.147 14618 (AMAZON-AES)
3 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 54.75.174.52 16509 (AMAZON-02)
3 3 154.59.122.79 174 (COGENT-174)
2 2 52.206.177.106 14618 (AMAZON-AES)
4 8 169.50.137.182 36351 (SOFTLAYER)
1 1 52.1.216.129 14618 (AMAZON-AES)
1 1 35.186.193.173 15169 (GOOGLE)
2 38.91.45.7 398989 (DEEPINTENT)
2 2 54.171.137.8 16509 (AMAZON-02)
2 2 184.72.100.245 14618 (AMAZON-AES)
3 54.149.232.224 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
2 2 23.88.75.186 24940 (HETZNER-AS)
1 2620:1ec:21::14 8068 (MICROSOFT...)
6 141.226.228.48 200478 (TABOOLA-AS)
8 11 23.75.246.168 16625 (AKAMAI-AS)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3 35.169.163.246 14618 (AMAZON-AES)
4 4 18.204.53.248 14618 (AMAZON-AES)
2 2 64.202.112.159 22075 (AS-OUTBRAIN)
3 6 34.196.247.148 14618 (AMAZON-AES)
3 142.250.184.194 15169 (GOOGLE)
1367 130
10    2606:4700::6812:1fb6 (United States)

ASN13335 (CLOUDFLARENET, US)
ua.korrespondent.net
29    193.29.200.151 (Ukraine)

ASN197203 (UMHAS, UA)
csskor.ill.in.ua
jskor.ill.in.ua
id.korrespondent.net
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua
i.holder.com.ua
10    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
36    193.29.200.157 (Ukraine)

ASN197203 (UMHAS, UA)
kor.ill.in.ua
1    193.29.200.140 (Ukraine)

ASN197203 (UMHAS, UA)
ui.ill.in.ua
1    104.18.3.81 (None, )

ASN13335 (CLOUDFLARENET, US)
r.i.ua
5    78.159.118.240 (Mindelheim, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com
cdn.umh.ua
z.cdn.umh.ua
3    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
16    185.180.220.208 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.mox.tv
13    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
15    91.198.36.35 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
h.holder.com.ua
5    146.59.10.80 (France)

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu
gaua.hit.gemius.pl
125    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
21    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
4    167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
bgstats.mox.tv
6    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu
ls.hit.gemius.pl
2    194.247.175.38 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
source.mmi.bemobile.ua
44    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
18    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
5    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
3262393d8824fac4ca60baed50c430f6.safeframe.googlesyndication.com
53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
2    146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
7    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
sslpagestat.mmi.bemobile.ua
11    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
4    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
13    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
5    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
79    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
72    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
1    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
5    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
8    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
9    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    185.119.59.4 (St Petersburg, Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: 353757-ce44784.tmweb.ru
0.code.cotsta.ru
1    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
62    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
16    168.119.79.239 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.239.79.119.168.clients.your-server.de
t.cotsta.ru
1    176.9.4.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.4.9.176.clients.your-server.de
a.cotsta.ru
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yandex.ru
3    65.9.66.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-173.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
99    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
96    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
js-sec.indexww.com
dsum.casalemedia.com
32    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
adpone-d.openx.net
u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
3    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
5    52.59.71.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-71-183.eu-central-1.compute.amazonaws.com
pixel.advertising.com
32    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
matchid.adfox.yandex.ru
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
7    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
7    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    188.72.107.228 (Paris, France)

ASN208677 (SBERCLOUD-AS, RU)
google-sync.rutarget.ru
4    52.59.40.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-40-31.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    2a05:d018:d29:3601:a1a5:2084:5d16:63de (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    213.19.147.44 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
1    138.201.65.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.65.201.138.clients.your-server.de
ssp.otm-r.com
1    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
17    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
16    143.204.215.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-116.fra53.r.cloudfront.net
mediawoot.com
15    2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
30    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
31    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
15    23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
15    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
15    81.17.55.113 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
14    141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu
id5-sync.com
24    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
14    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
54    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ams1-ib.adnxs.com
1    138.201.63.145 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal9000.redintelligence.net
2    185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
14    18.203.96.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
s.update.mediamathtag.com
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs-simple.com
1    80.82.217.90 (Duisburg, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
ads.smartstream.tv
1    139.162.159.252 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1426-252.members.linode.com
cm.adsafety.net
2    35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com
ad.sxp.smartclip.net
1    96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    2600:1f18:612b:4232:40ff:2de3:a398:119a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
6    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
pr.ybp.yahoo.com
cdn.js7k.com
s.yimg.com
beap-bc.yahoo.com
ads.yahoo.com
4    79.125.102.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-102-158.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
5    138.201.63.150 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de
hal90008.redintelligence.net
4    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
32    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
x.dlx.addthis.com
4    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    18.134.84.21 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-21.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
2    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    54.171.37.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-37-193.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    52.213.153.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-153-112.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
4    34.255.218.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-218-80.eu-west-1.compute.amazonaws.com
ad.360yield.com
match.360yield.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
2    99.81.121.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-121-75.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
28    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
16    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu
cdn.contentspread.net
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    213.155.156.185 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
1    2600:9000:2057:1c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
28    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
6    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
2    63.251.232.165 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    54.209.104.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-104-147.compute-1.amazonaws.com
rtb.adentifi.com
3    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
4    54.75.174.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-174-52.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
2    52.206.177.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-177-106.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
8    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    52.1.216.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-216-129.compute-1.amazonaws.com
s.company-target.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    54.171.137.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-137-8.eu-west-1.compute.amazonaws.com
d.adroll.com
2    184.72.100.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-100-245.compute-1.amazonaws.com
nep.advangelists.com
3    54.149.232.224 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-232-224.us-west-2.compute.amazonaws.com
dmp.brand-display.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    23.88.75.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.75.88.23.clients.your-server.de
csync.loopme.me
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
11    23.75.246.168 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-246-168.deploy.static.akamaitechnologies.com
px.owneriq.net
5    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    35.169.163.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-163-246.compute-1.amazonaws.com
sync.extend.tv
4    18.204.53.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-53-248.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    64.202.112.159 (Harrodsburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
6    34.196.247.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-247-148.compute-1.amazonaws.com
um2.eqads.com
3    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
198 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
3262393d8824fac4ca60baed50c430f6.safeframe.googlesyndication.com
53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 269
1 MB
178 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
cdn.adnxs.com — Cisco Umbrella Rank: 1420
ams1-ib.adnxs.com — Cisco Umbrella Rank: 6477
acdn.adnxs.com — Cisco Umbrella Rank: 596
secure.adnxs.com — Cisco Umbrella Rank: 424
1 MB
163 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284
1 MB
99 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
3 MB
83 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530
htlb.casalemedia.com — Cisco Umbrella Rank: 477
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
118 KB
65 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 393
mug.criteo.com — Cisco Umbrella Rank: 2669
123 KB
62 ill.in.ua
csskor.ill.in.ua — Cisco Umbrella Rank: 391787
jskor.ill.in.ua — Cisco Umbrella Rank: 411317
kor.ill.in.ua — Cisco Umbrella Rank: 362714
ui.ill.in.ua — Cisco Umbrella Rank: 411847
1 MB
56 rubiconproject.com
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2479
pixel.rubiconproject.com — Cisco Umbrella Rank: 354
fastlane.rubiconproject.com — Cisco Umbrella Rank: 471
token.rubiconproject.com — Cisco Umbrella Rank: 692
eus.rubiconproject.com — Cisco Umbrella Rank: 556
159 KB
36 adform.net
dmp.adform.net — Cisco Umbrella Rank: 2468
adx.adform.net — Cisco Umbrella Rank: 4019
cm.adform.net — Cisco Umbrella Rank: 2172
c1.adform.net — Cisco Umbrella Rank: 571
12 KB
34 openx.net
us-u.openx.net — Cisco Umbrella Rank: 399
rtb.openx.net — Cisco Umbrella Rank: 1524
adpone-d.openx.net — Cisco Umbrella Rank: 17912
u.openx.net — Cisco Umbrella Rank: 756
3 KB
32 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 615
ce.lijit.com — Cisco Umbrella Rank: 917
12 KB
28 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 658
30 KB
24 criteo.net
static.criteo.net — Cisco Umbrella Rank: 621
672 KB
21 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
755 KB
20 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 47567
bgstats.mox.tv — Cisco Umbrella Rank: 56217
202 KB
19 cotsta.ru
0.code.cotsta.ru — Cisco Umbrella Rank: 203406
t.cotsta.ru — Cisco Umbrella Rank: 208240
a.cotsta.ru — Cisco Umbrella Rank: 215739
204 KB
18 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2310
prg.smartadserver.com — Cisco Umbrella Rank: 1355
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 611
6 KB
18 google.com
www.google.com — Cisco Umbrella Rank: 7
adservice.google.com — Cisco Umbrella Rank: 74
4 KB
16 mediawoot.com
mediawoot.com
54 KB
16 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 297
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 485
pr.ybp.yahoo.com — Cisco Umbrella Rank: 900
beap-bc.yahoo.com — Cisco Umbrella Rank: 747
ads.yahoo.com — Cisco Umbrella Rank: 1156
10 KB
16 holder.com.ua
i.holder.com.ua — Cisco Umbrella Rank: 322843
h.holder.com.ua — Cisco Umbrella Rank: 287239
10 KB
15 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 22020
2 MB
14 mediamathtag.com
s.update.mediamathtag.com — Cisco Umbrella Rank: 7763
55 KB
14 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 663
8 KB
14 korrespondent.net
ua.korrespondent.net — Cisco Umbrella Rank: 352810
id.korrespondent.net — Cisco Umbrella Rank: 370816
70 KB
12 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 44664
inv-nets.admixer.net — Cisco Umbrella Rank: 2358
198 KB
11 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 998
5 KB
11 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
c.amazon-adsystem.com — Cisco Umbrella Rank: 288
45 KB
11 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 809
5 KB
8 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
3 KB
8 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 609
image6.pubmatic.com — Cisco Umbrella Rank: 612
image2.pubmatic.com — Cisco Umbrella Rank: 932
3 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 338
2 KB
7 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
a.rfihub.com — Cisco Umbrella Rank: 2916
6 KB
7 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
tags.mathtag.com — Cisco Umbrella Rank: 3224
pixel.mathtag.com — Cisco Umbrella Rank: 1281
3 KB
7 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 427
cms.quantserve.com — Cisco Umbrella Rank: 1128
2 KB
7 google.de
www.google.de — Cisco Umbrella Rank: 5483
adservice.google.de — Cisco Umbrella Rank: 7678
2 KB
6 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3616
2 KB
6 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 977
589 B
6 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1221
2 KB
6 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 33656
hal90008.redintelligence.net — Cisco Umbrella Rank: 254137
7 KB
6 bemobile.ua
source.mmi.bemobile.ua — Cisco Umbrella Rank: 195703
sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 205628
25 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
3 KB
6 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 48860
ls.hit.gemius.pl — Cisco Umbrella Rank: 12133
18 KB
5 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2091
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
1 KB
5 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 435
2 KB
5 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 598
idsync.rlcdn.com — Cisco Umbrella Rank: 330
32 B
5 umh.ua
cdn.umh.ua — Cisco Umbrella Rank: 274443
z.cdn.umh.ua — Cisco Umbrella Rank: 297093
6 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
2 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 466
2 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 646
match.360yield.com — Cisco Umbrella Rank: 4319
2 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 675
3 KB
4 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1386
30 B
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
2 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 414
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 887
3 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 910
85 KB
3 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1690
2 KB
3 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1886
781 B
3 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1227
2 KB
3 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2790
559 B
3 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9163
2 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 518
2 KB
3 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1392
mc.yandex.ru — Cisco Umbrella Rank: 3290
matchid.adfox.yandex.ru — Cisco Umbrella Rank: 27663
104 KB
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 138584
4 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 558
634 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 884
461 B
2 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2270
465 B
2 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1559
223 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 857
83 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1370
747 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 755
850 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1468
816 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5262
726 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 818
s.tribalfusion.com — Cisco Umbrella Rank: 2566
1 KB
2 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 52708
72 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 560
829 B
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 413
93 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 656
254 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1247
2 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 458
2 KB
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 891
569 B
2 smartclip.net
ad.sxp.smartclip.net — Cisco Umbrella Rank: 3216
481 B
2 adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 2839
80 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 520
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 594
382 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1040
344 B
2 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 10088
ad.mail.ru — Cisco Umbrella Rank: 10140
12 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 789
874 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
79 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 511
707 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 822
380 B
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 2859
445 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3854
396 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1113
47 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 741
439 B
1 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 852
14 KB
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1176
209 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 472
337 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1172
191 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4367
532 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 993
183 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 5143
360 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 5317
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 34311
823 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1895
7 KB
1 otm-r.com
ssp.otm-r.com — Cisco Umbrella Rank: 120037
303 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5990
182 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 432
2 KB
1 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6107
10 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1574
584 B
1 rutarget.ru
google-sync.rutarget.ru — Cisco Umbrella Rank: 182711
574 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1439
296 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1183
350 B
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 407
126 KB
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
356 B
1 i.ua
r.i.ua — Cisco Umbrella Rank: 172336
1 KB
0 adotmob.com Failed
sync.adotmob.com Failed
0 ib-ibi.com Failed
global.ib-ibi.com Failed
0 outstream.today Failed
ad.outstream.today Failed
1367 121
Domain Requested by
125 pagead2.googlesyndication.com z.cdn.umh.ua
ad.mox.tv
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
ua.korrespondent.net
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
googleads.g.doubleclick.net
0.code.cotsta.ru
tpc.googlesyndication.com
www.googletagservices.com
hb.adpone.com
53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
acdn.adnxs-simple.com
99 s0.2mdn.net ua.korrespondent.net
s0.2mdn.net
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
acdn.adnxs-simple.com
mediawoot.com
53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
79 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
0.code.cotsta.ru
hb.adpone.com
acdn.adnxs.com
ssum-sec.casalemedia.com
72 cm.g.doubleclick.net 35 redirects onetag-sys.com
googleads.g.doubleclick.net
ua.korrespondent.net
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
62 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
mediawoot.com
acdn.adnxs-simple.com
54 ams1-ib.adnxs.com hb.adpone.com
mediawoot.com
cdn.adnxs.com
acdn.adnxs-simple.com
50 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
um2.eqads.com
39 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
hb.adpone.com
ua.korrespondent.net
mediawoot.com
acdn.adnxs-simple.com
53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
36 kor.ill.in.ua ua.korrespondent.net
32 gum.criteo.com 16 redirects static.criteo.net
32 googleads4.g.doubleclick.net ua.korrespondent.net
31 ap.lijit.com 2 redirects hb.adpone.com
30 adx.adform.net hb.adpone.com
28 js-sec.indexww.com hb.adpone.com
ssum-sec.casalemedia.com
28 eus.rubiconproject.com hb.adpone.com
eus.rubiconproject.com
28 acdn.adnxs.com mediawoot.com
hb.adpone.com
24 static.criteo.net 0.code.cotsta.ru
static.criteo.net
hb.adpone.com
21 www.googletagservices.com ad.mox.tv
googleads.g.doubleclick.net
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
s0.2mdn.net
acdn.adnxs-simple.com
18 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
ua.korrespondent.net
mediawoot.com
17 bidder.criteo.com 0.code.cotsta.ru
hb.adpone.com
static.criteo.net
16 mug.criteo.com
16 mediawoot.com ua.korrespondent.net
mediawoot.com
16 t.cotsta.ru 0.code.cotsta.ru
16 ad.mox.tv z.cdn.umh.ua
ad.mox.tv
h.holder.com.ua
ua.korrespondent.net
15 u.openx.net hb.adpone.com
15 prg.smartadserver.com hb.adpone.com
15 fastlane.rubiconproject.com hb.adpone.com
15 adpone-d.openx.net hb.adpone.com
15 htlb.casalemedia.com hb.adpone.com
15 hb.adpone.com mediawoot.com
15 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
15 h.holder.com.ua i.holder.com.ua
14 s.update.mediamathtag.com ua.korrespondent.net
s.update.mediamathtag.com
14 cdn.adnxs.com hb.adpone.com
14 id5-sync.com hb.adpone.com
13 www.google.com 2 redirects ua.korrespondent.net
googleads.g.doubleclick.net
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
tpc.googlesyndication.com
53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
13 csskor.ill.in.ua ua.korrespondent.net
csskor.ill.in.ua
12 jskor.ill.in.ua ua.korrespondent.net
11 px.owneriq.net 8 redirects ssum-sec.casalemedia.com
11 onetag-sys.com 3 redirects ua.korrespondent.net
onetag-sys.com
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
10 cdn.admixer.net ua.korrespondent.net
cdn.admixer.net
10 ua.korrespondent.net 1 redirects ua.korrespondent.net
jskor.ill.in.ua
9 ups.analytics.yahoo.com 5 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
8 um.simpli.fi 4 redirects ssum-sec.casalemedia.com
8 s.amazon-adsystem.com 4 redirects onetag-sys.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
7 match.adsrvr.org bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ssum-sec.casalemedia.com
eus.rubiconproject.com
7 pixel.rubiconproject.com 3 redirects onetag-sys.com
googleads.g.doubleclick.net
eus.rubiconproject.com
6 um2.eqads.com 3 redirects ssum-sec.casalemedia.com
6 sync.taboola.com ssum-sec.casalemedia.com
6 gu.dyntrk.com 6 redirects
6 p.rfihub.com 6 redirects
6 x.bidswitch.net 4 redirects ssum-sec.casalemedia.com
5 ad4m.at ssum-sec.casalemedia.com
5 sync-tm.everesttech.net 3 redirects ssum-sec.casalemedia.com
5 hal90008.redintelligence.net 1 redirects mediawoot.com
hal90008.redintelligence.net
5 token.rubiconproject.com 5 redirects
5 image6.pubmatic.com 5 redirects
5 pixel.advertising.com 3 redirects googleads.g.doubleclick.net
5 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 pixel.quantserve.com 2 redirects ua.korrespondent.net
ad.mox.tv
5 gaua.hit.gemius.pl 1 redirects ua.korrespondent.net
gaua.hit.gemius.pl
4 sync.srv.stackadapt.com 4 redirects
4 match.prod.bidr.io ssum-sec.casalemedia.com
4 ads.stickyadstv.com 4 redirects
4 i.clean.gg acdn.adnxs-simple.com
4 dpm.demdex.net 1 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
4 eb2.3lift.com 3 redirects googleads.g.doubleclick.net
4 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
4 pm.w55c.net 4 redirects
4 sslpagestat.mmi.bemobile.ua source.mmi.bemobile.ua
4 id.rlcdn.com 2 redirects onetag-sys.com
eus.rubiconproject.com
4 sync.mathtag.com 4 redirects
4 bgstats.mox.tv ua.korrespondent.net
onetag-sys.com
4 unpkg.com ad.mox.tv
4 z.cdn.umh.ua cdn.umh.ua
4 id.korrespondent.net ua.korrespondent.net
jskor.ill.in.ua
id.korrespondent.net
3 ade.googlesyndication.com
3 sync.extend.tv 3 redirects
3 dmp.brand-display.com ssum-sec.casalemedia.com
3 c1.adform.net ssum-sec.casalemedia.com
3 ums.acuityplatform.com 3 redirects
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 casale-match.dotomi.com 3 redirects
3 secure.adnxs.com ssum-sec.casalemedia.com
3 mc.yandex.com 1 redirects ua.korrespondent.net
3 sync.search.spotxchange.com 2 redirects googleads.g.doubleclick.net
3 c.amazon-adsystem.com ua.korrespondent.net
c.amazon-adsystem.com
3 bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 pa.tns-ua.com source.mmi.bemobile.ua
pa.tns-ua.com
ua.korrespondent.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
ua.korrespondent.net
2 b1sync.zemanta.com 2 redirects
2 csync.loopme.me 2 redirects
2 nep.advangelists.com 2 redirects
2 d.adroll.com 2 redirects
2 match.deepintent.com ssum-sec.casalemedia.com
2 beacon.lynx.cognitivlabs.com 2 redirects
2 ad.turn.com 2 redirects
2 cm.adgrx.com ssum-sec.casalemedia.com
2 d5p.de17a.com 2 redirects
2 cdn.contentspread.net hal90008.redintelligence.net
2 bh.contextweb.com 1 redirects googleads.g.doubleclick.net
2 s.yimg.com mediawoot.com
2 ads.yieldmo.com googleads.g.doubleclick.net
2 loadm.exelator.com 2 redirects
2 match.360yield.com 2 redirects
2 ad.360yield.com 1 redirects googleads.g.doubleclick.net
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 tags.bluekai.com 1 redirects googleads.g.doubleclick.net
2 bcp.crwdcntrl.net 1 redirects googleads.g.doubleclick.net
2 image2.pubmatic.com googleads.g.doubleclick.net
2 ad.sxp.smartclip.net 1 redirects googleads.g.doubleclick.net
2 acdn.adnxs-simple.com hb.adpone.com
2 tags.mathtag.com ua.korrespondent.net
2 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 sync.1rx.io 2 redirects
2 pixel-sync.sitescout.com bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
2 rtb.openx.net bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
2 cms.quantserve.com 1 redirects bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 0.code.cotsta.ru ad.mox.tv
ua.korrespondent.net
2 dmp.adform.net 2 redirects
2 inv-nets.admixer.net cdn.admixer.net
ad.mox.tv
2 cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 source.mmi.bemobile.ua h.holder.com.ua
source.mmi.bemobile.ua
2 www.google.de ua.korrespondent.net
2 stats.g.doubleclick.net www.google-analytics.com
2 www.googletagmanager.com ua.korrespondent.net
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 ads.yahoo.com eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 bttrack.com ssum-sec.casalemedia.com
1 cm.ctnsnet.com 1 redirects
1 s.company-target.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 beap-bc.yahoo.com cdn.js7k.com
1 s.ad.smaato.net 1 redirects
1 s.tribalfusion.com 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 cdn.js7k.com pr.ybp.yahoo.com
1 ce.lijit.com googleads.g.doubleclick.net
1 rtb.gumgum.com googleads.g.doubleclick.net
1 beacon.krxd.net googleads.g.doubleclick.net
1 x.dlx.addthis.com googleads.g.doubleclick.net
1 1f2e7.v.fwmrm.net 1 redirects
1 pr.ybp.yahoo.com ua.korrespondent.net
1 partners.tremorhub.com googleads.g.doubleclick.net
1 cm.adform.net googleads.g.doubleclick.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 pixel.mathtag.com ua.korrespondent.net
1 hal9000.redintelligence.net ua.korrespondent.net
1 3262393d8824fac4ca60baed50c430f6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ads.betweendigital.com 0.code.cotsta.ru
1 ssp.otm-r.com 0.code.cotsta.ru
1 ad.mail.ru 0.code.cotsta.ru
1 prebid-eu.creativecdn.com 0.code.cotsta.ru
1 cdn.jsdelivr.net 0.code.cotsta.ru
1 yastatic.net yandex.ru
1 dsp.adfarm1.adition.com 1 redirects
1 google-sync.rutarget.ru 1 redirects
1 a.rfihub.com ua.korrespondent.net
1 ag.innovid.com bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
1 matchid.adfox.yandex.ru yandex.ru
1 mc.yandex.ru ua.korrespondent.net
1 top-fwz1.mail.ru ua.korrespondent.net
1 yandex.ru ua.korrespondent.net
1 a.cotsta.ru 0.code.cotsta.ru
1 prebid.a-mo.net ad.mox.tv
1 image8.pubmatic.com onetag-sys.com
1 ssbsync-global.smartadserver.com onetag-sys.com
1 pixel-eu.rubiconproject.com onetag-sys.com
1 imasdk.googleapis.com ad.mox.tv
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 odr.mookie1.com ua.korrespondent.net
1 cdn.umh.ua ua.korrespondent.net
1 r.i.ua ua.korrespondent.net
1 ui.ill.in.ua ua.korrespondent.net
1 i.holder.com.ua ua.korrespondent.net
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 global.ib-ibi.com Failed googleads.g.doubleclick.net
0 ad.outstream.today Failed ua.korrespondent.net
1367 185
Subject Issuer Validity Valid
*.korrespondent.net
E1		 2022-05-16 -
2022-08-14		 3 months crt.sh
*.ill.in.ua
Sectigo RSA Domain Validation Secure Server CA		 2021-09-25 -
2022-09-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
holder.com.ua
R3		 2022-04-09 -
2022-07-08		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2021-06-08 -
2022-06-21		 a year crt.sh
*.kp.ua
R3		 2022-04-04 -
2022-07-03		 3 months crt.sh
i.ua
R3		 2022-04-07 -
2022-07-06		 3 months crt.sh
cdn.umh.ua
R3		 2022-04-10 -
2022-07-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
ad.mox.tv
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
bgstats.mox.tv
R3		 2022-03-30 -
2022-06-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.mmi.bemobile.ua
Sectigo RSA Domain Validation Secure Server CA		 2022-01-14 -
2023-02-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
juke.mmi.tns-ua.com
R3		 2022-05-16 -
2022-08-14		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
0.code.cotsta.ru
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
*.a-mo.net
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
t.cotsta.ru
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
a.cotsta.ru
R3		 2022-02-24 -
2022-05-25		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2022-03-04 -
2022-09-01		 6 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
matchid.adfox.yandex.ru
Yandex CA		 2022-02-05 -
2022-07-31		 6 months crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2022-04-01 -
2022-09-29		 6 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-11 -
2022-06-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
mediawoot.com
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
redintelligence.net
R3		 2022-03-29 -
2022-06-27		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
update.mediamathtag.com
R3		 2022-04-25 -
2022-07-24		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-05-02 -
2022-06-22		 2 months crt.sh
i.clean.gg
GTS CA 1D4		 2022-04-13 -
2022-07-12		 3 months crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2022-05-17 -
2022-11-09		 6 months crt.sh
*.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
contentspread.net
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.knorex.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh

This page contains 234 frames:

Primary Page: https://ua.korrespondent.net/
Frame ID: B6214A36C07B7ED23F62B77CFD7A3AD4
Requests: 161 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 1E464C8A823BD62BB3299BCEC03AC112
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 21BC9635C02C191C43841FBBFAE9FD91
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: E6EE5363CE370155C3A7B00D6EB7948A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20190131/zrt_lookup.html
Frame ID: 8D95447CF16E7D467B315CDA053BDEEA
Requests: 1 HTTP requests in this frame

Frame: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Frame ID: 58FA4D775C5F53E079ACDA6A6624AE42
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1652802316&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fua.korrespondent.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316588&bpp=2&bdt=766&idt=275&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3644822342989&frm=20&pv=2&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=293
Frame ID: 6651337108885F7913390FE43A607238
Requests: 1 HTTP requests in this frame

Frame: https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D263643B6926B061D89E88F79F298035
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
Frame ID: 3E6B05FC0633FBBB94A2F527607D0081
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Frame ID: 65589C80219B1865D8D2DFCEBCBA6905
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Frame ID: 35F16A2F01377B88EF42B35F3B59ABB0
Requests: 15 HTTP requests in this frame

Frame: https://0.code.cotsta.ru/dist/a.min.js
Frame ID: 0A519C433CABE02875461F4D6A7585EE
Requests: 52 HTTP requests in this frame

Frame: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: FA67308EF49B2F76220E15D55FBFA5EA
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: 726057D9A50DE8DAA11DB68DBDCEE0BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A7528C10866CA942064A021B93708E5F
Requests: 2 HTTP requests in this frame

Frame: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8FF155D355C8055E3898BFF5870731BB
Requests: 15 HTTP requests in this frame

Frame: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: FA203D5F50B107E088519DB9E95693AA
Requests: 15 HTTP requests in this frame

Frame: https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4AD39F425849B435BC5D90E29023877B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNW8GdSif9vPf8uEsobf3FGEMeRpBjyuaUIIpSiZL4ddxI9TrgRw6QNNCQPEtM4Jz5im6c5lfFXWlXLhCEj34wFqbRuXRBGogwvPPoYvUm2YXvsWGeUK4VKbNMHkIfm9rr-vLRWB-vSvsBzGU2kk8BpZwVq0N4xDdBDEMqvht8ViG0ekD3s
Frame ID: 9034772F10002A7A04694DC3FD8C94DB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYrrLbyQEwAQ&v=APEucNV7IwRCBpF4svWBqyWWvSxh6Vyrth2v2_ybt5zscjNSeWikiXnbvXLibs0MshiEqoXp01diOpycphnj6x5HihRhvC_4GxCLfrbSA7UYsycf-fGg6PkUM5An1NFSxrTNwkUFPdrfpfL5XWin8-1jBZaBr57JeUHlA_loj1nLKUlVRpUUQo6NNE5VjlW03yYwOPd1iWs0
Frame ID: 9FF25D4F1BD76EE18C67A3A5C208C2E0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNUr_9WpolcfaKHDEDtUZeL9tk84BPoTUYMe5Ghr_5hp1xiI2DVZWQmzMsGkIM32NI_uLcfPC2Qt3YcrHgB0pfPvAhW5jQmOHHipt6VSwW5tKdUspXNYrmr37vmwqmQ6BHhC63B2qJyeP2Lc8sMMpn4_wJgM77HEb4p-nC_JUtODIadJTQo
Frame ID: F31428D18DA56A32FEEFC82491C569E3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Frame ID: E92BF51369DF92E9EFD3B5FF881CA369
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E843AF8B334B1BC7688024C005AD2EEB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1F0D6BD386B1A5C309AE3D1D95328FA6
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14966983600078554299/index.html
Frame ID: AC59E1810EC52AA874335BB354E7F9AB
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Frame ID: 91DA6612E78D5F26A706D1D304A06B45
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Frame ID: 8F3E10624FA212A128C1F3F5AC159BBE
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 06ABF539E72D59C5E3BAA24B89257F78
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 81CC085C73747C33C7C86954933A5CB3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Frame ID: 27628B13752A74A0E25B7DA6DB658738
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 110ACB3731588F3FBDC79EA6ADEAA9E2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8DACEF7CF68FE39951E75190DC3E2A7F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F269803530E8E3E075B586C6D42CF9C7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2775E1C3EA1B8546031D5AFA3B7D1AE9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C575E74146E10CD09A164ED43294D2B0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8610050614645263&output=html&adk=1812271804&adf=3407270561&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fua.korrespondent.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802318557&bpp=1&bdt=1387&idt=127&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&cookie=ID%3Db0151d092b68d7a9%3AT%3D1652802316%3AS%3DALNI_MamwyTwnoVjZgP7AtBrIpaADixf-A&nras=1&correlator=3644822342989&frm=23&ife=1&pv=2&ga_vid=590111183.1652802316&ga_sid=1652802319&ga_hid=2125392058&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=2484715974&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C21066428&oid=2&pvsid=361822275069798&pem=547&tmod=449272345&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.z0j9xqtje7ze&fsb=1&dtd=142
Frame ID: D470D7F44800D6BAC2AFC00DDA75E169
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A1C581A34F95B1B11B981695767E3713
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 85CE56811373B6F4415121DA62099F09
Requests: 2 HTTP requests in this frame

Frame: https://3262393d8824fac4ca60baed50c430f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: E182018699E397DBEA452338997FA152
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 22BCB449B7452105D13E1085654A4558
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16941BD6F8119086BB69B26351FF8F1F
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfNKXIApw2SkeX64L0tvM3VDlYMtZ0Pl82sNKL00rdqGIxWpEWtlxobBgRXTF4dk82FK20PzrOGzfYDJnuXfBxZwHW_v8KKt21IsE6K1g-18PXL2adcchWpzjVO_9uuQsed6CTaZfR7Cx9YeKKHBJx6i60t0qZyjJQ-CRlIFHWOdDlqvuOXgpEsicbsT8SId9orTR54qWK3H5kPqGJ8WcHwiVoVz1qa0Ibz6T9lMi13RtKjIYlVnBNoe4vzga24O91nmKe9G_84ye0l646FkC944BTMylOOXTWAPDOquSXC1VA-WdkYAfuga7VdKf-JyRoP7cC-MuciSzbTzWIKIabReJtA9VztMIoMhQW7Vau37v_saRW&sig=Cg0ArKJSzPctCbplLpESEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FCF4E82D077AFA416E6614C6AEA11282
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: F4BC3C0DB338A2E1E8655C628AFE0C73
Requests: 17 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=zrffrdpel&e=1068016250166
Frame ID: 33F49878A7B06609D99AEAB9A9599C08
Requests: 13 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=yyakrhcb&e=1068016250166
Frame ID: E1DBB6522FDB986E14A37574CCAB200F
Requests: 13 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=uowquneh&e=1068016250166
Frame ID: 745B9FB4122D6B6791662359D4D214F8
Requests: 13 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=pjbzvaf&e=1068016250166
Frame ID: DBBDBE244DA9C3C9261F6E0ECA7527F8
Requests: 13 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=rabglyjyh&e=1068016250166
Frame ID: 331A857EA90A3093BF822990ECE34C17
Requests: 13 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=brjrd&e=1068016250166
Frame ID: 87CE578438E864532224C93347284B6B
Requests: 13 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=ivawnoge&e=1068016250166
Frame ID: 3E271C7C21F9049A03C986FF47320CA6
Requests: 13 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=zejlij&e=1068016250166
Frame ID: 5907D28F6DDAF96AFAF07A263C5843CC
Requests: 13 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=yulkjros&e=1068016250166
Frame ID: 91CC6442CA6C57666E3118955A12A6C9
Requests: 12 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=fkkwwruyd&e=1068016250166
Frame ID: 47C84F23133EFF6FD944016C2C44852C
Requests: 12 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=jeeeyszd&e=1068016250166
Frame ID: 5CC01ADCFB66AF00F2697C7892ED6E32
Requests: 12 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=ukbrjr&e=1068016250166
Frame ID: E20C5F74C35953703A4466144DDBF674
Requests: 12 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=ztathhok&e=1068016250166
Frame ID: 3DB427A1CA0FE24106E0385E40EFAD0A
Requests: 12 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=mfvhqvk&e=1068016250166
Frame ID: 4BCC21A32D399DB306EE36FBCA2FA364
Requests: 12 HTTP requests in this frame

Frame: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Frame ID: 8422C9E3B5D453CE42F9F8D77ED83F7E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNW5lFf09Ni6AVYrVI6BziCKymFtlmZrx1-Uuawg3IMyrbTjQjuY7Ea1eb0WEC8-H93cmovAz_d0f6b886PnR63PUmE-OhlvAHUCV1lHHkf6Ye93jJxiXlk6XKkf7ys9e3Xjo3hX4d_idkMf3dN1chmaZhWXykSDYE6H2fx1ttaPRJrGF6i4x9V5Ik57-C2thkhv7VWrN733HKhlGCIbvV2nA6FnRcRoxE6T2UXHmLPIpzRZ7nk
Frame ID: 368E254950602A4E3094A1E14CA4F537
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Drw9EdWzEwPni6fZ8wIZTWREQofTlUFzUpHnxq81ALN7nsLIz3M14FMuVdflzgyVNedEIt-DC6iTi5_cndywfVzdNxZrBWkKFaQuI25TY8B-QiKmsevanF1cRJYYuErJBuDR8jlkkWMo_c0BbrbDls0kv7Kw&cry=1&dbm_d=AKAmf-Cj3AWInNLaBiUsJF-6fT8JXGdwU6UfnWGXKwkcCW9CBgjK2uqUtTBCFHmuCDITC4NZvB9fZxUSJmXBd4_2Wf4noNPFUtgR-IrIcAUjk7lfNeST5hII9NZw_eu4sDhobjYJPWlC6TtI09P8_LGSZKrRjpHowyr40-pox9VnX-fJclEevV5Ckd5mNRJsni_LLvJL-vvhCzVbRJVBKbheeEH63s-6DsIQ4Zi8AY-6Ixrp2knVZee4hry4ijmNNOj5d4q95cFl6gjFxtqFuYNvxut1MWimxiFOKwXCd3h8bUmevBEKXb4FsGJ77bf6GLesqbULg2CVSJbkuEhFtMIOfIjQIbdj9ywGT46tM6ctHlBTCW82GvnVZNrtpqZvfWZCuRFM4Q2vzLaHNbxuD07VCX339XjPBWc4b4EtgRMOkCl6IfI4lnB6HklmqWYBlW6P5nBo7JE5lnN5rEQuiFeCCT4LL4tEMhQ5SamzldV1SE_J4JiIb8V6A3yl5fF2TWfT76xqr3rXztEjIUQVyQ5qmzjECbWcPhrb5WKE0N6tikK7kXKVbCu6K-amzx0sZw5JtRlflcYQWcqp_Jfr7qch7Vq82bvD28y3CKVsezz3Z_f5GICEXtDv14ECGjkj0xCvOeLCBBw_Qm9gf6EYYZe4xGxV1NTuAS3z1h-FGk5fn1C9EMEih5_u6DlRiejVQipKPVHMbtGz1-wogrhw4L1FVeXw8mzIk-lqpist_vvnRXJyvYqTwuuwroc2vTFGt2CyAMU4nOwvURSfNvAmQtsDFv_-WDNkw_BAUnVXgT52qcBlpqcWtfdj58CrdCif1ZDTKCI7BLrKmEhaPpQBfvWq0JwRC1Q8U2qOsThWusRTTBT-v2VGzesWkf57R2BZ6yk0UV4z_b1DV263nsNB7zBVASVvF3gEOaE6Q_UnjIvnyRRlBrsrmZuCOhG20sT14tMQUF8plevNFYVw66uBpS-RjbOcKjPTUp0MByAPX5aBF5MXfvWPL9G5wugieQ8VHsWGFmUvksb6IKDsrVLLnU3uyiwNdVKMCw6VtCK5zZJulnLSBc8tiojjkCYErUBinOhYZjNAycE_4eDH4rVIqtDmGn2_RRMCgJJvOZtx8G6KR-1e6IGXtZG0ysGHY0vBbkolOcsHkom6l4ck6MhLVDma0pzl05VaTcTSznfqIcJDHBQlS73ZQ0XI6O8nwec_xL-PPxgkmweXVbJgJdZhWsODXRBAPidiX_oRrVOC0TLYYlwFLGt7cNfGkRr5s6BobreIcu5VCYYHbTS1L4DaNrItGYiBR0Giy4yG2bnaYBz8xSfX_4V_ZIt-J83qaUsQj7Q23zj3h8iV4g4WsWiNITiFvN_KyuNi7eVNCTSckwsRvNJe_xuujL7fkUuYjv8wUctmh-Lz-XhttKxGO9Tt0E10IY55ai57D0-D_-Q7JlBQAyWb2FML7GVwKBnEW2VTlyQzY8HiSfnkD8AC_urR_4ymwWQrtXgnx3_3GYJ2R81nzfc7oiuqj1IkRRSf9ssGOn5wi8YU0o_Kyl_IEbM0v__aZ6sD-ciPeMDvry7r-DlRJVOo7vCm6ISJHUaqVsON2pxrqXFmoTtDdyo9xbHobmPXWSgfq3SwMOfwlKHAQXG0mNEXH2teHHEt5Szdf1SIz64TEUkZ1T_LgV-npmYUCcpqxkeDngwbb2xJb8VT1t2HIlGOV2YqwM_icMe4EyvIiFzhlraH9CzrPzqmFab2gZCh4E66IkcJDcxeIDWlHEbnnAWsAb_59YNCtfF361_8w4MeZCRKmVXMo4pRwhyr9JFttz7MYI66ernZEx4Hwu1Hcz4fiJr2OxHyo8P3K0ErhZ7Ac-VYgKd1drcYkkgMXAgx5ClBOPYPF3tv8TgOgTR8KPwVTJj6tk-YTVNsOOWzfv9dimktSNu0KrC_BTGuvwSwMmle1Lc-PIAOLeoa4na9lTRueoglgMwOJuSclvKQKqEH5RV2KnGEeOk17R46hcx-wSR9qrYggvwBCrOHxTZJtGtcQhi2We0rlkQyCUGXnGR4unI0VFCkTI6HfJllotmEMC9niu4Z0fzGYmFXyfoY2i5Ri4sSsBiTE-vSPV_BiH9NrpafpMolrI3o9hisvmpw4NRe1Jls89gBLB8gTRpQLtNAENSVgheHitXiRPOHnevTfGFExJn6ZXgWjnvcbO9SmMut0rK0_D-DUbhXxr816CkKmubOp9adGGuNUTtcLtEC4lbbjmm0zde-8SXK6e_zT1odC0cWvlZhAmJqNRv3AX_3YQRXN6AkWnZyNEmvbxNbEJIAKFXiiSgL2KF2SOKkVtFslOUi74ulD1MxQYTahfEaCDpVdjYlNLAm6Qyz611_afeoI5txCkxTIeKuotQQECNURBsrIJAq4fWFsub1iOdOiv25gdqkCsAS4FfaHlHLculGkd9oUgmwvCRk_BRwyUOVmw2yj3aKuI0cQjVdvz6TNlTvUdYxrzSyByB1tG4MvFS_1-xS88AOamFlcN94mjZ4ZWo7RvTCIJsduF8xpYLAxHBUtTzTiiTSH_k_0sMKtwg4oA8e4z4VgiRMaXTO_HIzbrhrQk56bMy0Gx1sWtlGBPxu0yIfd8l4ZrEnBJiCQTNEDPTSt9hMb3z9sWgCpxnot7KrOGqyOHLFiunD9zvD98BjrSkhRHiFamhcLKjb6sJzeCRkE3uqFMlMEiU16nQMG-rw0G8yy39xMGOhUst2rQr1nqza_KqoDiBn9Wy-TTWP6VxzthviQDJQaMO0e2rORbAoHd8Y3VnOX4EhLVsGaTRDYkkEw57OXIyDfHO38zzmS3qHw2rab8Uzw0gWXFM1gAAqQIQIEXXsPykvJQoRPKQCUt9Fy4kiOFpzWNh8C9CFHvA3lqtPdl_igzL5kKLGhoarpaHashUlsally3Z-tsL3N-OsbMcLKDEcYvqYCX7k0BpKAYC5mWWYab-jR09rGE5wPDcCF3W5bZnk7BftSuDZkqoPnOHQPY6cCsbfK_JKRNqjbRPKarVxGSRqVG3_v8CvC3A_UZZlt5nqCXbccX9CxxhWGqUBUpGXi6Q1fzde-LXC18pd1P8F9vgPB-EYad8lUd1KKtGKVj7iw_S8eQr8aUY1PAyueMAwoTJpDuSgJ11IMWpTzWlcsYUSoz08ByefbUK-E0-2pR4o1aiQJs705SUMckffMmbcSNjz1fmmLCAJNB-j8u3Y_EGordWXxBlvDWXmtYd_JzKIcIZb2r18xHJEqBWRYfLUdGsDFO4szJBRSmZD3TaAtY_Z0uHxzp70uKpf1G7K5etlazdWFQS68MajmPgtFW5LcEmuj8Dc4FsJTXjBdf-W8lqCv68eb_1mmNyYvEOudcwchObUx4j5c_wIe9EkC6l0wO8iVx6eX_hSTLxSns5DEpuDwWJTnIw5UhlblpP6xmPL_-Oeifpvigdf0dUiNsw_SjBg1V_Y4jshMLvqXPOnfxceREDwg6JLvQ8wj8m8jeqym04h4_XGVQVEL7pkhDcKbVWjSEJ-_pVIzAuNXBnTUArnMMtDg6J87PsOukdg4Jxg7IGxWXyQyy77WDIIOexOyguCri4ZEwIx&cid=CAASEuRoYDoCgVgBtDVimK1bHU7TtQ&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Frame ID: 56403C8D056B2245E449DDE65A69C627
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNUiHLNTO9k-L2oM7-WkvpwzQd2HK45xlMveSWW3vNlkQX3ArwAcZdptzJdY_LG3TFuK4Vegb7QL8F9L54ajbGtk10RO8WyenBoX7USXWDSyIwWQ1KvnMYDPuyZdjQ0acRsYzB02ae-FaCdZnJZD3C73YvsKZDPNzLhP2s10TsF2TGJa27uZzgMkmOQkY0qmIjhrIA_qpd5Io1nq4pPpG4cx4m7j__FXiYATtp1yTINmJ4BjXiY
Frame ID: 2F240493FFA55AA3EE9C9D5CFF22FCF2
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdHGQvRXsb-429yQleklrK4nk2fRCrWHj0fZtMsof5CjXomcEPSj31CxuA7vwtMNR4cJBwPy7K1EyxtL2tOjuuA_uQseZBjZds1espKR4LGK0ifNScnyRDyAKb12rOWxHQ7_qo5GJ5EIrG0EPaw6QMDJb-Dw&cry=1&dbm_d=AKAmf-Cv6PQTbKj_hJSY5sCf2rMJHNGKJcoHs4Da3lsEq7bvn3hO0yOmoaSpj_hSFPssX43nG9UnU85OOjXmo4kOLslu6_JmrfI-5wGuYRG8IykImX-c6K8BSFNOPZEe8pF_t3j1Ybm4No1l08UhD6hKnpl9o4oJ-8cLqvMdLqNrysTSw40tI8W_Ffkh3uhFZKIx4gtvyHLS-buwJHfYYv-fDp7TXxywIk8bJ9hrXzY6P0YzaVp7WBWSr99rpWTWLvJF7lXuG7i8BDrRzhi-eXqNbXi8CNyPL8nc4ceZ2vvi7fj7Nb3iXA4ikLtTyyFj_fid58VoSmZ8Mvrwl2AjztIM8TBxqmhO7j33G307l6KjC3YQ4gMnr8pnr5pC4b-Nk-WBwjCth0BQePI0wSbMcRLdBJ1Os1P6temGuXqkGHVK4QxeJ1OWf0Gmtz8c-bzmYgMgnBU5RCItWUvltdbKJbTk54T7QH2jlusk7f1pyrSCwO3HZqhE3AcNo5PHC29EKu3W-OLdPGiZmZhpfuMT15hcMH_zVVATsdCuZ3j0rGo52x7edXHMvlC0kYcYp3NFIriR7H5es1fMh1QxgQ7oTmQUL4OpjfHefsk510Ld38fE3hzu95e0b1ki6rQbTHbfA38QtXcK8MBcEeF97Eiq4gCI5_nDrkhYoQjngUFouJFnUNAb1VhJmUPAL5IUG1BReAk1MLOecAYViw1JnWOTc-U05hM9-0VV6ZQFv6p5lTOk_IRjhJOOc1R3tJ00VPS_DEE8juBQnlQpUWOoRMNmOkkrRjOSp4ppELS6yBqfZc1nyZXL_jwAncgIgnzceAZzJ_tQM9rg9pn65jZWxovIIIR1paem7Em58VoB6emYrNkaoEAKPJqMD-ivFcNL0XUikW1iiJ6VVsR60-TzLJ-eCZLuxbr95zsYdmW_F4psT9kcIC-oykhV_StuyeGj8sH2sUR2whXXr9EcgfgnFKHUOCIRKfvv1cZW7rGn4stGNYt3FbSEBJp_dVP1GscJxxZc5MqbovGJAZ_k2_9Dc6pC5qlXugsuw-TvVuxAOXekIq7KQdssPTXwQxslB1LZKjVGPloy2PvwhylWdcMn3CKVBc1geAfMJvIHHgmjQoAJ0oxV4lrD7L64neiKvBH2os3XW0F6lbcT-ED9Pje2w88U9ccB2-9IfvjnNntMotZHpV4o1-jfgMfXTScqFcdDt340RvsGbCTC-MGrHTkerPawNfNBrnRHFrKIpKDvAx0lCoIpxnj3hLHj10SluVcREUTHWrQA3Z4bmXXHCpqM54tLF9zRNB-BmduUOb2do4Eyw5MuSKbEepMVxlzq330TjDhj6fH4JA9wez0OyPmr7M2eXyYti8Q-wBfOCKAi5UwjdphTfRmuq5TDCIaqxTmGzKPNVMVeb7WAy4442etfgwChCqQfUdZz0lJnIeN6Gzs1kFicreTLMz10poixHnK7LwAZb7tDVky3KaBm1ox-l6P8mlvOyM3j9a76z0myGvT9zbKLCSjZjwdQOWe7n_kjaXtxqwZQ9yE1bu0ryWD_XGjPzUQddgNbZTmMFc7zPnAe4dWztAs7jV65S_enrm8e6PVp3tc6BCQmwc6FU-kjJCjOxosWJIvneXXMTeyzHj5pkG5rikV76-rZmLb1MRAashUYhr8bRNf7ygpN0gbaeFNvC0YKAZmcgy7oKIs2dCrpptAWf0OBwzHCfBBLvIjKW1FGmbjE3DjGfFBdawWcsNIjGZlo6nS5-fpqRgAgUM00hjKaQaesM14nY0q4e6VfDJvhW3Q6XmjzTP9uDMHn5D_0JoOun0R_eLY6QCtcTwErDzptLLwbZgy631RXRaGaMglQLaKQbyV_wF5TsN8GR5UpsMN0UdlnN-kpg3g-4PXQ5WfFIRNAIbaCJuRiWpUhSLr7Bc4qj9exTkV6xgB3emqezKU8jtdIA-BcZEt9ff909cuvYPBB5wuMFlCWRu2rYz-rTQ_VKDm4LvkJ15lneaKg5G-jUe5b0lf84E12D1z3P6-0bzvnttyKAdx6_rYJc-ylXf_i_DXK-egXR6H-EkIQgV_oRprLk-mtXcedpb9jt0Ymm3LouPJjivXRiWibv64N6wfvBqFcSC6oHwrOmTrbP_h7_HKtm_Ismnty456NGL3C--BqsuZw_rGBPHECLYCnVQWx1J0dXYmgrq_Q33QiHXeIDt-EDMvlqym0sk2i054RWR4uEyzEeRHPvqYmsrmpWE11zixG_DmPE-B6o_SxVb5UdMjxq9zsnP5N9rmvTqo8EOQu8iB_x5dz50270iublHOefcOymZtPkJZumkP_ZMEv5BIkxOZAgS9sa7B-Edzi4Q_zfte5XbYbfaRNi7VEC2-3pE9FOyyLKLcDi2fJ9-ixB2_jL7GmXqLnt3T1ybZtTfB1aT0DXAS-FqLTuMvmody15uCyl00Ou5abPh32hBXLv-mVz6igmZqnGrur_UjmIO7FsyIeq53r6QLe_R1K7hH-dhzG11GkealxEvYNMkRakP5sAfeExIfzgBzGW2mbjPiFqLCgJJiLLYchrQdQa7CPO350CJOIzq4ZfTHVyl6c_MZ4F0iBuMS-dqhJcSPY0WcuwNC5nVbMesm7UcDvExag5jBlb5Q16-AVTIDRtllyb6N2oE0joneAueFoicDNKwC721zBeKO-pdhSSXJLVCbRkXhUWKWg3uuXIp8Oi9FZPy0Ix7__jMQfR0zwDp46NA1-dw1LYVyAlkx37H35RnmYtG3KHOfasRvoHNmqImHBTx35-Fcdg-QqmaqWioFOmhho87Eizd8Sn2R_AHXe2P68q_nKYsYUqNMJmXnTcirIdw4egUVYt83slJO47u8tV4uzr-nGqZ74RA3727qq65_NHyYtCnCoX0GHBcRpir0z-7-PeAD6-e99MaZivzSyzK8WXzPRez46u-XV13ttus6npCWJKIDvT-_BAoyKiySYj1cr_RcbesjGCZZbmBslIwYXlFi6WdiFUbVc1K1Pj-dgnHgzZk4qVvE11aNWlYq9uBfFxzJfRZD22hsFzAur2fu295qqQdoI_NI-CGCNp9rIduagNpHEGBylEcfkspottQVsKuFLlOjZdUutA8XxxH8qVKPE8FuEjRflmWDZx2ixFU9gd-X0ziDJ9RBuXl2O3ExllcvJR2ZMh1G8DfuktdFaxUgYwD9_GPnEvFCvbopb1Yr8OPonoESp6nSxKkQxeXizUpGc0-ZvO3KGmfa0ZUw4GxmFeBoyEn0CA546A600gSIgbnFXbSIqu-IU05kEFLo6xKIQVQfufMpsAX-JtE5SZ2RVnx9nR-YOhSZQe4KIiAXRgkJvhVWcNPlXs4iZ1nNdKp4lW1uamt3f4L0yl5E52e1PeoVflEE3fzruk8ZbV1AhXhDxkRwr4k-yLYniVW9qt9YnH2xM8fdOKSkk3piOx_xrVlfBpPNRwuOxrftdNe3mwWpg1qiiRbcYHd0gEZFiFyOmbjNdrXRcXz6CPVb4-ZDBhuDuyoDyor4lToYRZyULV1ddm-975PEor_37pewK3zrgHFHW3u9HjgprKmQyZ6EnuTZuMPTP8ruiuYua5quDqhY-&cid=CAASEuRo6UAjP6MyDoQLQlQ7vvhUQA&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Frame ID: 102678E739050B17B6721363D42E2593
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNX0v6DkUR33x267Hgt5dcEnM7G8UPMbqsNVZWUGXAy3-e_KEQLRgp0UPSbO7mOtQbCVW_pVjIP_zQu0FtUg9wiBAmyC0lXIO3DjOw66vT7ELHzqi39R0T4s8qbX77pQr7ZYiI1kB6E54klAdIBqizujtJYDDvLzCd_mn42HIc-xLH825IQQWq0YIFb2-xku7fq9n7EVaC7wjDwIRz03bxu_JYr3sluqQCxxa644KEHv6d_eM9g
Frame ID: A3DF91EE53644B9D8EC712ECAA730244
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DG3MseeAwHTtae3TXOubYlIlTzhTGLxI0MX4bW7qbfrX5Fr5r-BOUKQ3GKAWfInKBnwrvysKAr5Kx3fNBY8Fw7p8M7qK7o6nvwMycWSjxMrhp7nzy2B_T4fb73Zq1XjuNdU_JD6anV-ueTCwyil0z9gYJ5Pg&cry=1&dbm_d=AKAmf-AL3JbWIYuFESj-yltRTSFFy-oFGu9EVN41l4DeIOrpmKc5ZQ0WyKzwgDv8kznE8AHvEFDjvmLKfmW15eVX5WJrMu0YD-lAxpJcdMky5OWf3TwgVD5KfXniOzm-eTb8DKdglbQPFUZ_TiHAj-28ijBmpz2Gtq-JUCZBHB1Ons02oKSXlHxVKOHjRGNCmBjMoMoDPajlyySGnNibjiptKXZfcF-EJu2XGGcXNWpo46eq0i5-y_O86ExvvjTbsPZjEyyuCNnfkyUcx5KROmFU5VV5-ZtflOntoMXdrORRJYCSG_GYwhiRM9LEPADcFdFolFNzm-WM7ntuNfkVyvJnWedpZX6zHLFvquPRTA27x8r2xl9IZkwJ_uI2odFkjWgqPbDZ1Zo1Hz0YMvim6FkerRNyYetNARfXFwS6_g-CbUiy5GIKOW5DbIvl0GQecim276RTAoezXTGaUeDy8nLI0pbbEVDn4r1GsD5qKxaEhau3IutDMu7vuVMzQEtHHlSucPzB_22VI8xf4j2fypo2OYMBmMy-xzK2SHEgL4-Vw04NkGjH_BqSga9ycbdfbGqpXBtdVZFclseQKb-YvBVI9GP-rpiEt8GakF7g72CtxQaFa7n3TrmBNfylA_huAXO3JU9wxOxsO1CDV11JNzwfIZD55EHJ5rhTb1XcE69T9RkZCRhNTxpaDIQTNqh0hHATzuAG6xv3eGGXA8FonNi1cCh6TCXDf53IrRZy32L1SvyJJklvcXHlsRios-Fd3RlDRbAOSVmRoNO0FgX6mIhrIexoXrhPbVohuyd802ALRSCk7zj8zc4TSD5j5-YxODla24nS_D9bL0CgZs825hhBKx8iCiqNtggl_Cx2X5P0prgP5_iGdIhsE3CPg9nemSaDBt14OcurbNorh9Po5cEtJ6U6Zkpol5fkPPj_PSKTuVhLMx2GLxfKMbDn1J1yh0J7mz4REMT4PZ5GR7_sF1tSWXRM9pezn4wk1kjSKvnjyrNOujccDEHlIHD6W5l5pjOGgMuVGL7uSv5soFAie0PLLG_z8zhjPIZxIOVCUFlUb6P0WlJVMY40ySewm013x9D0sd5RwUoTZFcy-9W8kV6uZlF078T81fY3iyCynrCFxhUs761oX3eqWXuK1bfNMPsua6ePUIFydidjqI5bYjkpuOiI6yP8rxn2Fys6j0V1o6hLzk2cJPvVGgn4I-noY_LGXGR-F_6yYuEUMj782Astb5lmNB8Cwil-Y25e5f0aDhDGYrUJ-skfGO0gByxX-6SDLUo0YEWvoLPXH4JY92SeSckIL_Zz-PbNVe27rFuIDb2h2-RfGr5bPetEJ62ZsQQeq5wuw25xt8aLlEoVRaCzmpaS0bmFno61L59Sp2hsJVFomxmp3mAO46CjlZx1-4VN9BAl1EHBls1TMtbWcuLRL_REUX98HC11UV3hJv3ki23_pf1jL4A13pnEOjt15YqBlphcX4RM97h5Nyyh3ln01tCoVmqm3juR4MBC0338ni0zN38ZzlSaObqPYddrN2vTLKgyvkgzNWjjWDPzf2IT78Hs4Tcx5obmQ_gWOGhHYD_b7RTI0k4AheRqCM__OSkswwoRmgbZfL5xEjcXhMTlt7ttCzrOx0ZXdjJliejRYyjvBfPXBmHiLtAzPv6NcFoAZo8o3o_gKiWn4bpIyjZ1vCBUtgNlgEgsPlShOmZWXSr5zMTug77YZi6KpIpnk__UuRwFJClVSbmD1Gl4SZujkFvVPU2-Jy5CtL39X9buEdjfmp7_y3RKr_XvpjXkaVHGVL76hOhEKLotTXyVWW0yYMXRtmJmggly75y5JfSw5CRKbFgK4aSGI5XqiOmNJyjfyM0zF3iHB-qKDLiQE4OwGtA8voV-MfZu1_Vc2_DWcYyYnwrELG3XVOjQU9iYTpo3voaADkf2dcumZHr4-aNnzM_nhw5gmCoDqwaYSY51VuB93cNx67hZ_3xTQkc62TWIDnTF1vAyIeG3VLIn3wDsaoYbh6pjYjWkU5pMeEMw-9435WpD-1UFR_2-75o8LE8jXO8swkbIcucJzPcBr7z-UIb4pfqA0emxAgv1Ckc8xo0mcghjgOeisELgCXkF3HBlWHU01URKd7LAw0IMpagwwE3Xc3LbF57KQ75Xoz8cwuWA5EgInNoTiD9VSlGXH7Q6evW0jul40ea8HI7LGwwGplS7Xk1sUHYQuHGOXt5Wvb9wskC2-61fuhyDkOlQHorhkI4_AuPt4Jdow6n_8kVKLODA2xbrj9Y7_U5GQ8WQFyfDUyvpAywuRhG8iQ-NKpbyTtJgRfpoU9QtuwhO713Urrkt0PxU8Ye78UVOyP-i9MOiEZ7e4xauo5rbQMRJexhVOaSrfEeZR1vMDUMKZkQUNx3FF_YEyd-b-DM7ypj9lQNdHSzv0wUB6hxM7VkNVbQvAz96GXs83n-DxBQwltTjzTeUR0R2b9bQDqziwTgSzqXp29Ftc2VRkJLljLFwaLAeGr7inRpH5KzD_kJ6-wtyGrOATHkwXp2YCMPzOR64FT_lnQILuI1cE3DPXtbWzk3dzcnVhIsT-HU3V92Pj4Qasg-OPGpqs_AKpKhTHdrFN8bxJ-XIH3ksBfEbvdoFUCWp4X4jTqM_CQLpTas7YsTA2kuUoKoHYty-HY3Tfxfum59f8jMZKAG6cJHSQ96_fcx1jxJvXiBFDsup_Z5rcVDiK1u92st7cC62C9rgelg1cPVxad8ICntGOO0w82L0ODa1aFRejZFPAWXK6oyI0g-ms2sjmiJHqjkH3lS1YAZGNxmH4vceT_05nfuERx8hIntwQURjj_4a0rf9_MiENFgZxwUkKO6qOyEcz_TNMTBrWruAK5xCizgVUy9wgG1gpa2qrMjxZxQFmEFHGyiyvbjNnJ_9KGiWXGgo4SyREkzWMsdm0jsXStfSGHNvmj-le41eWGamMNaEQNUrNBpW9g5EprKFEDCRvIrzauihy_0fGp216GlzHAkqxngDwT6Urf9vnUfbjz6mabsd5rzidIbeXnTFoOOrwPaSDv0Xc9id87iwD3klA0QwkEnUN_Y_KYBZiVlT4jkQK57AUuwmigLvwajTN6Hhw3FwbTN5STQ6-TW2DVjeRaetN9WmRYQ6gpGYOQCtSA1UhsieO2j_CEWvZaj9dLr-eHd6z_Wa9meEH-cHX3waenjRJfdcKCHaDJQX-1LmaRUuAogIRQcq9eitWAuzQ8X7SNJELagl5jb7jMXRrWTmKvSEbL57QYby4wQAoVKREd4PcJzAnRWCgMxc6TkpZbzaYUlbQTtiIdLA_OeyIiSwnJAZPlH_6gaxsblDXCyNkBORy6Ubg_AKX8DRkWUjSjtrhfPJnKE0pjPkurk16xfNd36ji21cUzpV6iUYbDOmpitboYtsXzSg7j8E_PNDxqU9wuWFzSd998di2QfavRvZqM8kIM4yy2QFbfUEQf7bzrawjVdoyXa-iWstZUSK54j9zCN20uHmumAl6LIk7JqbjJySKq-3_7fUpQCKpZyuMNc4MWvxcoL-LLSH-whUA2AuDOJ4qTaacePUx6D0hxtg4mGhgERej5p7ktOc-7FPZx63w0sdE7OaJjAIgiHn1Px9jw&cid=CAASEuRoWAZk9qx9f1c7uP-GGYGLvw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Frame ID: FDD8475A9268C84B7BE58429C3BE5F3C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNV_D1GsXsC4nFFO_w29wzYDt6v3ktC3A8KmBVkVtjyExqP-0q2W7vm6uWDTnJ3s2rCpsCIEDIl97Fag3AAc_DQU1yOPFdneusZ7HVUz4NmGu9Ce3kPbQR9PWl-KuHXfUstZxQl0e3H2qqCZgDm2jJDVBJsbagTaMmuErpXTZrmwpwqwwcrxzD3BPgqGNJHCJNIqaz0tYYSPPH10N_ZxvH_ql0ysH0m2rw6bhWvXUYFRIaZKSgY
Frame ID: 69C1351765A5E0F96315BC65DDBB4364
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BEX4XlBnjhGUPUpGumxExUc2So0XtLP3PY2h-DvQWIVzdjIRQmMs-hXQszojWyqaTxVEFWV6c4WO92ye7B2tg2uHtkXPkT3ZWS4lXOwVrkd_i79AR9zJDhq2Lpt66r5tTyLuNlNnbJyd856qm-lKDKm4p5Gw&cry=1&dbm_d=AKAmf-AxokYf_WKdinvNnbmY0-EwbdBnVWjTgATCl5hVKcJsp2VRLtD_DRk-qOTxqTGcSPgtBtMrQQKRzN9q5Pak9N-hk2I9kRMKnkTCi1masFJJ75pC09VvNFKkeNZ9-DiXiOpRz-eZePB7-XDYkfMt_G8_IoY0mH7AduFG7T_rm_6ZmOItc9sGVPMbfkYZHUTIvWdGy5bhMOdOxLO91dvqMmiqsZbR0yvKFRpN_7PNEuVj7ACvVX9Gs144WtntJVREARM66Zm_2Jy1iBiiCnQR-n6FOAfYPyw_5rwrHV9BfnKs6lLRq2Y3kbxEmTmjKYkk6ZpcrpYa3-cesyv7wlOPbo5wpEt2mOcEPmf1BhdUX001eDfWIu5jfoBRBVdbaLiRhcVOMqQ1Ut4L1hc7CcIvt3l3_pxmifK5xE0Yq7T1FcN1Ku9NjQ06S5KzBhUOUuJkNL9QhObsP_lnp_pp9vYsmbtu1dfm5p1z4yua_fBjdNvPz7H6gQh52CWalfx5bHsifQKfn-TDKv9vvavDqQk7mKYn9cMyyYO67ej9wMUnflEVJ5llUUbToJKxvoy5eBQVHyav9y2SepTPFs84SeWoIO0WkJT-5IUUgL6Idu4uUaiVdXY94LdDWnZ6trsbGSEK-GYIRW5EE-RL0YYtqrm41VRXEKrWBLnfbzq6UnL9bi3moQ9Z8YbjJsHNCb5CFv0M8Jmqq2_-M_6h50eFjWKDb8Fofd1wbU9lqfjAwZxtn39mOuIIArHpWO7sIvr5KOJvkY9FNSeNNBq0wc9GiCqrb72E-7Hvfho-ilrnQNwlwqVPcIhoieJY0bxHip_bs_w2UDN7BiEFQNKTHC_VJ2x_O8d8VAsxVWd8kKbTJzVi1E0zDWYUst9VB3KTd035zZAESfEYLzWdGlJw5nEsejyTqLvBZpiy1X48EzNmTkms0e1Yhhs97jXlFAQ9kFGErKOCBu6b_2nvIWgvQwqNS25NblHhnxjm-tEsMBXiWwu6VqCVH9AQmeEcn8zwRKfq0TuN043Wdieg8G7CHc4V6juFy6WRiU6fKXbMq8xGg83RW50KQVcN8lqF45kWcsyiS5g3PWsgXBRCaS8d8_n5q346G6d9sIuIxh7imUSL48v-SOBiEK-5Ipgi7Rawvj5HWnqDZSB9nljKKXXAnOasrRa0HYhEa_l2zISnE7pWEuTL95ELPnp-ycptkp9T3WtP4QdTtz8I64ysC5n_Wz6wdqqoLFbX7zqMG9TuLUwF7kTnBt9BX9S0U_Ms1rWbKSTO-O5uhlZks5-e1xE40jaa-20e02kPUqtSdjIArxH2AGOFaPcIlvfpcGuO77FO-bM9OeLtNFlvUt1c89EwMaBmZc4dkXkoY06orBRCXwxiGbkYrfg68XoQKWKNWmOi4vNSTR1DCcHV6-84UVVfjBEHSUUAL6OBAHWHINUyKv3M2ldOPaUQy-BCKgmSFQpfDz4l5gCQbX2CAU7ML-WR19IRur8R-tFdbRHa7E0IjTeDU8QAhAjy2zWQapseneOCO3J5waRXbA5TiDvsz4ab4grzCMUlZduVO2JdH_ybCB9OVgUg-Zdc4MR77WqNGgTLlSmk014AehKHiuPP2Xkfb_8FEsfAHvU9ddjelXlqJhasB7owrgv3j-yUsZ0jzbK5WnCqcZPMtGiF7tvicYCVlc3Oro4wgOGL5JllUdAEeEv2wJaKa5FtSDyoaoMo_JEXesUcnyAYTdJgPqZj8IjnmIgsNOaLtr2HmEkBVDf3-AQgYq5SZ1X_cwU1OiKypJxZ3ijM_IPoUpXfpeZleR-8Zk6GszBjKinAQ4jRAt1ok5bdBEBWwTQ2yYNMURr0jVqaM8ebRy4meak8njHllpVnIdnfuueiNobqjzwWR08AJCylbHHs_WZkOiZv6pEWaDjbsiIa3cTdVGuRR8SqBc4S8k9u18zRIurELoblypiq3ISRZZ9xFSPHWDTOr-HiM7SSBJZhkdSChdNMasbGu-6hJTn4vldtdKuWBsAlEfC9adnmSEaJ-TOr-krSUYNvmqp9Bcyopiq7YhlcnMskqMIr8Eq1rjOYvKz5dk2b-A8XCfxLugr6XaEgkBbDkCpimmE-mNWGCea75DgPQ8heFAO9Q-VBS4UPuib8Vx53iDXkQkZWGjegJrQ1-BS6v_rNOHdgzLJsqtBZuCsfUFTMRzrGk2a8FTqImiM8Ya6tMIZ3pso4VtBXN0fW-3iZUkAfk4X4G2OUhSnXX0TopqsntctRgJo6LEY6xUo89Fi3rlshP5dHo7on1ODKt5w9Wec_m57ZHwrfTfacPUbuWInzF8_Q2I_I56aqiFBwqz-_JDehoN3-hPaZxelYUlDzcbbPaA1E4VYFBuNSWeoT8CZIoILe2j1elJmrbmdWWdoo8LJFNu7tarPmNa3KdkDkEpcJyaBnG6azDxqt8S-msqtvL5GhKn-Y5tg0_d1ZpJJY7d0D-_jXIS64d7FVaWmhRPf9AmdjcQOVFsPR7mwtH7PEWZM8u2DLUXV5N649tqiXz9U17H-Me7lD0tda7WtkA9GQakbr6vtHkdtERhfA7_WT0Fsp3BW8mgtOVQIC2AIY-votawkwRStO1wEdo_MqQXvf9j3eH9C_yHFanizIb2QksI3dD-ctS0tnPl4dHWnkIHuGj6JBVzYnWYK6VoErdhF4U7xkGFZvbP3EI0vJXpJ28n_xO6FwGuXkCJe_4O_P0J7p1I897V6STrolx3Z2AWtkUSwL4FPr7tqa5mre3J0qMgzl8kPLMCz0atdHD8XpVKQZugpTIApGjkvpNLga7qxDW3YWezcqgki_oYbwhSqwUlM5TFEbvW8_q7_G4nHkJwstLWpM44q203yXBdgL7tnAglerByzsoGWem-2jDSY7TNKXC89h6T4YOU38WnxvlYxouH3akrwstGgo6Sha6haYZxGaPleywFBFS1ZMmtTUH8SubAsU4VYh5t2CxTcyuAWr0t2CS5IiDyJPGjfBGfX3VKENcuj7QhedkwdemP70HcAaJPEfH-YJI_c48KdIVhWLg9g3Tzy7pLvj5gOWCF_TIjcwtzg__1sBLd0uApzQC7rLWV3FFQSChWzabN389VbjHdXzZV6O-e5FKEAPCtIEl5nh1on6i10d9qZrijwSDNzv1_YUIHpqrDaBXLt1C_kUCh_pUAJuSrMOuMAuXxcv1q4b2GL7d0vg18dc2BHRklIBBz-nm-1_Vch3AGcam02Mv6BOzDco9czTSZvST_PQmbbjEGr2GBzaZveDPOx2dQURxldkeshVQDjjFw4jLx4OlXKPOjWyutOLSFfKgs_49YKaqyG6hTPLY-DW5FJYgMuDlcCXVe4rg9PhKz0fVVorSmGvfp8XKUxa6XPOykG4gv3zYGw04qRSPgJdW-UAbr-FYhVVn-9c8ABw_6ALPpNJj3IAIPx3t3zbnLY4hz42T9luIgJsW9EtX3xbbezRMv608YgjNx_lAEWR1fAVIwcQz-JkWocs-PVpoirsNilj_9fNgzCfnkS5kkEmu_MeldcpLt1Im-fG4OXxIy0qTwrlD7j-TwS4zx12KdYtihEaxfaZ6w6IusLu11AbJ_W_&cid=CAASEuRorBC-pY5AKf7_6cuMVVeKTw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Frame ID: D0626497E2E855782916B54BABD8F497
Requests: 15 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/zone/j7ljeqx6jfhz?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=6288863528235289568&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6288863528235289568%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D
Frame ID: 13063ACE231BA1C5169D924BB0EC9C08
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNV2wslm9CuO6YE3cfnaGDk8q2xiYHasPm34UuyoDJwThWcWih7XKdGhJQTvdoYEOBbRaBHSi30ouWkp-ahc9NiIa-fCGg3fjjKeIRRU0UF4jVbp70fDD0Ub19SSSUCeepw2gINoafno_pubW8Wc1LvY2ieFjANrIyKc-lV0tJ5eLUN_y53F3rteu0_UJDydBQLQh5OVLV9SXcgJGkqWmLpuB7FqEPKr4LnJVuEMY65lrMccjbQ
Frame ID: 95084938C9162518DC8FF68F4A8DAC41
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bw-HMYTiDXcnrkbFABdRpIXt2hSbuFetviyhtBivp4u5DFNF5OIKvqnae9KuQZRJGlKxwjCDE8KPyz9q68GLR5Rq7VwjKSvBQY294DpV676eoxSCMgTInguLVgqJ2JFbPZnnaOkbXr2jxgpsQuM1DO5JbJpw&cry=1&dbm_d=AKAmf-Coa2dqzhWuuGbZI6QSSsOlUDF1jUIyWxJ697tTHYVZNSowDLrr02wSpn7g-vetKk-dG7Bn2GXygcHuEEJfhjzmA8FSyjSRibm_eJV0ImTKxNbkxzyt6o8CgVbXLEs0vEPhk10_Ph5oka2Dn9qcPd8Tse1B-cn6zxISVVN0T5SYwz6zUU8PbEg--cTTrLq4ZeIdR-t3yeJKqC9PdA9MrhBeI97mC2od3euGuy83yRt7mAocr_ypibFV49NEDrplg8MnJGN3DevVt3ERrCAtj0iXjDsp43rMjuY8SAt76YQRCR8U4OyGJoguD-QrdAnfTC0_iwxZyd4Rf4E78N6x5BTXBZ40sODpXU1Cd3mvLaHj6SNYGzppxY5E4vZKlWrVgxhq35Z7EYUsjOAeExgufaboU39Tt5KkZNQlvQI06FCqBwbU5o6wroZbZPfFjKVX_5ErgihNDdRHYWK3DdoF5V-Hbp_yxKYeq1iP7QOIr4vQgn4JdZlq8NXSDpJCdisf1icQM6A56YfShKpL0SiKtCelGyoGjPyO0j16lnQCrk4MZXZhp_5q2viV4uUlozHmtd3jN63LklraBs6ryt_XNrzAFev_XR_Q5SQQygSgJIPW2hpnvANqYvN3cqlmwCGA6zA2mFMtIdb61egCCrR67SpRpMCnvQGoHYrluhTSuEUI78eAHVqK983e2wgfegcC23LwctZouVuBtyacOoZgzvGmV3RlDpSgqVwWlEr-osC6NLEOl7HB5QtxopKuRIyTk65HEDlEkbv-BDujsweEThhm0Qbvt2dWiNCzXwXD7Dh4DezIPkIS5lJPJetMuSB9njIazVz57PzeIbs8sUsDQrk2Uy-C6oz6QlOzMAzHU3_F9gvmuamzJb5JyO3Ca7o-rs1jMai2wQAStwKU0Kakr7uyf1hudduBcZZ3qaY00tEe19Wz3u13A-h3B9sY4keETBqXC07ytz4qqn2_R0y7IFB5557OFI1DGlpkkfGWmI7gZUZjdqpWshs5KoU1KBpkVfDKMhSMTjMEH3nkAKXxVGTVpX959vOFnNLwU9tpZGYBQy7BdE8QBe3VMdAjrlWVH2D7cztMAR5HIcUNRFCtU_NYUIi663MWgB2Cpg_7fqQ_0oPbqbi_SyFjcMXMfiNQpHljluuRfYosqRDNHkQ_e5gYVZtgcAG3pyUj8ytumtOeZNqtkeM2kUz5AZlPkGUUFw-9WX4LAuKFR424MiDnKD9F_cEJDFMVzdO71FT8oIobwxzBqwm-3eZo3TJk8Lr8vkjNVorNUP7EePiHvlCjR4tLrKu1FFZ0zySUcyvSax41xXrmAgew3bStv0tFofd8zX-2zxLfdfaRr3MGyOPjIa5HvNub6S4y3WTtrvbUx815N5U06cMB9k5DjC07XFu7Pf7u7Vi9eXoqgRv5Ph93lsfu4-TU53trqDzbfKQSH-oRBVKz7hWww-Rxq9fLqu1Mpv1TDKo4cOzEqXz2p9fji2IfjYZcugKbxyO-UDea71fJERMEBH1K1wz2UX_eg2HKqm0ItXXIpRIRRhRBYzUMzd28ubbMaXTE9dnYFnWrPJgt5Jyiul0gNf6PD_F5RbU_3zzIMSplKLpaM3bu9HoXJMV5XxSmNFigOGcZGjezgSnyGEAi7z8-fL7EpD6FC6Uo7buO0OXdQQGm3ViZQCB6tow5d7kUaZpjFAbAUdijHohLCQ1bgQjdRV4jP9uWf0LEQacALfxPFm-2A7WZRdaduFE-yk1zLqjJg2B2rXlTylAlPqj5RFFkFwslXJXjESRoTfj4P1TYuT0n7lt3rDWp00x1mNLV1NsSjg-3b5qJwly7lW9MWI4fhJPy3fgNtEPX11nlbviPu1mUrsfLRBF2oj4c5MOb7rxRGbWvyRnYlTil0Z4_SvkjtgkLYPOE81XC2ACQPIHuEZHPbEtDXlF9LXS-rFg7M0h4DdgW8L_e6pST9_AN9nit_0YN3Pr7vOg1N5wq3qKXMZr-URKuH1_8AgBqCA8mef_CkdOnZl7E7gqvX1LrQSNYZb1lNmUEg6On9AeF89vgYgG50imUTMiVwsiHI-Oi8VBkRtqDtrnGIltjiDz_y8U5wnBQ5FOhTJLg3YojCBfDIsmhUjlKAonxsBrrOVRYcDQvaZsMrS2zxNBPBTPCT5UGmXL__2yZUMhatqVRhilAyYHVjoug0mgUdAftsQRcJdo6Pp3xkuIdTZSKftdr9nGmCr7_6kLFQR6urocnggOHNLL8OnER6bUqS9E9PhTA9Z-OZM6CXxcpIAxKAVH21DktaFViRddLBtt-fEZyUep-L5nZCLrvgwFKPGw6l_Y-KvoTAHSMztGqrLKb4gnyBfRHteJZycAlcQDq1FypWE-kG3nlGyxX27zLQeAffibQKw7x6rAN0x06tEYqnoVAaoFDND1fI6WX_qfcss20mUbr5bJJFEju_EafTIktfhv9Kdy9JENmL9M7GclLX7fwGirspqdYSOpvhABX6Rb4MSv0j6ouFvy5o7BrEsd008mxJG6dY5ySLZz9I2Erd7vJJqQ0z92rQYgmopovL00HuN5EV1Xrn74PsqesxIYKSVQKyilkuciqCCnTnVDaB-BarYl_Be52Adsw9FA-1hgjMMq0qpsg-t8OHv3BOX9o4yZkadQpQhvCQlGTBcDVxFSPdo13e6JHZwezjb0hpVW9mVp0m4UtmXkIFoKRZn66zp3YYJQ9h9EdOdywzdpRfZJLwPK--WNYAztTxeoJ_cbrRaxo33QAvhzQ5OCUrLOoa8751tZCThf5YmgLY6C3S9Wj6U4JLNkOJXo0VZzxkD0RB-pNqKAV_3AEhJzWUOAs5V64ZfkiezPsaRhFHUeTOloe_Oihcyl6LwOAhjGHoz-GfwMGLygWDiggU6Ivqbb2Klq_Q5lbpKcVW0RWx-rYVP9kspr1rDuUM1209Fi-fqS4ys5EH9gbUOBZif9YRvq3q-dxz1M77UFz-Coi27QpCm-aBcpd4N8wWlX1OsVTERaWyIcp30FudEGobmHPslcNWzkQMDrT0m6OgN5IViV0780suYBY5tbxZH9jVxDBzBqpO8OSv26V5FXJLlX_Q1y5Pz3TLKyU5wLQzJFNuGxpMwNQAMfmnEnTDB5BPPD4Fe_NFbxZUW4ab1yfGe5rh7c0_7KKPVkQYTIVrMuQYY7689lH4uLHofVf52U2J1-IzjswmaFWwpROgoaRpD9vE0vWT1tPiQh3hSEWtqju9nbUHeSHjENh7u13qr4sswF62PkMDDU2L47xoQYu8aW-riEYIDDZGl5r6-O70PiCwn7hKzQjnPdRmroQonbkLIkaLNYfx7U_nrfD1-ez9sqHrQeJPL-qACeBNXYXtsFYEPufCI1zDnmbEBlxe5a5rGjXYKYrAcVTnlIPgTkkP4hZB6MHsc4xnWS2J4rQGnhJFoshLMEPAzudBYXIhmYQT5auczrFxatvcFuUGP1adC7ovlc7nOb-uc2GNnc0_NStHrOi5otKcnoS6BOPj3DfnbR1ZsS9GUv_G3x1yoRYwxSpDz1rgMfgMKlGBJ1rlukxjk7ceKn5h1PqK87lKPmVr9GTMgvT9BK1&cid=CAASEuRoGqiKeWCVtNNiCcGoyI90hw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Frame ID: E3066CA0A66A07F4373CC14719512D2F
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 35686DE72491A426A5AE6FBF74A73F03
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNUB9_cj440aQolY8R8vkO3RHwbBbCmLj_CyL5m84-RwK9ShdwzSfBvYNzVpqePPeC395xgSzisNzNCRo_c078FxXPs9SGkcYmq_1TyBfNG4wuED7EKxShK6ierY5sWqY-8P5iqJs1hoB_feT9prrLAXFcUK0XMbjUmGDRTD7A76ZjuHe31MdEre6OIhLPpolN6ex7-S_6t99uI0tQj6c7CPagxytsAv9dfxHuLsOPTReJm45Fg
Frame ID: 8F5EBA001A678D47D60FBF997D5BA7D7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgzRhgxzFszMsMkiB2GtgvHY9h-3RdDvc525mkb6lpwZTLvpNOf-wPTH5ttXrry_sxb74bDa3iFY0V6Mfr0u988FNsHVc89kBvfRGVHPhA59jw8cbL5EUYFGB_ZonX40pOXJPgGLDaWxKeC_CKDcCwVADi1w&cry=1&dbm_d=AKAmf-Dc04W6mkgHMXv73qgcUvfqxAMXcP1DgEK9OgOh9JZKPtEJJmY-35WFtqIR6RmFjBVDp4H7yX7mhbOvt1LDIMaZJq8le62PUzK6oo1AnJPkW5FvDnQqaRVetZVg_Thuobfa4KlWqk6IL1f7GdsDtMmIBRCYXDXSl_CDIrhWXhV7G2mhaVXejKfTpN9RXQqJZBAlikgrrIhpvwQ9QiqsR0C1vHaE3M65_whwyxq5PlD3PPw52ZCbQrG8GzjjnINIQ9vNxKc9B0yzFyp0JDGs2FUL3bBWfijJKcpVOOihI6RRlc73QDPC_sKLLMa-iZ_QZkGyiVwAMX0yK7PdQCP1hi44REGLMs_xZHepj5mZ6Z_A9dfNbuaBOv0lVtndJaBkUcDrlTowmI9X_8PNctaXryvWSzx8-wPfoQkiHuFihv6C_-VRYyOnGi7_k3nDzdPCPqBAlurwIiTZTeL5xd8iTZRZ6sOavDOURtiN-9NhVkSyxrKSg8SPJvCMsrMzaPYF_mvwgixv0epFCy9FhJUyoimZaMKfWBqCRsvExr_hkXFGw3-idsQSzpD-DYzbUDkzZcYX0p7-BkX9o018YWIUHYieVQ5Rtbp6K1W6VkiH0c-Hc5eawtyD7147ezs_xcFczr5UlBVNKk7PEAtMBFJerEJbSNSdocJ4d5-p8oiqszwyirlrTGaXmyPiL55RnvHex5NbcvCa_V703E4sGMuftcBuSI3eWRyFl6GNvEQraCuqpWH9IabZowOt53lY6zx5JpwgQCD-1lKAe_yxtyRNSjwrWtEAD96-i7lNDUu66AswVWbSF522aFKe9AFNeG5rLFSdZYellScHLQhHvY-WVvFBeCCsZJH_v9nRR7kdXeocWiEDVzHmr2lyoCf9tmpJr5uBbgiGf5rCiXHSeACWc2fXJbDHOZnhdqu3aG2lLkPmg0qrL17slN9AFBmPqg3OR6BDoHaAiX4J_DyNle8lQACKYHwJdWzliaehzEqMooC6sVXV_OT-zKhNiuDrUTPKTp1CjLYPqFjdP1zYdLppD9t-CHvOWe3wGY7aDTTD5Is_G6mTrXImpfNj-l3n1M01Hwe3Wy-KMzHznrXdj7GRrI7zah72G3DCYcQh8t2bnCqz89xUDgfpZ61kJxyAVAksJPYKTtWw8Q8pUOh3JvM10bvixgK7nwMkmr-inwjlax-QTiO0adR6v3KGg4oBZ7oNoahlfncsUPtseB3rLFBF-12jAgK2C_VSehKCjQPCB3sT7ZwvgmyoXssDaEWSf1muSTVewSuU3pMbdGmo6rEpPXH1crS0flCXtgqzu0NmswUrHNbT2iTZapni9I0ejrrp74RiIKgGN21erIompf12oiMXqQ0CGLbO_r3fW_sOOa3EERa83ojvSDACY30JCGy7zg5zyS0POIDWf3rhtWoaVdFBBUTBtf1UqEMth3-V3lKtmpbfQlrCpalqRjCNSWyaf5xcsrZga2sMborADt2zJ98QcLxI9AIHD4zGnL49VS9tcKW0xgR7BNZEwlxJY4bJMw5D2KSxjJxXci0lsWQ0TJqujc9GgV6Ku3KQwpPVbDG_r6i_eK0w1_j8FfIE-YLrSA3JewNDHIhLSnQJoFT2ypCPTbn05O7Z5thPFnI2LK_P0bOiHjvL-4FsMg6-VYdSiokG-Ij6FD1ObWjpy9K-6f2_2jvz-pYc8MtTxjebsDSFlB7QBqvML4mlyUuhOYT2pI1DAtSg1oOGKjcnKb27rz44h17aDB2k4CTWrGA4Fw4GdN3XoSgR7qJyhfOD1sLYEdB88UBXZFnOw1UCdywOCgHZH_Y18kQQfIDI9ZROOkvRwDTlvcwu5yUB-D5uiYIpRB1WQBlJvqALSh6mREXzkqDE45i23KBmIv5dGz9PgxHh2evK5KSlK7qPrx0dwMV9bGTozkNzLbjpSTAJLos4UgX3sectlqIhA7H9JfLuCymh81QqyXJIO1v_kbnfBkwPeAbCbR_yGfPGeaEdsT1vOJh8TVhENr28OA-NvOil8sgRsYteE5UgbVjQZ-XtwagWt3S8TCF07J9x3USvuB8p_ZETRMpXzHk8vjMEh5N2QXJwxL1MJEM7ILkxyMFnXcTqLX4HCeqpouZM9x1z1xgKPwXM5wGnhQbwR7SMhKRIlqZSKXnHnbBrjShO3H26icYRmhl6COdjz7WZTXTZL2GlX-ecjAIkyG2OBjq1hB3hXTeNsmFBD-5H4JbQGSK5Jg7yJ6U6z7oNX2UkpxiQj-5p2Gl4Q4829Cnub486apA_eT1JcG2BoX-3_JtelezEzmddVgGv9c9a3Rs5w2saPR8jwrGn6Vu1Xb2fqgZ5yldW9KOmsiIy9DsoXdnwfPurziCz7m8uo792IHRbt5n9Sa9QXaqgezPhpizDH5RsDdsgfLt9b4_59wuqNM1urt2vR8WCc4S1-iaCJoGk98vpBdt-sCJn8ovU-hlPvUR4tRNF8Yj3hct6ryIY5sSv2ZW8s1nCgucFy09MAlI9OXKHvzvCvfUT6b6l48SBdwbmlKNVVctqY-DFCMAagsiclyEqDjV57asxcyWSr9ZFKcjx-uV3_8_IcDN2uOBeYnlApLRCVIXtxaTKs50Gz80P5EcFO9xDsXDnj9GmGCHVQXIMro9B7ncHzKEypycBO4NQKuTc7PT2at5JaIDvuBCc7Ii02m3fRk2b3ggQvjWwTlgm6fWXLdqshJ9fLM1o0GVoDjI8pD_fZ5dBWafG61WiogL5g0xKU4Ea1sGRqUy9AkGunOOLtesPT4HQVSnNnhKCbUD4q4YVlR5MWkf6Jdt4CIJ9dNpPyopCU9HG06XtMM-odg4Kt_LJBf_7uf0BZEZc-Uc6z6MNr1JsItIHOn26q9_FtlCGnQumGe_0zkxaQ2BE939x6CEs-kTL6L22OIXsHP6ALDCgrENrejKfWA28KnaU2tmhzkCR6quw9Q2KDvOXjxfyoDTie9bdYl3JX_MvnOYj6E-DJ1tzpF-9gVYikRbcZlQvp1rgLJ-jsbfq68ACiDev4Js1mu_RcldvlHFWghF0tUomR0zvDX2FPsN3Z_OYaEsmSv7uiTqGQcfh8WbcqGjmm28XGQzGJtkoF3Nm4ak0rR1vmniLifs3apn7OFIrwwSNZjQLUrGPF8vHDItsAC-1jWBaKbm10vvcKjFP5UUfHXn2QTs42GWo30Prk02j4r4bH271JAXqPPlP5BhgPPeez-rNIc-98vng5V22_m6isJG3L06a81yK3yfDS772S9fO0Mgm7sDPH32HHJaANh5nwQnBqdzPbtC0IvEd1gzJtU5NfIbeGnA-YhvguV4R6kvCzsOoj1UXScERUaJI522bpkMOEMPV9qFR7pjF-I5RKgkeahQCj5NmtNWNzbpe-VyEZXpvfGclOflVV-A4hL9gMdkN_AXehq9bL8f9FSLrWJDZnRE0zvekw-QHvSzwE0X88R0GZeS8X2W0jAh9NTy_kl0Fjhb-xzg897SeSy8BhhYeVFxGlICzuXoQQlaiJKJAHDagqnULqgrSKi7PXEgHMEz13V6zhS6zU0FdP77LTZvhHMoH3-3p0nbRjSXIAhC0qJpBgigSLd-9WS8DNfTWkXtDXaNLeA&cid=CAASEuRo-9F38PhU8jcB44w0KjElbA&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Frame ID: 151831C91FDDDFB645FB6A0FA15E6A6B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNVImkWz83Mabegy1SR06g2uUPRCRjvLugWF911QaOTKQwPIvVHHbxc022diAGML8eVp76LtxqNXNHqaGiINhgsS3-Nnn7EA6KnFsdgt-oyLUN9M7pn70jCmoFj_rw3sJwkAJoNf_fryDn4i5M5R-fbqjIUzPWVoIRqiuCWlHCAfYKuGSc8337z03FsXNg4etAADS_ZQ1e_tM_TPA_F38-UOXy9SaIyKq0EkqcAZV-_xB9MSTfY
Frame ID: 3725F73A6FE691BF5EF530DCADBB364A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkMIuJFJRgpHLm-vpd5ic3EaI92JbhmBoIPck2J9tf0yY0g68RARDZpVOZ5ISEXoiS86HXUuh_952252q4TxK5NH-miFu1R5P95GnezJHUnasrTbmTNXEQXLKbdPaEex4dCZY4rfiJXFt8fGjEeYynutgtzg&cry=1&dbm_d=AKAmf-AtAL1NcMi8VoGjCLCpfIcjkhYi8Tm59fv1lr2BHZq9FgI2phFa4Z9QzeqIPueaiSaP4Lhd1MM2Ojrjc4IXYiSsyIBz583BTJa29j-qeCCGjJOFisopZFILtKJ0qNs2vi4A-NrcE3wRKqSSeMJAG9DD9NMX5PKnAnY8QD2C8ews559swX2-SkBDYXHDXZ_w8KdSemmgVF9pZ3osPsjVLQW8IqkbPXxQn60O98V3QUBUyMLwMfxvikKXRbv8zTHAblipMVJIBiKroL6DlX1Apk8FsUKURpdYpePDsg1zThZX6spa31UApFmqsL_6ds8CD_mgMi5JRFa3i2g9Oo3mPmFH6pvonX05FdMAdnc6q5WpWokebWG9qsEKC1bUw13NxKGmM-_LJUoxheeCmX3_uPBWcsGLrto-WAU1iPBTAomdOrOZOt__F7su6imgYtF-5I2ledcknD3-kbrmET3vzSTX4Zf6IRh8d4OlUXqwUT6CCjBUeCUPbchFuJdXyasDIFbNr-h-z7J1bxHW0W7xWX7cDpTivqEQtwv3zfQIrRhowkURGcAeKMZBkzrH7m1EOFLMM2jlLeKmCCNzMeEeOQJJ4TP_yMMi4-mdmbfmLedPubBHNV4N38lWwx8D4Cmw1rDtxC5HFW-jFzajj9tiH2QrLsPwabFWG2MPYuqNmgtfpHRIfKQ0MTQfauSOHfPCIi5SWFa189AEH0-klvMYxqaO2tm4SFGmEkVdvPiuplTo0fn-R6p0VMeLy5xmJiIFiqM9eXm0nfP66uZvxhzmsm95PzsiiqpoU0QLwJTwGHGHWjWUS2c6kwro_H0Md7eQGN5vFlXYOQZt34LEb8Y1JjERQXL-ALoVL0iSpkDZzx_wMqEeSahttRWR33il6ySrqL6vTkl_AE_N61q2UZJlm43X6kTYLV5xK56YiBNI_RtU9JHRGfrRbc6hOUmH7kZoA4M4xlaZ-2WDL76rOI1nJEgezO7jOXbvJ8P8z-GdbsMdpeNd6T-5nSdHwt0DTKWTdZTj5fISk1lTVwQNuENnih3NYASObGm2UgRhmtgoQf6N72Xc8_NRU5RuoGGgJPBCBAspRqdwrySFuBZ3jofRMNaOzPhVwFxIT3TF5QztXsg6anwdQLipBHFEZVrMTGJKVtWqtkuQfiEeLhHm-dWr__2a0UnPwmKJdFuC4ShJ6srNyCdNQVZSD4DXIesGOfWW_TNrH03U-mAIMhNU3I_GrP225Ds7nKM64UZhOh33gsP8a3qJp-NdraELgWBcC9kxRXDx9qCnFCad4P9Qv0PTBVUkcfSgFPcFTSF3vnIW2rjrILSZdFGv5sztXYLAjM63lsogGesfPezFB3T9-R7Mj7OdHM5anWGiCRzAKrkyoXSne3YLFfXwi3YZvunbGI5iEQSfDaNiTt0VYejj_ZPaSmSHu_sGArf7-cpbfDc4FtZzOL1POo_iwogoa_x_3yhABQARSO6X0MQ2qW2VL3GEgR_VF21gZLEzHZN7S2SpAyK9VNoRuKAedPwkPIaL_b-BJV3lQ-F3NlIDZAYC3Y0vzpC70N22hqdevSVYSz5gIAs-oXMUqUI5SrHiOE6xgV6IBmogJuQMZsFda5tJpVCmErPybHJ-Q0XTieEMfdF0iWp9VVH8mr8Id3Abhry5hx-U9jPu7ysrS42IHt45-e2s6d12qtq8Q0rSWbRhG8pAiJCX5DdtqqHH_wubpVUyEpELJdwnIw0yb3a7Ppt9FqyTeO0lq8gHtqW8oV3uPem0GflnQc76kBlSoUKR5mnDNrWn2U4eXeJay3TENjZORP7JO8a0p3VIHQF6mX7E4LAi1u7uinaf3xMdXCO8RhZuffKEGSZ_pwG02PVottjM9R02NwGT3tkhcCniRluosAx9BDOyoJeqyvAY7yum0oqi6oErTOqK0B-OGvyOgEZRv-EuauC7SWM0TbnhD_8gp2MOPLFOOf4Bm8-ZGxGDQ8fZsncQCkMnmsmBjePtI9qA0NHosUTzj6vW0HccbZEqysKiDmsXa9fAO8yqLVH-g0h0FJ1zkhVEdOs67BNsszzuGBfxuxzjeiTrv52SIwTy6HBsQhlfd3GiZTYJiepKKVd97iUO7KvhBnwJ7RCojb2spp36ZX1nPmqaICv4744i9nDh_gO58CMcX41aPTD_2YmCy1bmttz3klFqV2CL2i873VcfWqTy0rjid9aIxwa356QeRmZ_SnO3sW9cLq9cwvTJHy-lUQC1Eo8zJOzUeRQSPdlE2Bt61AdlF68Mu_ksB2CuP9jHjijrX9o7z5iQcwLGXbUq8_EYEMrZLtK5dYm-Oa-0DR25dIN5vyThQrcc-eTbyr9yRdDfL0yzf-ySVHihhqnGoPmz5mq9SJSst34IDx1Y-EDP8at1_myc8cKXG6k5z5N9OgI-qFAXgqGEAOg7y7lVHHuxjndvS4H8XFu-nepxv7jMeE8MM0U4ZoAnyVZI6vTTyV4us0k1FzXg2pg06v1SkTvaISqCOTH2Ygniydw3QDD-KJVhT20GoDnEDp_LZZDSi95EQY5DFwx5Rzb72vxuR6waGElyON6CvzGSKvgjY8PS34RrQAYlzUhpvifJ0-zXgBm4vwsYKByZ6m9xYhquaJ9iPrrHzs_k45LDHHiRXeqd9wNGCyPvKcX8uFSDtGm7uNyzaJHc-HHPgtaBwaj9FONCLk2xjKjdj3OD5Jw2lULGV64pSrC2iRprILPRfaCveodAeZccTAAen0VDXR9lrU3D65-NIgdk-F_q7Eq2xW7kah6uQfG1W1_06Xh7TUWdUzOiM5mLR806T5h_LXSv7Xb9iJOc-CwfCik3sUhGYBqdzsGF7MFgmXpLks-dhogtGeTucA3EK2HAxPREsTC6DFmrip8m6o3iMD-MApnun1g5zWR1SpAIXawdeHjYIYBqMsdPzKKNyFd5ds6w3ORgZjFeS01z2PBv85EEmQpGQgfKawM2-aBj14tfpBO9scIvCJOuwtY4ii6hxyTlz9D4SZ7AGgYmbVy4MrUft2E84pT_b3ZrKkgvYDKxF3koP36gyWV-bTTdRyO86bddKxSEl8lAn8yDMsX_L4RUpeAu7e9iGi6Yp1jTXu5Ijf7VB6F6vzJeZUpbWVTNglz_j9I0rZFUr3De1JbpD_HEoGyAzuNAVlMO4H4qhFJqoUzw_1GT5MIVigWTPXuNtVC9VPKGbvrLIsm9ILHjZ11AQGiAuBPr4PTrkA7Fbk7-5CEuhEyPab4rgy1ci7gk44gMDEVVudSXXTOeZV4szYeXJAmmsIn2owPnB6rSLzkbI3TstDIPRj9nGgGzfJBZ9dNGzIGFBZUrxeHv8-hDTYPzYs345kZWIPRqaLtOYoqTGx18RYuNBTXh__Y9aRonvguvxlINlZK9kSLec1o1RJyqeUeVpb2aiuTV1qu3bEXkZBeB4l9z9O1EMDZ7rEJW_VVy1mJp4DpllzhLMNJ0Pm8fJfYOFl3dJRM2wVBtHdfP7xy1PvoCaV71rY3j03PUqAY9YSKfkNoBLDiR7qIHuwDzY0LtkRMVoic3ukviPqYpqALQiqf_hxE_sgTN6xsTz1BfcpJm1pL24Iy7&cid=CAASEuRoBwdt0czy51Nst5255Pxu5Q&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Frame ID: C9CB49C246A5BFA1B2CF5822CC22414C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNVWmgG9wUSxU9H8gfDFnDLMMW4B6k5y7-1Fk3PYgvJZ8HWMfAXdCcy7YCie9a0TfdghZssf8uVjDKsfE7UHHSmu1d85S2YfYjjc7mtRMO1MBV8XuJftAsO59g-ekxTzsWKdQVWlhy8VISv5ISbwAFDpMQEYBfnid5QyzQnwaYXnGNr7s-hPPNDqJR5YxzPz2nQxwlIvseVgwUySkArQ7hIvd6pOLMkeR8x66UdElyVJFVbLMqk
Frame ID: A97291E5235A07643D6D97F703878EE0
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS9iBuzVrbzfokEjMif4kS0ZqpO3bZtQyh1Oysx8qGBTDo7l6AH9Z3mx2mqnbCYaXvMNngTQpN5-33-h79QRDy8YV7NEN68CYpSzMXDJXG4lwUVbHpx5DqaHDunToczxt9YYmIsftoamJNBX9Xm-CKx2ukjQ&cry=1&dbm_d=AKAmf-DoN4VqraAL6nfkdU9NFM733p4qaqO3upT_vVeGamMb2HmWdpZEzm5mGm2Riv17Fs1yLZq2CNXeXay0uNEcNQxA7R3_vXlQ65nnpix90JmL441u40oLBScjGBesKAyWOToI0x8Un1X0AVmGgCSlMxpNe5qgB0Z-EcXjLw_wiXLh31aivyL42GqA573IA6b7vo_3llsJ7s5ldq2627TaZNKP-9FiYzkWqVAF_II6VzjYZwaAdRIISc1AbZchb06upLG7uld8t5_sYJCinUlAuCMj45Kx1Pu2W7H8Ep0S2DYNpiX2w9Erm8ZGWMR51_ffz-W-FGIT8z7avSXtgoqUQ3EyHjwn8ZlyvztJ1CjSAH3rcUgc3yOe_9aeagmt5QlVb3chmY8E-EC1lkneGxHMhNuVudQHagafoYSGTSTnhdyZkt-PdxMLoNK4hMjSbswFLg9__W_Zh76OZoZLoLhQ_m4PISGy-eObQeCEiGpqOq7zN1SAr7dYobLITyW0SL281zA60sh4ZnFpZedr3XsYZtS6pEWPwLZbao5rei8Wcval2HVcyW7Mtw8bLhapYuRHOY3SeuQ_ifi1HZU394abJ8MOy-hweEU71WP_NSp96HjHC_7OrdET90mlvbWwy7vEe0ehfzQlWDJOShI4ruIYMLuixPUxoqom9HRczyK00CU1XT0GBfwn3C3s4HBuIRjYDpufptdJGrCcamWl27jGZ3F8ybdWMUlZjqt0HAiHSOhjO2-BgIhArPFnIvj8E5a4wNXr0MMyrxbq9gASD4D12r9517mjWO5ltUvJVip61ecRK_Upn2hSK7ArsNbbSN0k2KxqyTrcwAI1gFcxtyavLHYkAWCPvDNq2o2ivSYRW17d9sacsWxvYqB_0ILynkmLcKKOuuxlpmFpql-FFDyocOjLvkAP0jocAMLStZlWlgZ1nmKm2uyujgBSKWkW8w47QfU0X7F8Tfj105jrymFBg-aPtuDu_hi0KqylDyVrvalFFAnqco3H9vsEi6MeOEGFFPRCbCxziBUDgKQpK7n4aA9UgMhVu75eDVoQvzE_Eu5Uo9XAaDQ7N-dWn6TXczTPFMH1faCYVFbROcPwzTvgECJSZaBm1bPca8kIsvHdHO_0xSWXiIBUZUwXZ2ScUYnDlHGnyhEEmiukL1wj64SfT7RE49k17A8uqdiqYifxeLAOYnQpiO0hZ2xpxMdx9cKDesHrFLVw9bRIEhd2IIo7IQGrqiUjKqHpI4xJLMypZ18D7Ra9yT4tM0VeWay03ershxeLXv__ns66EUry2HhetvrYXHxBrG7kBtx-6mZ923Sq1E3Dz7rS-NDiRrWXTGd5Kzul6MnmuffbFvdXu-CEFaM2z2lsV26h8FgVoAADmRnGYujbQiAk4d_-I2t22og06aCZtR127QTM_yM1MP-n3bg59YzR2XrF-lgsnyb608h6RhyJWtUNpOcj9RDEYTN0Z33gCvAicxQm6nvweJt8CYLFTU26dm4YA1M3mj6H30fFLOWzXYi2MG7BwEAyqwl7CHA9hTZB02CstJze7M9ITitNHrTT2HAJvfYNYHBSr5jXHzFDKVuABlBCCKfi3lfOkYoKgxRnfDxH9dTkdussXcxDYX9vbVAmUjdRd0uIe3AfPN59sX1A0O0EOxaPsBwm8_E2xOUSmXbfuk7dGK1z1foRYD9RPTBHnQHP_279jdehlTXpBPNJ-sUZRtS5zQTlduDmsgadz7x1GGp2a-6IaTeqd-f2Bmiv6zgsbEmKjxfgDcAyg7og0X0ZrVZSqFLbbS_KaltmkaHxH0dK-94vBfpnUaNquT5Qph1G7-duh5-fV9Sv30nrUKr_zCjbxmf_jOWXIo_vItsn9y1LJBVkgaYmBAK25P0zT0ZTs2Si8MFgW8rSc9rITcBweiM0cd6jrbFOYsx9npHI-nSYc4Rtl5CFF70oYAKKqxqozmQyvsE3stpBHqrGMOq19XDmnLKssCJAEKTdfqbeSVuFKBaJraC5deA4HQ8eOZvTXuHGUBjn3y65y2ucy2VmlHFEmGXzbeOx35E4qJFY9rJfcR-8Eye7AO2fa6elcC-8J2Qsg_bBFhiahQs4vJLdew11AI1tqxzHiKzAVNo-SMBCUCBcsMLxNor1OX-S_r2Id-hu1DsJG-Ms1-Jj3NB1ZD1gwHqLYQwBivISxG0acUReMixOvqhuBCtybHf816oy0mm4oqKjlpdEO5DzBOWzDRyn25fB6OIzncV2UXTynRfhsZcsRch713bM2x5BktCIaKuwRbKDpJD6_cjjRXQfsS0nIjOMF2TWpNfDewzFMIsc7Gtr93SFaa_8QO_s0g7F54rs3zTGuj1uYwSK1Lrg8r5UQU5WGMTkc7QXRavw4_S8E5_nX5wolxNBZi-zKHNXvmytPv328wHDCffTRu9CfZXlmbWs0dTIVSkJCHWTkqZwWxBnW2Vpig9N_15uTU2bcmuYJvyZLVbEPPe7Kklt3M-xJilLV1wcXn7cjKeig485NFkAm58QyhVEMt5YBvl0IR0iKYwA0V4mWddza2cE5Qmo5uwUU7lwNV7PkQSsZat4Ynmhwdr__luUoEdqQdKeQ-CAx8uo6PpB1wtrKVB9MGPnOP-9Ycn2-wK0OhJxVpDYqManBAbBpZxbDn-FQkfmMJL8IO-q-IoN-J01SJcnt4MEKMT2si_F4nF5-w-YjeKzFeB6jzA55MNOy6fwl2RpURSC4BdT68533U9Zdy5oAhi_OnnYvz3nw5qjJeSaYqi6aNTodn65xo2lyxk41vBqCxgasewTMKiShBB6-5AuX8YJ_5LTzVFtxaN5uds3BCRFhRC43wjJlu4i6l0JpHR0oLJXUV9oAd1a1iEYRqk3RxROB3QoB9R2pyEnxba0Q51oTyYf79GV568l4CUSuJs9N0QuVI8gO8v3StoTVJvSWuNqmygExv4EcC07hs6CzN_vaeGmBZrFo-ytmuuKnZLb_GiXfM1xxLKJFFPIbSdKay_oYNSKyV39ZL26Lw1KtBOJ9os8_MqNeaPclmdRxa5WjPSu_9G2sAuEoHDUTNFGsRZ-kdrwsh11LUAjh_iu_Cc4EEsWu0zCGqFLZ2VhfrUrtzNkvxxjE74fYWIDIELrkXuLxrLTb0OV6Z_zIC0v7yoJTgFY6tx7BDZLPb68Ywh9qFJNfods_KJWgsTLUgAQDSjon90dptYWt_Ntktn_1_jDrevo1kg9MSLI_sCqArthuwQBijrWywASKb_Froe1tJ5i9jEYpPgiGc2k89272pPGi45iIIFnzkTs9Wq5whiEF8aE0zp5AlP9AYPdYXP9-3WPqPWILuzZnT74vBJ_2IRUQdIhHIzOK2sKuxfrEUcIm5TQxvbizq6ttPDVBrGH6BW0bb_Oo6cozCq24HUjXp-1o3L_OkXdWmU87jLg0TcW4gFwsiD8qbF5C5GqHkEBvkKyowoLHGzp9OphxZNFsyFz351VSnh6dzxDvoazP_b9MS2wzYxyYHEEjii_Ku7R5bYNnnqiU7D6ZW04S_xtbKqUXcFY9l6pFJrdpfpJSQcknOYbfqj2YS95oDGBJUFXKTa4CJfOQiU7WcUU&cid=CAASEuRoozhViTK_406WaVTpfQBoxw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Frame ID: 7EC39D3658EA56B778FEB7AF1FA42EB1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNV9Q7TN-Is6GkKSbbziWKYXV0TSzkk1i5fml6DLE9NZylOzS78cE5sptxrz3aLiRFtkVhGDaELwHLk-fdssyIfImoKEfpgfVaN8R1A4CaB0cotSnQx5tzwTqNx3uPmX3AZQPOFFMdvgNWxvxyuM9NQ693tzb4xbUiKiB8Yt4S0hYjzzmCMztNHlqRi1ZkYDzN4N1_LVFxd4fyMvG56olx2Kypy2MNm4w8TbomPq4-FC6NgSxUw
Frame ID: ED9E3D91B79102FB337D837BE1842C4C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJcd1y8FdSnkRIqKLOCKIGAOAxUeQGWfKlFi5qt951zSpALZFuvxmASw_153LEE6aBhd1bEJ3QkS9GeSfGdy5mcZcOevbOEagE-VuI-Drw0Nlde28ubLjee8M4wY6fmXeUSsU5eLzaQGKyQL1ZgqlpI3epBA&cry=1&dbm_d=AKAmf-AukYCwGG7jFwY90_NwAlDIYdpBEga2YbY29U3jbuFkdmGuq7vu2F1LNBdxxiVTVgSz5HouEQpLjev_kHBUuOcblKpRPkkB5OPi_FTSIL1Q5sLtWkN8nYgUwKjskNDNzYhJaLX1XrwN1MZQyeDynxuUtVYLoeAWn7EclSEw0pbaiNpK5dMRuaMNERvqvoN5KWYCsmMngaRFv-_RfM_GBaFx5yNIDwJM7WCfjRhFL5z29Xh8wsiWfZENCdNSoQefudxIm-P8AqAEPULAbrLGg9lLOfFbJ5AM_rJ2YRVrObRTlnn-8yeiQ7CjpO_hRmgRFxPuneact7SiUfwniTBIh0lZVG0_df_WIb0Gikp1KkU4PZcYMd01AC0y_D8PT_63qv4Fgd1gBCzXNGgkHYG1mu8mKIprMC675Ka-blxDrbJMO1WJlY7CwRt_opZK5nvgfRQk1nle9haY8KllY0jDNDolhUM3D0Joe1wKT-W4NTCagj8rz4LG2nXRDOMZ4SwpgNO_O8B4pq-DYiefQn9sXeX2jJ5ne5nW3R4XfTHZHDpLwzsrr4zrtPcJJpb2YBUOS4C6BiGCI3O8ij0mfcb18MJN6F5zJmUpq0ToXR0yY_3REiL085cp8HI1RMm1Ci4cX77I5mY8NKREvxrrRKWNIkPPhrSbiAgvj4jIoyZM0Q3OSQ5TpK-yPMlS_vUPSItZjFkgPYkh9vNMSX8hBFbzq81ilIolNIZt16eAHnIBHwu-TY9nr1ljjEgdLpdnnk6XHJ6UzjLgksyqDJYlzGAQUN1g6zuxE5Ms8PHC6clJQfa3TvlXUaw-7Uc_e2CWcD6kUjF1ck1cEjamLKKd5aFrkMJSIWx9TVR8jrq7fgvo2zIhlg3nuV_5pB-BikcTZc_6g2315T5NlX-yo0LYJKD2LRHc2wFDmTzDdnBJBmZzYQoaIi7MuBpxQIGJzE_Eevlp53s6Rzq3pWQWtsWxrW0mxLjUXvst6s8v-KU3LVJIFpx2y5YQtapwx-wJ5BMLkg306Ojj2Z6pf4q8xVM2uhqR0mgQOIdpQ_Y5YGHlHyo-QblS4PlEh6OoRiQ8l4Nqcy31DGJlLEv9TmNe5m9HyEH5xnwSH83JHqoD61yfGgX9LbvtT8wymqwtaFvJJe4FC6AeKD4GsjNMBn79zsYmL-vgDHsBqHHQ2IrxLZHYSKlVqKzrgQArfrcsWlL0uELZ0frHwL-8UnbNPfdugUHqMV6GATSfh_-P-WQ-FS1E8IWH0QJy0xpfldMFb7rxIVkcv4VHydEAS19ueMPcS7GvmHIoQLOkIiGt1gPl9p1HpvvpR71JHyHFmNcXshelHBDtHPh7uKqebCqxYz9hH18COjZsI2JRjnCJ0vvhc_4msXVmYxNTI4SUis12zO95IoYXJ_U7d3GRrUU-zf6OZ1wpJPJS8cO25VJCnJwNsC8pg_mb7OBnwiyq5Oo4B5z3bL9U3DmfoHksBeW8fKfuYGGPUKkTcXTNfQzX4FxQ-xQGTn7Kti1795H6UxDBYOXi6AbFVUts-lZ8JS2sJitlDII9qi71xw2SKK11lrhVfGMUmzORJftp4yvgIopdyu0eaTq-CME6jPmJx1Xa69adZ8Dy9930qiYNQ4GVRhEm9xKHgxF5pjwP4YwoLLNahhPGYrVlSoodlb_QPj73JCXfCA9U2NFBHNiwHLWH-KAQrX7bH3gVtwImqpi6X6aoAECPAgCoWKKWJE76B9nXmQceX5n7I2v4JjvW5pn7MxpIfdEEJXSBa-o3skwJt54oHXV7cr75rduhhppRUknPMn66gvy_FWjntM9CgEPIxqjspGGBHbuziJT2uH4kd5yWWwTwERS7nVXJUkwBWsG0zcfLu1BnAe58RYNDJ8gXRct_4H3ppG8h95_zhksQBayVkJ4q7hj0-S7HmIsl9yT00mOtJQrdACr_T6RVIKh72ksbmX_GuYPE2GXsiBD_q0hKgdkauChG1IJ2Nj8Bn-Tlr4mWqwyrFn0qrq13Eat3W59Fq3SU-SvgnAPq5jzSQhyWsxJrDptHzaOZMLRixUXJXUYLgLnsUo09XML-foLQrZ8mGXPrdOJ6dDMlR5_ncimUEtB2L4EWUACyEjtsxkRziYfRK8KoLegQ0P346Tc4Tai9M2Gry1otPxIymKauwK_SAPPK1ZbhQttOyxv6GtKCF1zSkOt1fhtVv0ry3vl1u01tf14GMGq8ujPlWQfNZ3FhRIkmbUemP3wOPBNR_xkMiYWvB6jNQwctHIAvkzAqLuPyqfC5Iy7PLO1eAlqh2ltIKzM5O9lHrD_sWp4xDhMH9gBpaRsQrLXD6646qCxhaXJ2m9ULAsdJ5Jc_93jvzWgiL8y_hkpimoLsUQDdFrvdEx1H7lCOSuHVHsoIfMVmWNQTr_IEgzpmCfO2rKmPN6UqM0QNpDhkzas4bgvWt-Fda2o8WLoP2dFUC04AzsnpDGhi7tuA7AUwhVez91vOFS2wrs-rEQm3eMNN4ksn2hjK046G04QCQwN9TP9Ejflf65tTibUm58AqMEoaXvkiRukxxZsmDoeLw-Sj0DUob3BSh_BJ0gijGA9ZFoxfPeoJOjMdoEaPrb2rt1HanrCpPUVDzLoyB9Y_JaO6jJD195fkUaJiE90nusMd1uC5LH-j_HGVaTC1_7Jb66rOZPC13wiooIoWn5MskK3bW-bpwZnTw-lKADO8wUpftPIZyVcXkeYqRSPeMiZOKwliBJbU4OFkXOf_KyfyPefOypF6tO-FSMsBiq4ejkk1BfYmgrd2A9soWq9XoYnnY_WHztEg3zVioQyKB4QD2rvHAtdxLp8BQv43PDLhNDhsU3oABLH_l6OpbGpezkx5Hsl_6Hxe-dZIuv_mLMiFx7ZWUH3grEC7fTKWMkBKloaxcfz4gbCeZis6sAkIbsV8saLGRVbadFeuw5zmx3V_pmGZJi47211yGmR4Q2OYwFln5jp47Q9nazE-L7ezADL7uTamdD1kkzcwTw_u2jCyJuQjRqzbbjqnty9aT7aOnKTyBTW2A-5G_N3cn_Ct14gWG2oUkghRoJqWjrHAf-agRyFtJAmbbhE-hRfvw3nROihL8f0D0S7fACl5xuX4H7W-DDKK8QNWnGZDbR-oC8KGFxJTiM-Hz5sE2OmiMFQr6TY5Ntqa2DTe5rAk6rcgaI2UJBRowhFK27qKjNa_g16Psofg_CAMJCYSq1if3vxazvTxS7I2BVDK_W5ruY6kT_1S5nucQJn8rZAG-Xnpj2BqeBrfMPLi72QcJJRSXfYJCzSL1q9mWvBaCk2OfQIZ8RpOaHhISTSIM6V2f-FRZRRoXmduDrOleDYaStfWnfDcHk_ViR6zSqvQHaoBBGZcLqwx3ZJa8LU7MssnGHZsclxsg9dJVNEgQAjeVVWj8o4oMA68_ihp5H5dupkehJz1POCcuqHGpBpyjUJUr1H2pKw3ZDGInwD1plT6kvf35RRXMZWH1lpLQkhiZOnZ_badLMTQcKuBsutNfcYb4ngTHqBHZjkQuwFTK733V5bws7Y5ZIVTUBqyhpR4F3VMvMYbO1xvYjjFKXqUfo1gw1e5KScCBLMgIecAwaZ5&cid=CAASEuRorwi5tWrtfHuFPId9bt8Ydw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Frame ID: 1E5CB5501FC5520B7F5B8BBBC6880B22
Requests: 13 HTTP requests in this frame

Frame: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Frame ID: BBE69DC4C76533A7605BA3C9FACD234E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNXPNtqKpw9KlM9G-oapKF48Wq3II3AvuDGeXFQPrMWV2jutnr_2GPP4-PZQWOePkSS19rZm7HefZDxER8ydWLj9QtRrQ84VOTFaRgOVG1837-Bc-bZg0447Q4NtyCx9mfnrDu30svDYsECnGz_Y9O_MVSfq89AQqm3nGKYW5dQNoZZIu_WF68S3qW7JsULTsiqf5mEYYP57LgfqKKLYdRYKSLbyh6cbrX6RsIhxwcwtIiV1mbY
Frame ID: A37CC1E14940DD3CB36CB28555DEE778
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BigT5iFZGsa9g7LSwmlIlijJZsgbpsphIyXc5StjMuJeRqh5hvu4cI429VXMIy8SoYK5p8Ko1u8akOPzwq-dkkq9oIhnEfVB8pav_addqNcv_DxWPrUX8TPeeSyZXupjVG0pxOwG8LUpN8XKzQc8HCqUlxfw&cry=1&dbm_d=AKAmf-AsmF72j41H_swg9y36ef_xwudh950mdd3uTePPogN2oHVzjNd7zITaxiOSDwKYga-yKj3XoQw5njvpb7NfCmSKsgzk0Z6kB4pybPrGo_r2WTgK6cqSoEvB14Ed93nnLDhrSwgBBpO2mpxJNGmMQrH-c2hzNf4cFNK7FPOr06jhFt538986f6XAQ5CuGQqLadzD6TqPY70Bzi9Be3AiKw0oPS3O4ResNRCAGF1ZbsU8Pr-nsDBe98rL36w35RibagG6M9zk0jCsaBzFitCqQIsk-p67_kSlXtM_Zv3YLxz5j1M5Jt4dTJ1LuYGE4pYdSEV2EhiC_8sqc_inwyWGwB9bGf5MUyw2JwwNrI9dGZ7ToKNgZj62G50Bq0Tp9T12IaTNQirLoi7bul7jpoHFQ15q67IEwDa5xz7_5cNCc0ZKUNti0tomAKKtvkUG83L6njuzbLJAAaTAWIjeSvPjJCLcTZNLX462tTCW-4zkQMz81iS-GP7fvgkC3qbOpVbXNhcyyldKFtyqAFwuKgeoku7uW5OKlR2ibzLH_Zn3C8vj5iVAv9XQf2t_B8nRg2lASGYIQ0iY3PIFLC9IMQwfdKXfStjdqYX0cvIpnilEOKymEDC1L9_M-79ORzpI9QRU_nvRAgotFvhvK51goLJJFu9V6oHubexvBajIrY6O3LETOTKhC4zMxtkELNedsWzx8Hq0wxhbfVOZyiXgeXcZTMKj4niijY8bTizSo8k0roWyUJuShJEQYhhsgpfsuPZSBXHV12j-SDlZggKb66wAlOZNKaC1LnXMdTPxY8K8G9D8NGFGHrFP062lcuLX8pRnVJIHkD1mKLjMZSOngoh9l7C1B_VKgdDe8BB3YCe5rCp6upJ-5Cd_wUedfQ0aJICDt53lf7cZY6W7Ba57MHt9IfjEfRVAlvAgFUSG44F6m4Bk9sfRga091pXK0FbXDr4wYWbOB3sdsg1g8xPLfV-sUYlJhcOy3V1HdPH4DwzaBTgzqDzmiokLBLGdqk9APnFwQ-_pQOIl3fCXAA2KFsSK_IwEP94S26vMXjTsZF0KLX-hgVh81T4wtYCNBATRm0vkDZSDxResTnlaEoSxzyDHvwU0HVybKochPnf7y3IfqcjWVrTKdTBRZL_xqKiW4-1eMUvdJFtie3XxvnUJ27RsZw4-uzmIko4d4WD0YCvRyQn4wMgLaIrlCxFBZOO41Gy0Jzt8QK_GarmIH239ps_JE8qtunUruu-IsL6BuxmMaiS0xzgV6k_nSsNJicuIBclGDWjxid8AjksYxkeDNVO-7r_W1_rINStm_rE1GUQOmYkLUkXONjk1uto2C8-XxJWP75FJxm6QNwVWXgdWeoqjv43GGqQ16LFa7tVwP-QE79ioQCjmuGs3ApX0PTvN0EJBn2Ic39JZcd1374mkoTpxE7ampQzeZcK7Y-ZM_d6rk5RAZ0npemZUJlQwmONJjF028e_fP49uMwu8QSv-fUuaSHpq7VWkuuIVelpE00ItN1QlMj116dOO19to7rREZFIwKeFhNn_zivSywhASwPTdvEQbxiSjiXxI_CAgxyozC3Z_CQR-QqTp6BmvlPJARCS6bSbhD90dRminrf9krJteb4nYvKfR_7cag-g2WZKWiJUqkoRxVxOKwMH0Zl9rL9jNNrJlMXzKu-SF59LDtr4qGRouJCFcZcC-61OVf-XIoAHU5qKlGW7FJO-lUV9BylYftP4drlIBK-IC7JgxYi_pH3LZp4mtzSkHu0zEMA6owRK53T5Go_X3RQiQRWrTYThO6K6ZzO9Q0Ynx89r99Qq4TA36Lx9s2prCdob6HB3Fac4UhdcInghFBzLzpPMirodqi4-zby-w8e-ugiRjRCpw4o7ds4GEmYSV58XAstc-mHCqmSJ6ZW85X-u4iaM-J9y1U7coqHjW8Yuy4HJ3rxDdIUpzfx0j1CjOPowbbt4lTbsVmyu-HMQIi4KskAX1sMHr0VTkL4vZ01oyHr55a6AbEXmPqm0SzAfSEajrWWekMxiWe9xohznhEFVE_B-W488VwwWghVc0DtiITmGnhdo6KURdbUUJeAATeRuJAl7zJyNEU7mhjUBkJUY0tmS94R6NtGq3q-cGwMT4B2u0RriHaSFToWShCPeF2Dq3AecCeTG72atg2tpVwSzOnxe6oezua4ZC6FV8W7_NVtb6QtDM2JgiyEVxxZPcjV8ixZN1S-zBAMl8aPVXcWGrEJvkxfFDuKkmNsHLoSqnch9bsiCNCQnkwt2-u-67SgIAsZnLcY8DBabVSZlS6-CdIiMALleQNZoxHp8mpbWafY8q7AgKQuA3BIAUX8OwLWfng4aOQpF1AdRjOagvKuWMPCxWSAgIfWw3jy27lW98NogusShfjeNLzii6IiE_Q4tjCom8FeBkKPa-S06XQ4hPc56C1cN-r9hLkwjFQxuapMtjzsYWjTYIfXJy1NHcEldRPE26deHYZeYKPnop2-Uar5fEhgpS2nGp5hPBnNPmoRNnxizod1ID92uSnywYt522xKMIG5synBqzpLQZVNLB387rSvAP5GuJFjxEn79YMiIuBUqLu5tOvnIW8Z8XJo3TVGhyhxZ6Gt_KzrKPc4RX4_uhUUYEPL3h0wWV7KvIVMGf7Cb2EeocacKjeSW9ZIK9K7oLRxbbqwD2ZEZ-XfIsu02pHkx_BVM-dgUFCE2cNtLAKmWfXfxwP1x-v0p3DAWppI5HnijPECrlSfow8NG0LwnVFZ8zpPrOAN7BJ4JRshOtpKZ1_wVw8UKXy5xiHcOHXPuRDOn-2gR3jm0Py6_P9Z_IgOwySSRVSEnpL46gcnmf2HNvqIIsHDZDteIy1jEvX6Jcp-uMfJctVicInpCyFLm86cRwtgF8fzmmhEoM_WqAMbCYP2xS93JVXRwaZQ-L6DT1BN0wMVUsqd4zZFFM7Q5pgam5OzgLYoh0cMG1qTRFmI7WI2ctrD2K3B_dfz4RxF6-gcPMTw4MlCNpZfUBCYjomSJ27d1qIuxonxVyHaBXNUTXPBIG700Nel6QHjsWQC1_b6LlGB6TYkeWusvIfUuF8tafIouZTrh1T7oBwFEj3HJ6c8bUE627OmFl7_Aq4iFZwua1u9dD8Qv3E0u4QeSy3CdmSP-RIQbBQ6WbFh9Ur4-1rnd1mESNuXA9NTd4JEXZafdrQl_qv7DDQWl4d7m-v58d_aXB3awPsmWBpuwBWNie_9juWEACjwZ2sZZJyQxNvlqf_D9_iMhEDbubpYeIiqBd_y4haNhhalbYLvXiz87kc9c7-95K_3t73ffQmizZZrx81d5HO83lUt__bTcGBNccEckz1Gq5A9eo3SOvosZzdM58L7QMPmFOgGelOD-g9ss1Mc1nNQVttlikJW6l5TfciFcD4sJs9Uuw5kKqXwE6Fvciopy6_h1X-RnyOEL03b9pLJAbpKC4byMilzLQk1XIj5JXVmHA0zo8-JyS9V-8SQBGcErO5qQ76r-6YY0bKZIEr7ok47DssR4uZLI4zt56gXAi98lhXO308RhJmRjh-s3In7NcNMsglJVrDzNH7oLMgraKnm2V22JGfwDMwLaTk9_EtbuUYP08XhXfX3Kckd8WIf_7mw&cid=CAASEuRovBn0sQFodZ9IPj2XvDeLIw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Frame ID: 062287E3904E0207485AC483F5982BC7
Requests: 13 HTTP requests in this frame

Frame: https://pr.ybp.yahoo.com/ab/secure/true/crid/2MuZrH47BBFZFv0MfqY8Gnyy6FJPvY58/imp/fDYgHlzGVVgrrSGJjto0EN4ZpStYmvbjHoRNRzKIyQgJ5n4x0G80dQnaxJqwIbnfdkX9doZXbnARg6eW7Gjm7WxluQx69WmLd0qRbhnMEay3Mt7mPXAN3GQbefU-KaXIL0TDSRPfoRpjFneTkDuaWeOQxWwsbrIXAktJf9ZFaFkMOIA-f86kTKJf4uD7Q4GVb7IC8BAPbANnJKBYbZi1brfZm_nmSEAuqKhBDuZDaReQmRDCFrRMDLUT7VGGJIS2e1SEqyK_NpmxF6zyrTXnWlrtwDX_-3wsOP7S2FWxb2Y9pOjCvNGJ4SPurzwzM3v1Xywjz9y6RbKGXHKM0eG30YRSGxWdLfCEaGGuMlK5haHvJd4ieCKqTfEDd2_m56VGrgeyY724NHm8tC6vIgDJj3J4GyBfwiC1e355iguXWQPRAgYYEPjM077P66QToHBP3Gn9oIf98vSrT-C9ZMjg9qnuSOdhbexEfGTd0FNHMkcM9CeXsctFuxub8iTnOMMOpcEIlubYVUpsDiWPCiSg0M8fJyAs_4YAWg1V797AYXePvEw2HvBaiDmXgQsT2ndPSvdBtRoCDI45YFIKr7WPVTJrTNLyARhHE06dUH5fF4vMwnWOmAg-9iK84loHBYh6x15Lu09wik9zxilXiEuSTuh9kpLh3q8WEIwIXo8XQgN5V7hbLDLjJ4oaIcPOo41u7IofNPh960buCFe4Mf0HbsQagwytNMhDTZN_5gycJBA_f9j8UoN720YA_17ofnl4tLlfeE_vklbkZtT0Uw_dZ5WVBzdhCMYeJfsYVLaS41AmXxi34jd4mzEMeJY8IPE-QfitmK8okqw7cXrXfiTRyXwfmaASJpQTgI4Ke9esmDNK2GrS8dmYycxNNwopFd-wf_wpIroIE1i_oI4WU1rMVIBit2xtgZ_NojYT2ZsCPXIj1ccWbKlHxpt6e93_QBU86HZLMkkCOat09an7ucv6qic58Sh9UdYCA4xGB31uj4zjJRHNpX0y_c5s7NuwyY1HJhnDfA2rnOYDxpzuTFk3A425GpwcP0tsfvmbsfTQz9zB8A_r4U9Nt-PlVIj_Jl7VpnwoS_XKrOnAptUJZCp4LMuf6cqqAw4_bJoP02Lz8V5knh5_Sj_tKhFT0tzrIVvUMNjA922vhcWI9dD_PcQXM6i4G4tqwDswMXeILLnQN270-WoSqsvRFbFm8eo6BFNu18l45f7w4S-ZQcMs4te8la0aSreLur0UwtjZb_V3E2BfmaDR3crrugEeUFsvFCIYeGqBB1mippsinEi6xzKp06X7Xz_2Si7ZV7WccUK384W2jBTu-rbdidL6JlriUDXT__VZ3HV9Ai3N-u0YTBKxOuwWOU1AFcxO9eJVQU_wX_5HkfsJD7YeH-O2SDqOTMeYFvcY7TTJQyDhUaTF0jrLjD_ZLaz6YtGvzlSVOJJsTWms63ohVHL2ag/wp/0.000659
Frame ID: 2A33EBD633A8E6FF2C833EBA3C461855
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 2D8135E89F22A97CA462ECCF9024E4A3
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNViFhXkfWOTXJKkDt2-taQZX-1c5OZ3rG5Pzn7cJEzly_HmkfFOP0nvkdvgJImbiZFTL1cLaReokjjU9nBMhbevRStUSZ1wR5tHUNerSVqJzUHMF_sByUKAS1glSsKmq5mrlTJw7q5TK5rOxK8bXuNpxXCek0x1amTHQGsmdGbRuCFQjyzlr64W_i4fQ2m7FyLGnr-dJ_jxJ9RYMQPREdfZIqq3Xs0G-QrvzWjhyjd15xcL6Zg
Frame ID: 89480DFC3D4475B0686C0BE82DC71FBF
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 44390F85C039F64345BDCAAAFD888F0E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7CB44D109D4190CD25D13C18F83A92F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 354089C15F80A4EACBC0C8DDF12B37A0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNW62boOjwlAWk4Hb6Ai56hdzKgYlvwNdzlfwEu9JfoKBV9m1iwodsPkBnFZiWvG9X132QNnYwIIGBD_yaGGiWjt8X7cGapzZmEVSHviexOiE49totPLcOOVOwOlUL4niJet1JoJ-wVGN2PMTiGATBE70jtriXzGcv3diZIzsPCsULxfhxAyr4wCO16XmEnnet3i85kRX5Gqo_9lg3PMxfRmWGzYO6wtt83uRkK5Kx8INa8eEqY
Frame ID: 725A034BD646A0489134500127E51B95
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNWfFJ5_WSc2kzxqBK8j9gdWfsP67UPSPxFDPtHjMPqCGuQY2ra1C-IXL4tf68D9gDiGjh-0XNOiKncktFIlsvtDzS-rkUrCJNGWw12BASA-_8XUC1zJV6b7EY-E4oL_uynNJYfIs6sQw9xj_Nmx8p0c_1rdDwbgUnja0o8cRvzN-MtoAEY
Frame ID: 96BF0589D065F61C499C198DA5F32BD0
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Frame ID: 609CC315F900E59C598BB4678DF5F9E0
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Frame ID: 54A1601EDD03277AC93FA60CB5EC7785
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Frame ID: C40C1916C3193829F79B4A7A51C1BB55
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Frame ID: 992FD5BA6347E3E622D5DB5B0AA6DE09
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Frame ID: E9757FAB1D872CC76DAAF2C6BAA280F0
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 11405C7173FAD9775A20952C4094BFEE
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 347814C1334C8CAD75A925BB30308154
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: CF342250BACE2ADADAFB61E526492393
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Frame ID: 1A4A8926CBE01C600D777BB70189DF57
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 6AF7722804F860100807468277220D58
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Frame ID: A8D2BABDF899BD907F32F76D9077AA1E
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: D9693F43DCE1624CE227A267C154B2F3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Frame ID: 89034F34D536A8B02A423177F214F49B
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: AF9259DB2F7BA4FD57FC8D0A5B615E81
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Frame ID: CC72B8EC2DABF89F1B91B3B3FA11E43A
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 5D9E583DD59B4CD107A9F759A4C0C9F6
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: B6A80277F01DC6C4F347F4DB23A4BF78
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Frame ID: D2DABCED2A3CDF5258465FFA28C27C5A
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 7BEC6CA06DD373423CAA2B3BD7FB95FB
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: E8F423E620D97BBAC47E8A3BD222C613
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Frame ID: 786D348F951E73CCBEB65ADC0252E753
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: C98603DBFF5BC2D515B34DA552C61B59
Requests: 3 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=67452400152568000951425011962008&a=4db25b0d
Frame ID: 93CCC77272172391D7735F4C06B1E6EE
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: D524491A5CDAFE26D263B2E4C1013352
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Frame ID: B163FE497E92A290FA9173FC9AB0A162
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FCAC847A17E44A18ADDB198E3BFDA471
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 401F31426446965E585412F658918436
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4DC0866FDB60AF2C135D36450A937D2E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 748A81885691B49E620ED176D3999DDD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 778D9205D8818DF3FC34D723A7CD3BE2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6EE232BBBA94C31117F3D2DFF422D52B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 44D395F07E64E52E17039B32613EBD73
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1285717D51910FB5766C7F4BC3703807
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AAD11D9EC1EA4BDCA659F3AEFB63D9F1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Frame ID: 906034E2F188538B38BDF097D672B327
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 34CE7B11C218BD27C78F3EA9373854F5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 56E9FDE28A248D55A54E7F8337B88D57
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: C828D50631CAF8986A265CF6AFC0CE9E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 894891982231B395291E142EE4C9C805
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5721E85F1E740931397E8AB72D91856F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BC5D8187403D54DAE9B4CB0341F467D3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DE26DDEC812599B855DAD139AE3E80A8
Requests: 3 HTTP requests in this frame

Frame: blob://https://mediawoot.com/01c1e650-14b2-4e9c-9997-79ad2f77b910
Frame ID: 1CB74F3015CE53CCDFCF7A8F58C270BD
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 7325B3E64166A914CE3230507ADEB8DC
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: DB126349B250158804EEA51C47CF0A21
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: CB2E9397D7F2A6A37304988D2A637BF4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EE210E2068F725BC0419F2F5D0DD6ECC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 16B9081DB4373632BB1CBA1EC3491962
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AA8C69340994BE4D6B4A7ACCDFDE2472
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 9F8E4DB0D8534A6F33BBF00381CA42E3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0EF4538FFBF82EF3C78124A09211A1DC
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 95941A594D6D0F80B29466B86EC57E46
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: FB3C1CA5C93A7B28AAA5AF38AA13A876
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AD9A9E3B8AC4FAA7C24693B9B54C5421
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8597CE0D6B0F4F7FE88C2036A6B2AE95
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BB133999033695D430A91D3375A90CDF
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A82E7E19F6BBC53B8795415248AB109C
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8EEB57A415A564D8CFBE78E55B4C5976
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 3C84392900B334376186F3D16C2286BF
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4FA6A12CF41FDF382225493DCD89860B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F5CABF65CC03755516D47F9B864B7289
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 81A88C432F6275345F4E200FBA7EFA3E
Requests: 10 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: D08F18DF6E1F216B6DF80D16CBC40DE4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 313D4FC956873AF84171A29C251F7BD8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3DDEAA9B43F60C7DBFBBD073ABFC3B7A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 376F94BF46FF8E1E72C12BA9718DCCF3
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 299D73A18237C3FA1EA9274CF357E58E
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1B97429634352235B578A335C2880D55
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BABB2F7878194C7F12BEBF76AEEE2C26
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3204D03D27C36AAB276EEA291DAB3077
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 183905B941FB147F5751B48D5F08FE86
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1A4744B22DA61F9E1D17454EFE14500C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 907BC27CB0B014748ED777658BDCBB00
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 59A9B2716A51FFFF79FD0E9FF9259A42
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DB62AA74DAC7C455DD10CE5E980CDDB1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A0275FB8CA4326E3F75C6A1ABE4B01E7
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4CF05FC72023B68819110BED44226230
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 46A54C33472994445834390849CAF4AE
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 7C1C2A73BC390C32D4CA0E14D57D1826
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A62185926698FC21B3D722E88A477BAC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7A96255891A14ECC82116FBF66EBB2D0
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: CC44D2100CFF9DC1BD39A036EEB53CE0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 92B224CC8DAE5FC5BB318E4A208B6D4D
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 95BFF82641E1416D1086073C13BF6536
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0FEFF847D5C0DE1324B3D2A02736613E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7DDB5563166B47FA7288521530D8AFA0
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C30E93DC8E29094820B794FDE40C341F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 237673BA3DEA008A2807FAE661F328E7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BC497ADD99839FE9B828E6589E1E881D
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F2DDC502C7E2D6613F4C5D993B7F0590
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 93A9D26D447F6E6A396C3BE2AB9FE21E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B3D3BF50F084ACF040AF5E7629FDA7BE
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 056DA3E6E3381FA86E57DEE088E74CD3
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0DE78B55F17B9F1135C5A79EA38ABBA7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E4ADF21CCEEC0414F818ABDEA933C688
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: F308D739778E01ACB1248F2C1563807A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 818EA660D31D3EC4D4A1337D02CFA7CE
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 95E09763D8B7E52A7BB312B3C6C49CC6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CDDB7AC84CBB85D1AF8C7579D362AE5B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A048A2212544161202C1AD6396EC0009
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 512CD7062A523C9763BE5292218298C7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 823F0C3DE3EBEA3C9C8AB6AEEBA68E08
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: B604F877AF52BA1118D51AF0926EF56B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E542D874BA4FD6DED226DDC774048DA0
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: AD4D182E59392B1E4521873D6EBAE9F9
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1B2ADCB102727A3188589486D4874D2C
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 5A532F143337BDC1987BD1EBBA69BF0B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0876F89D6570D1441FCA03970FE8F4A9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 43800C2A0967084E1F8F54D91FB5115D
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 83F7D1EE3EDF0D1F56D675B0613C2EA7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7141806469D08541B47E753941C5AAEC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C6B0F22A4850C310C2F14FB8FC2F7608
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 491D859494DBF73208679E6A5CC0A355
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: DDE1C7F48B7498243A2FDC83C9195EBC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 96242F9E7DDE23B0F69865C8B80D062A
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 24D5271FEA1FC984953354C9CA042CDA
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D0BE70C0CB76E5FE22531B21DFCD2D81
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5BD815EFCBC50516770B440A1C08F624
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C76F59D45A0548F1FFB1D5C9110FFB7F
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 9356300B1D54F613DEE844CCE6518C47
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7952CB8B6798A9BD097A1DF202BF9F2F
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A4B5BFA2E0B31A4FC47A4EE0366619E1
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7BE2F49E24B6760AA99F1549C9C9EDA1
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 14BA2B73BD7EFD7E6B679864C61A3D7B
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 15AA09E513ED2F43926DA61B40A68296
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 034FF6329AA0B944349E0783E9D6973C
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 289A7CE9ADA7899628FDD062FB4347F6
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BAD28B58C5A3BD1547088C7763734080
Requests: 10 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: B5A38CBBA0C22CE708E4C1B50104155E
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 360004A58AD099C476F3AE185942F654
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: F19BB7BD9531AC0C27942EC0AA5248BD
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 1670AABF6DA6B326026263B44BEA898B
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 8E0DFD5AF7058E4EF105C50AE12557F9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 58D7D4976374BE88A767295E04BCA552
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 9FB9A06D03D097AF8BAC673CD5779B08
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 6EE0D47E615FD566CA50D69ABC45EFBE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 10C26E7E91155CF3C452F339C724E868
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 77D91A768F0879312786B6772B21D1FD
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 23AFF2875814213134272E89FD2543D3
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 883FF928E7F212143969B3DA2D13D1E9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 47BB1CFC8E19CC0245AC4EC8EC68BAB4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 7949ECEDC56D84B1A90C0E21111A2CE3
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: CF34777A7B1B558F78BE03B1AB8DA3BC
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 6D469F12E14795FCD4984D70A877D627
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 633C2A8B1B7FF6DB9E48325945DC7A27
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новини - останні новини України та світу сьогодні - Korrespondent.net

Page URL History Show full URLs

  1. http://ua.korrespondent.net/ HTTP 301
    https://ua.korrespondent.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1367
Requests

89 %
HTTPS

24 %
IPv6

121
Domains

185
Subdomains

130
IPs

15
Countries

12926 kB
Transfer

32736 kB
Size

185
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ua.korrespondent.net/ HTTP 301
    https://ua.korrespondent.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=4dc5fc1e-c63d-45de-99c8-8dd4845a7fda&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=4dc5fc1e-c63d-45de-99c8-8dd4845a7fda&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ca49a378-5442-4763-8228-9207153d0f0f&ssp=prodoohmox&gdpr=0&gdpr_consent=
Request Chain 142
  • https://gaua.hit.gemius.pl/_1652802316837/rexdot.js?l=100&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fua.korrespondent.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=hRragNyv9UvdvsMVtFGLd5YJ.X8.HyE0HvX7u.C1GLj.67mvi6rrzYT.7n3D.ITxqF8oLd88xe9UsagHIEkST6UyGLpY/QBbphRdJXwQJO/&ltime=392&fpdata=J4cl7T2tpccWLrHwPF5JNK1zJS9L8K0KKQnEIo0GevT.A7&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1652802316837/rexdot.js?l=100&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fua.korrespondent.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=hRragNyv9UvdvsMVtFGLd5YJ.X8.HyE0HvX7u.C1GLj.67mvi6rrzYT.7n3D.ITxqF8oLd88xe9UsagHIEkST6UyGLpY/QBbphRdJXwQJO/&ltime=392&fpdata=J4cl7T2tpccWLrHwPF5JNK1zJS9L8K0KKQnEIo0GevT.A7&fpcap=
Request Chain 162
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=4dc5fc1e-c63d-45de-99c8-8dd4845a7fda&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3Dca49a378-5442-4763-8228-9207153d0f0f&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=08ac6283-c30c-4700-ad53-d22713a8b510&expires=30&ssp=prodoohmox&bsw_param=ca49a378-5442-4763-8228-9207153d0f0f&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.mox.tv/delivery/sync?userid=ca49a378-5442-4763-8228-9207153d0f0f HTTP 302
  • https://ad.mediawayss.com/delivery/sync?userid=ca49a378-5442-4763-8228-9207153d0f0f&inner_redirect=1&inner_uuid=4dc5fc1e-c63d-45de-99c8-8dd4845a7fda&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8= HTTP 302
  • https://ad.outstream.today/delivery/sync?userid=ca49a378-5442-4763-8228-9207153d0f0f&inner_redirect=1&inner_uuid=4dc5fc1e-c63d-45de-99c8-8dd4845a7fda&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw==
Request Chain 170
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
Request Chain 172
  • https://dmp.adform.net/serving/cookie/match?party=1167&cid=RkwF1xx8hQyouCwMAfXvtFhzW730jnoEzStRYFtLW70 HTTP 302
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=RkwF1xx8hQyouCwMAfXvtFhzW730jnoEzStRYFtLW70 HTTP 302
  • https://onetag-sys.com/sync/i,34/1274270525133315898
Request Chain 173
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7526226888202003154
Request Chain 175
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgNKx6zIXdSPrB2asis_ZWz9pBD1cH1FgMA
Request Chain 178
  • https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RkwF1xx8hQyouCwMAfXvtFhzW730jnoEzStRYFtLW70
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJrEsf1_MH-Prm6zOVybXhw&google_cver=1
Request Chain 181
  • https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-f6b7eI5E2uGJEr1mIwuH3Ri5627Qpr4OkyEVycI-~A
Request Chain 182
  • https://x.bidswitch.net/sync?ssp=onetag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=ca49a378-5442-4763-8228-9207153d0f0f&google_hm=Y2E0OWEzNzgtNTQ0Mi00NzYzLTgyMjgtOTIwNzE1M2QwZjBm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJk_N0oNQw60QLTIzXlj8vw&google_cver=1&ssp=onetag&bsw_param=ca49a378-5442-4763-8228-9207153d0f0f HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=ca49a378-5442-4763-8228-9207153d0f0f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 267
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOzHwVPv1CLTPXettispnM&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOzHwVPv1CLTPXettispnM&google_cver=1&C=1
Request Chain 271
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoPDDVm4dy03i1pX65qZQwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOzHwVPv1CLTPXettispnM&google_cver=1
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENNyEjiQHZxM8ty9ZTHfdJM&google_cver=1
Request Chain 273
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzUyNjIyNjg4ODIwMjAwMzE1NA%3D%3D
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP9EnVbnu9r85XQrN-wVCgc&google_cver=1
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEMizZYSoUTedvzDzXI2x-9A&google_cver=1
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGlFugD-KWQSoe4Ep_U1BZg&google_cver=1
Request Chain 280
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=59eb8bf9-d5f8-11ec-9efa-1e1d47870506 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTllYjhiYzUtZDVmOC0xMWVjLTllZmEtMWUxZDQ3ODcwNTA2
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEG3PiB6nMOUBVzrP-FMqGqg&_origin=1&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEG3PiB6nMOUBVzrP-FMqGqg&_origin=1&google_cver=1&apid=UP59f078a7-d5f8-11ec-b16c-02080fde3794
Request Chain 282
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP59f078a7-d5f8-11ec-b16c-02080fde3794 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA1OWYwNzhhNy1kNWY4LTExZWMtYjE2Yy0wMjA4MGZkZTM3OTQ%3D
Request Chain 301
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 313
  • https://mc.yandex.com/watch/61684903?wmode=7&page-url=https%3A%2F%2Fua.korrespondent.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A220073537154%3Ahid%3A163788503%3Az%3A0%3Ai%3A20220517154518%3Aet%3A1652802318%3Ac%3A1%3Arn%3A591344965%3Arqn%3A1%3Au%3A1652802318158155463%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1652802317171%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C4%2C0%2C4%2C4%2C0%2C4%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1652802318%3At%3A&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/61684903/1?wmode=7&page-url=https%3A%2F%2Fua.korrespondent.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A220073537154%3Ahid%3A163788503%3Az%3A0%3Ai%3A20220517154518%3Aet%3A1652802318%3Ac%3A1%3Arn%3A591344965%3Arqn%3A1%3Au%3A1652802318158155463%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1652802317171%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C4%2C0%2C4%2C4%2C0%2C4%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1652802318%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 318
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLNKCaTgZHdJAkQ3enm7zCKFofUOeogZ4FmQLwifwG4me3jHdaukLlsaFLo_22uusRSr4HStBwQa5H7vg4VRiD5MCM4We8&google_gid=CAESEGdJ9iJu4fc5jjMWgbsYsmk&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCI6Gj5QGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBMTktDYVRnWkhkSkFrUTNlbm03ekNLRm9mVU9lb2daNEZtUUx3aWZ3RzRtZTNqSGRhdWtMbHNhRkxvXzIydXVzUlNyNEhTdEJ3UWE1SDd2ZzRWUmlENU1DTTRXZTg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWXpDb2JrVjZxS0RMb3p4VGF0WDZUTERhcmdXU25iMC1lSFFNUmdtcjBtZw==&google_push
Request Chain 320
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBjAPOVylbqiD3IOKCAqtsY&google_cver=1&google_push=AYg5qPLcxaN1jPiHwXWefWiwNBF7VLxyM3fD7vvsuK-Z9kZm5CrXz_MnthIEkcvNRDtg5ejemjVhpao1qjw6bcgq8cEAJKdUKEZT HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBjAPOVylbqiD3IOKCAqtsY&google_cver=1&google_push=AYg5qPLcxaN1jPiHwXWefWiwNBF7VLxyM3fD7vvsuK-Z9kZm5CrXz_MnthIEkcvNRDtg5ejemjVhpao1qjw6bcgq8cEAJKdUKEZT&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2kXr-2LHSCGpfD2kMttScA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLcxaN1jPiHwXWefWiwNBF7VLxyM3fD7vvsuK-Z9kZm5CrXz_MnthIEkcvNRDtg5ejemjVhpao1qjw6bcgq8cEAJKdUKEZT
Request Chain 321
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMUZD4R2qefEF6MlOqs9_W4&google_cver=1&google_push=AYg5qPIGPhh8isGb15dm2ziUXR0EYhVKkWcbEvw8OWFm-RF06_L4kpOQLaffD-eQSCDEJpjIrG0DI80Gtg-9mAN_0NC-o2-VVL4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNBQlRRTlQtWC0xRlFK&google_push=AYg5qPIGPhh8isGb15dm2ziUXR0EYhVKkWcbEvw8OWFm-RF06_L4kpOQLaffD-eQSCDEJpjIrG0DI80Gtg-9mAN_0NC-o2-VVL4
Request Chain 322
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHUfRr20KS5FHl1Kq0W_npo&google_cver=1&google_push=AYg5qPLIIMwnmOulhSOInIUPXXyR4y1-xil4-nlHd_xDsAIBHYYgKoyxD7Z6iXjBllcWQm23YuldUjFSWJk8TxVRw8uC_nCJEVlh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&google_cver=1&google_gid=CAESEHUfRr20KS5FHl1Kq0W_npo&google_push=AYg5qPLIIMwnmOulhSOInIUPXXyR4y1-xil4-nlHd_xDsAIBHYYgKoyxD7Z6iXjBllcWQm23YuldUjFSWJk8TxVRw8uC_nCJEVlh
Request Chain 326
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEPHg0eMIMXK2JzpuV6wPP6M&google_cver=1&google_push=AYg5qPLN076R9FyRvICGJCCzW5ox7JLJ6rzgELABJUzRspENIlLEg9d_wmXmhORwES1L_FPN3_Ns-FcL6-mwQI7v1ysXGq6eXt8k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLN076R9FyRvICGJCCzW5ox7JLJ6rzgELABJUzRspENIlLEg9d_wmXmhORwES1L_FPN3_Ns-FcL6-mwQI7v1ysXGq6eXt8k&google_hm=NzMyMzExMzE3NTA1NDEzNDIwNw== HTTP 302
  • https://a.rfihub.com/cm?pub=445&google_error=5
Request Chain 330
  • https://google-sync.rutarget.ru/sync?google_gid=CAESECV14GPO23KLvq4NelLPS_U&google_cver=1&google_push=AYg5qPIuL7q6g-t1RPdh6woDx4S9avq0DjDy7x4RZk9oUJvbEZc-Mb2Vu5cwlMtqXNdpmjthzZMfibjzB9jgLTyOFy0xaUP6tRZs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=aERUeUF6X09kQjJm&google_ula=2046794&google_push=AYg5qPIuL7q6g-t1RPdh6woDx4S9avq0DjDy7x4RZk9oUJvbEZc-Mb2Vu5cwlMtqXNdpmjthzZMfibjzB9jgLTyOFy0xaUP6tRZs
Request Chain 331
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEjEBPQhwUi_zePry_rgdIc&google_cver=1&google_push=AYg5qPLSdpP9dvViXTcEJqbqx6wp86_dqMlKgJW2SgnpSCeAZVZXZ9O5P4Lp3HdDkGllYHDVG6OS4Q3ozZi7j6ChijUGhToaZlVh7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KZ09XM1NSRTJ1RWNwY0tGY0ZXeHNBaDhIT2xBT1N2Yn5B&google_push=AYg5qPLSdpP9dvViXTcEJqbqx6wp86_dqMlKgJW2SgnpSCeAZVZXZ9O5P4Lp3HdDkGllYHDVG6OS4Q3ozZi7j6ChijUGhToaZlVh7A
Request Chain 332
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJrEsf1_MH-Prm6zOVybXhw&google_cver=1&google_push=AYg5qPL53GYdPu2CgRf1GkrIiKVTTrTQzGVUB5aN1O2M1VHN3UHrMR6nAFtflIMZRXD4aJjaKLJvSQ_-QqGBklJfqVhvD67kWUgapA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgNKx701dweUtpzvNxZ2YKmItxxlgdfppLA&google_push=AYg5qPL53GYdPu2CgRf1GkrIiKVTTrTQzGVUB5aN1O2M1VHN3UHrMR6nAFtflIMZRXD4aJjaKLJvSQ_-QqGBklJfqVhvD67kWUgapA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 334
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHbzBFCsWN_eEiKODna7PbY&google_cver=1&google_push=AYg5qPLGIHtfo9EP10y7s3JNrSPBKt6-WGiLkAr79tuO3XeIfbUKv43ZOJeg4o1peYV15vS_e1WYQcNFnBdiuQGXiwEuih8wK6rA HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHbzBFCsWN_eEiKODna7PbY&google_cver=1&google_push=AYg5qPLGIHtfo9EP10y7s3JNrSPBKt6-WGiLkAr79tuO3XeIfbUKv43ZOJeg4o1peYV15vS_e1WYQcNFnBdiuQGXiwEuih8wK6rA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cDdLd1hsdloxTlFablU1&google_gid=CAESEHbzBFCsWN_eEiKODna7PbY&google_cver=1&google_push=AYg5qPLGIHtfo9EP10y7s3JNrSPBKt6-WGiLkAr79tuO3XeIfbUKv43ZOJeg4o1peYV15vS_e1WYQcNFnBdiuQGXiwEuih8wK6rA
Request Chain 335
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOVtCA4YOLVa3xfKPo0lXzE&google_cver=1&google_push=AYg5qPJEdDmvLZwwmEDPA_WUms91VgI8u7UhuL9HDnR5tuti5rVHxVWQfaXHQe_U9QB38juR9JslzrIn8DYHiDGMyPz5O0ecoKqA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5ODczMTkwMjU2ODY5MTg2MQ%3D%3D&google_push=AYg5qPJEdDmvLZwwmEDPA_WUms91VgI8u7UhuL9HDnR5tuti5rVHxVWQfaXHQe_U9QB38juR9JslzrIn8DYHiDGMyPz5O0ecoKqA
Request Chain 336
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI4RXBGG3tzXJ28JYPAB8Fg&google_cver=1&google_push=AYg5qPJCptRv7mfEZrVPFB0O6Cw-xHwztUHC4fTQbdgOybKpV8zeiuE2Pn6zO7LOeFWgGK6uYNsg1IgN-goaIGj1CCLQLD21eYZP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJCptRv7mfEZrVPFB0O6Cw-xHwztUHC4fTQbdgOybKpV8zeiuE2Pn6zO7LOeFWgGK6uYNsg1IgN-goaIGj1CCLQLD21eYZP&google_hm=NTAyNjYwNTIxMDgzNDk1MjYzMA%3D%3D
Request Chain 337
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBjAPOVylbqiD3IOKCAqtsY&google_cver=1&google_push=AYg5qPJcGNQVkViMvTkI23ylgnhwl6xsAwLkVnvLQ8SIGh8jNGAYIPp4o8KC2Yfj5npp8eIO_zJRnTZ0_KtBQCXcgd30UsLLjsG5 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBjAPOVylbqiD3IOKCAqtsY&google_cver=1&google_push=AYg5qPJcGNQVkViMvTkI23ylgnhwl6xsAwLkVnvLQ8SIGh8jNGAYIPp4o8KC2Yfj5npp8eIO_zJRnTZ0_KtBQCXcgd30UsLLjsG5&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KsiYgF76Tge3UrjzVNDvZw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJcGNQVkViMvTkI23ylgnhwl6xsAwLkVnvLQ8SIGh8jNGAYIPp4o8KC2Yfj5npp8eIO_zJRnTZ0_KtBQCXcgd30UsLLjsG5
Request Chain 338
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMUZD4R2qefEF6MlOqs9_W4&google_cver=1&google_push=AYg5qPL10ENZqoXXdmfu_LvUeMqygK8iom_pPt4pC_MCvBlS-HI21txAW-L-zpadHJrgJ-ndJzjl3SqB5nRz_UF6j3DgmFohFjBb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNBQlRRT1otMTUtQUdYRQ==&google_push=AYg5qPL10ENZqoXXdmfu_LvUeMqygK8iom_pPt4pC_MCvBlS-HI21txAW-L-zpadHJrgJ-ndJzjl3SqB5nRz_UF6j3DgmFohFjBb
Request Chain 339
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEHQaNJqmrD3bkOiuk1tn3fY&google_cver=1&google_push=AYg5qPKZFC9grbfBzbpBd6Vi7LRk5eEM-E8J4h0Hy3olWF-R0bzIwquBHMa_yRGwUoQB6j_nHZNyEOJBUD24kjTLWJTCSbzJjEBU HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKZFC9grbfBzbpBd6Vi7LRk5eEM-E8J4h0Hy3olWF-R0bzIwquBHMa_yRGwUoQB6j_nHZNyEOJBUD24kjTLWJTCSbzJjEBU&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1652802318197 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKZFC9grbfBzbpBd6Vi7LRk5eEM-E8J4h0Hy3olWF-R0bzIwquBHMa_yRGwUoQB6j_nHZNyEOJBUD24kjTLWJTCSbzJjEBU&google_hm=
Request Chain 340
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHxkHn6MSP8qXGhSQ2cTUBQ&google_cver=1&google_push=AYg5qPKUWdQ9ByLn9ipucPGeYFCoS2gT8ED-dEDpgvG2mvTRFc18pSGfdggJxvGPUvvD7h0B-48q-xBR700htJm4rdvkdFLb66MG HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPKUWdQ9ByLn9ipucPGeYFCoS2gT8ED-dEDpgvG2mvTRFc18pSGfdggJxvGPUvvD7h0B-48q-xBR700htJm4rdvkdFLb66MG&google_gid=CAESEHxkHn6MSP8qXGhSQ2cTUBQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc5MDY5Njg5MDg1Mzc3NTQ2ODYzNg%3D%3D&google_push=AYg5qPKUWdQ9ByLn9ipucPGeYFCoS2gT8ED-dEDpgvG2mvTRFc18pSGfdggJxvGPUvvD7h0B-48q-xBR700htJm4rdvkdFLb66MG
Request Chain 657
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEK9tWx54JQb8K9SzhxFAZf0&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEK9tWx54JQb8K9SzhxFAZf0&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=89fdb0afdb09333069244c7a665ea9ef&uid=89fdb0afdb09333069244c7a665ea9ef&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1
Request Chain 658
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOmQ3t_9DQGwNr9C0EwHADY&google_cver=1 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOmQ3t_9DQGwNr9C0EwHADY&google_cver=1&ang_testid=1
Request Chain 659
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFngFn_8u_4VeruQeLUJri8&google_cver=1
Request Chain 660
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEC3Hx1GwGREmAC22iUGTEoE&google_cver=1&adform_v=1
Request Chain 667
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFdmPhT0ejj9MUFZWc2yJi4&google_cver=1
Request Chain 668
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2ZmZjczOGRmNTI4MTQ3OTIzYTY4NjViYzBhMzM5YTM3NDgyMGVkMw
Request Chain 669
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEGiizcAg4IasV3_AgUBao2I&google_cver=1
Request Chain 670
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkFDODk4ODAtNUVGQS00RTA3LUI3NTItQjhGMzU0RDBFRjY3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 682
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEKcb2ac75xwOU5JjnDrSqKU&google_cver=1
Request Chain 683
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1wemk4R3J0RTJ1R2xYUTdnd29ybEQ0eDdQdG1aUWYxTX5B
Request Chain 694
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMSm5k1HrinWb-MP9unC4xE&google_cver=1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEMSm5k1HrinWb-MP9unC4xE&google_cver=1
Request Chain 695
  • https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_cm HTTP 302
  • https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEE30BEL5shaHtuZxFqApdps&google_cver=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/tpid=CAESEE30BEL5shaHtuZxFqApdps&cver=1/c=899/tp=GDDP
Request Chain 696
  • https://hal90008.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=27aca006f5&subid=&uid=14eb604d9e6345c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6288863528235289568%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Divawnoge%26e%3D1068016250166&ancestorOrigins=https%3A%2F%2Fmediawoot.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=466975696246&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90008.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=27aca006f5&subid=&uid=14eb604d9e6345c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6288863528235289568%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Divawnoge%26e%3D1068016250166&ancestorOrigins=https%3A%2F%2Fmediawoot.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=466975696246&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 710
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGqJUOa2m-7I813jrrxRacc&dongle=c627&google_cver=1
Request Chain 711
  • https://eb2.3lift.com/sync/google/demand?sync=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc5MDY5Njg5MDg1Mzc3NTQ2ODYzNg%3D%3D
Request Chain 712
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEEQwifTi-Ge8E79osgrOysY&_origin=1&google_cver=1
Request Chain 714
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEFU71fXBkNGWfll4lDRAn4k&google_cver=1
Request Chain 715
  • https://tags.bluekai.com/site/2981?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbluekai%26google_hm%3D%24_BK_UUID_B64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_hm=NFNNdG54OTk5OVlOMC9CaQ%3D%3D
Request Chain 716
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENVvHjSZYY70M3Y8l06N0eA&google_cver=1 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=b4df9751d4b590841b13c7f9c09139e&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0fb2_7098731915447990598&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 717
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YjRkZjk3NTFkNGI1OTA4NDFiMTNjN2Y5YzA5MTM5ZQ==&gdpr=0&gdpr_consent=
Request Chain 721
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm HTTP 302
  • https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEAAIvty53B81_765Oea2zN4&google_cver=1
Request Chain 722
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDW-ZDIKE_imusEx1ZMh2v0&google_cver=1
Request Chain 732
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEKTW1LwDZFopI6hTMMI3sqY&google_cver=1
Request Chain 733
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_cm HTTP 302
  • https://rtb.gumgum.com/usersync?b=gdv&i=CAESEJtN_d88whK8Sw0tQOqipiY&google_cver=1
Request Chain 737
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&dsp_callback=1&google_dbm HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESEPNd2ZSKIPlkz6KstZQql74&google_cver=1 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESEPNd2ZSKIPlkz6KstZQql74&google_cver=1
Request Chain 738
  • https://match.360yield.com/match/55 HTTP 302
  • https://match.360yield.com/ul_cb/match/55 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_sc&google_hm=OTI5MjE3ZmQtZGFkYy00MjdhLTg2OTktZTQ4Y2MzNzlmMTVh&dsp_callback=1
Request Chain 739
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEOyw1Kwqx-aQ4-9dM9db214&google_cver=1 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEOyw1Kwqx-aQ4-9dM9db214&google_cver=1&xl8blockcheck=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MzdkZjM1MGRlMzg3NWM4NTNkYzU4YWMwNjRlM2U3MDQ&
Request Chain 747
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_cm&google_dbm HTTP 302
  • https://ce.lijit.com/merge?pid=23&3pid=CAESEJ4jTZdxNF-fSvui3Se_lME&google_cver=1
Request Chain 748
  • https://ap.lijit.com/dsp/google/cookiematch/dv HTTP 307
  • https://ap.lijit.com/dsp/google/cookiematch/dv?sovrn_retry=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RXFBUnVEWkhFcGk4RUcyNVFQaWNvdzJs
Request Chain 749
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm HTTP 302
  • https://ads.yieldmo.com/v000/sync?google_gid=CAESEISK0hJPj_aX4eiNLN7RNo8&google_cver=1
Request Chain 790
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=korrespondent.net&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&cw=1&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=FsRi_nwrcjU1UXRJRFF4MjFzSHo1T0g3YjJldm16d3h0R0hqY0ZzM2pwM2l1OWp5MUdLMS93dDFGTktpY2YxMklLTU1lNjY3ZnU5ekV6RmRGWTZuenNpbVdwYi8wcXNON3ZYZlBlbk5WMmdSTy9sdWRvK1YvOFFRdkVaK0k4dS94dHRocEhOSjZMa3BGRXFhdzhxWnZLNHVNb3Fobjc4WDJaRmZpbkhaVGJHMWRXRUdhbytnL3IrRFk2dXRSSmFxVzF2R0UwaU9xOEpHQUVTN21jMDZVbkswV3Y3MFlhNXN6c2x0RHdZaEI4aVBpd1FPSHVYSzhBY2JJdjFsOXZGMm5oYU1SK2poUTNwb1JmYm5hem9YQXUrK1FIUT09fA&cppv=2
Request Chain 803
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_dbm HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEOyelPBKDMXTADwHqs2RLAw&google_cver=1
Request Chain 804
  • https://bh.contextweb.com/bh/rtset?pid=547259&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcontextweb%26google_hm%3D%25%25ENCRYPTED_VGUID_B64%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_hm=Q3FZV3VtMnlnNWdWbTZvbm1oeDJ4QQ&pid=547259
Request Chain 805
  • https://cm.g.doubleclick.net/pixel?google_nid=ibehavior&google_cm&pid=266&go=244276&m&google_dbm HTTP 302
  • https://global.ib-ibi.com/image.sbxx?pid=266&go=244276&m=&google_gid=CAESEMrpckr889aQ5AvYXdus6ks&google_cver=1
Request Chain 964
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAABbHfYwo3OLKzddJi9fdE&google_cver=1&google_push=AYg5qPLg-saakr1BEr8S2E4GceDTwZFYwvVidN6ki36rXnYfDk-4F2bKLDAzCOFp7TWbcri3rRAxp3jTNPYOwtTBTSMlyscvQq9ceA HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLg-saakr1BEr8S2E4GceDTwZFYwvVidN6ki36rXnYfDk-4F2bKLDAzCOFp7TWbcri3rRAxp3jTNPYOwtTBTSMlyscvQq9ceA&google_hm=4vF3LGz8T5RqRqmRW4UoXA
Request Chain 965
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECR_u3yM_FAVmnGc63Hi-Zg&google_cver=1&google_push=AYg5qPJL4CAiPHDJXzLI7jIabVA_Y0r3Rh7zllK_bbaM9EO6gXysHIqeY6ZWYq63P3YDOGwWDiWRBX-xrERTL6aBwlaoRj2izQd_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJL4CAiPHDJXzLI7jIabVA_Y0r3Rh7zllK_bbaM9EO6gXysHIqeY6ZWYq63P3YDOGwWDiWRBX-xrERTL6aBwlaoRj2izQd_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECR_u3yM_FAVmnGc63Hi-Zg&google_cver=1&google_push=AYg5qPJL4CAiPHDJXzLI7jIabVA_Y0r3Rh7zllK_bbaM9EO6gXysHIqeY6ZWYq63P3YDOGwWDiWRBX-xrERTL6aBwlaoRj2izQd_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJL4CAiPHDJXzLI7jIabVA_Y0r3Rh7zllK_bbaM9EO6gXysHIqeY6ZWYq63P3YDOGwWDiWRBX-xrERTL6aBwlaoRj2izQd_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 967
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEK4B4nliOa48QujWCXqGAEM&google_cver=1&google_push=AYg5qPJMB5xzO2Bof6epTs1AAP-wEsAE7vXD8Oim39scSCAwh33gAX6UcjCJNV-jOHqFF0UgaPaIAnMRHMP6u7PbLWC0WJVG0-HMVQ HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK4B4nliOa48QujWCXqGAEM&google_cver=1&google_push=AYg5qPJMB5xzO2Bof6epTs1AAP-wEsAE7vXD8Oim39scSCAwh33gAX6UcjCJNV-jOHqFF0UgaPaIAnMRHMP6u7PbLWC0WJVG0-HMVQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJMB5xzO2Bof6epTs1AAP-wEsAE7vXD8Oim39scSCAwh33gAX6UcjCJNV-jOHqFF0UgaPaIAnMRHMP6u7PbLWC0WJVG0-HMVQ
Request Chain 969
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL94JHC9hrUyCnbtA9uZkQ4&google_cver=1&google_push=AYg5qPI38sib1iKE569oP_Q371FuQndkd4M1y9phxJv3nuCK_qx9N-ewGMojPcWvKcZAvkVcv169IZq43pu9GeXfiiqU0mF5jf1TtQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI38sib1iKE569oP_Q371FuQndkd4M1y9phxJv3nuCK_qx9N-ewGMojPcWvKcZAvkVcv169IZq43pu9GeXfiiqU0mF5jf1TtQ
Request Chain 1146
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=korrespondent.net&sn=ChromeSyncframe&so=3&topUrl=ua.korrespondent.net&bundle=Q01WQ19CRnA4ZG9RN1c4aUpBbVlBZ3lIb0xOekxac2VmdjhSd2xib3I5NzdxUE9kbm9XWCUyRjJWdnRxd2hMYXJjTDYxaFVWJTJCJTJGYmpHN2RnQ1hucGs4SjdXNGVBcDlDWExQazBkODBicExjaHpscXlZJTJGOHFlVTI1JTJGMklJdFRQbjJpUE1vZmtVck5BUFhGMiUyQkRLaFRUSkZQcXFTJTJCenFFWkRqSEFOQlhCNXl3b2VGQUZrcyUzRA&cw=1&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=uaYIDnw4bEk3L2RuSnBaM0xYLzlUcGM3YVdxVHdpOXVtcm04WTFZQzlSdk8wdlNHNWl3NUxSbkxTVlYyTmhWWHp3ZXhUNjN2SUxXWUV0VjYrT2ZPZVBxZENhZktzREtJZFlQQjFweGVhZThFcnhUZEs1SytUWkVMaFJyeURITjhCT2p0Q3I4bzdWcjB5dUZaVkZzTTd0aFd5M2FXT0xCQnQ5S1ZqNUwxYjJNTW1Fc2IrNmRRYUhBSmMrelZJeE12RnJyUUpYVVhDUmNXb0xzMlRyYXFoSUgrNWh1d1VPZkNwVjN6Y0ZheHpxME5nVmRPeEJlbkVLcnpoWjdJdk95Y0dET2EwUnhWclF1em52dDdGazdnNDBPOGtHb1ZQYXdXQ2VGSDQ2Rkc2cGxHWWladz18&cppv=2
Request Chain 1197
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&dcc=t
Request Chain 1199
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=p7KwXlvZ1NQZnU5&gdpr=1
Request Chain 1201
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 1205
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
Request Chain 1206
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YoPDFAACB89MCwA2
Request Chain 1207
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3189956170256689172
Request Chain 1210
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1652888724&gdpr=1
Request Chain 1213
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
Request Chain 1216
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YoPDFAACB5VL6gA2 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YoPDFAACB5VL6gA2&gdpr=1&_test=YoPDFAACB5VL6gA2
Request Chain 1218
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=669950513289
Request Chain 1219
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8221c1bc-a49d-4ff1-b49e-221b3f7eac16&expiration=1684338324
Request Chain 1220
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 1225
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 1228
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1668699925&external_user_id=0e2a0e45-a4e5-42a2-8823-6ec61a2b86aa
Request Chain 1229
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=8954e4f5923044879397095149e9a268&expiration=1655394324
Request Chain 1231
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=y_TYKZ710HnQ_tIvzfLNIsWlhSPQoIUoxaJSZvvU
Request Chain 1233
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 1234
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Request Chain 1235
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-f953fd67-8db1-4863-8f77-9c13d1296587
Request Chain 1236
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=e1ce81bd-5dc9-4d02-a71a-91b5249161ba&expiration=1684338324
Request Chain 1237
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 1240
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=y_TYKZ710HnQ_tIvzfLNIsWlhSPQoIUoxaJSZvvU
Request Chain 1242
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 1243
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Request Chain 1244
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3189956170256689172
Request Chain 1246
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c2d2bfef-e169-4406-8bb8-e4b7098b587b&us_privacy=null&gdpr_consent=null&gdpr=1
Request Chain 1249
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3ABTRSW-O-AHZG
Request Chain 1250
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3ABTRSW-O-AHZG&sigv=1&esig=2~bf6532cd39ae7a1d4559d4aa63e7d314a076d743
Request Chain 1251
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yPOQhGFOZb8N1vz6LeOcjg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5026605210834952630
Request Chain 1252
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=92P6T8kdRuy3DpDfrp6Ytg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=92P6T8kdRuy3DpDfrp6Ytg
Request Chain 1254
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2ZmZjczOGRmNTI4MTQ3OTIzYTY4NjViYzBhMzM5YTM3NDgyMGVkMw
Request Chain 1256
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFdmPhT0ejj9MUFZWc2yJi4&google_cver=1
Request Chain 1258
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7060887241939606019&uid=Q7060887241939606019&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 1260
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a8515a7f-b9f7-44b5-8a22-39657d094a03
Request Chain 1265
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7060887241937922929&uid=Q7060887241937922929&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 1268
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=2640c686-b87d-4098-93d2-c06ec211384e
Request Chain 1270
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 1273
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=jNbs6ywuQPpg_58XXmxIgpJGdVU
Request Chain 1275
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7060887241937922929
Request Chain 1278
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1652888724&gdpr=1
Request Chain 1279
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
Request Chain 1282
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ufHjqTSES0FrgG7630GiSJJGdVU
Request Chain 1283
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7060887241665072254&uid=Q7060887241665072254&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 1286
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 1287
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Request Chain 1291
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Yg_L79gBSj9W0DNoCC8SEZJGdVU
Request Chain 1293
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=669950356569
Request Chain 1294
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7060887241937922929
Request Chain 1297
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 1300
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=zwiYujeBQKRNFDgUPZ_8UZJGdVU
Request Chain 1301
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YoPDDVm4dy03i1pX65qZQwAA%261144&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Request Chain 1304
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&dcc=t
Request Chain 1305
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Request Chain 1306
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 1309
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=669950356569
Request Chain 1312
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 1313
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=p7KwXlvZ1NQZnU5&gdpr=1
Request Chain 1316
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=16165943-0c6c-4d48-825e-2c42a3f26eb8&us_privacy=null&gdpr_consent=null&gdpr=1
Request Chain 1319
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=cfcd973b-00c8-49ca-86b2-f7c61ee89cb2
Request Chain 1320
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3b6ca7a-a8a4-490f-ac39-b60fe0f17574
Request Chain 1323
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Request Chain 1325
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1652888724&gdpr=1
Request Chain 1328
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 1329
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 1330
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 1395
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=5XWSNHxiQklrSUlzajNNeVZSTWNLOWNGT2tTVHdtdVlWMlFGcldac281aW0zOGVwb09OZUlNVVJ2bU12RGtMSHVLb2FhMkZQMTZsZFZRUGpIQWpUWTQ0dXRNWTViVWRscTFWMUdReTVhUGNmTnpQSEozQUNIQ1dNbnRKWG0zbUYvUzdvY3ZMdHJ6ejBzOXdONENHOTRBUkk1YVhyS0toUmxIQjRsd3haejVmaEw2VVNGVU9xbm0vR3NjbjQva25YMzlBT1NTVnljZ0lHd05vdnM0M3Q1d0d6bTEra3pkTHd4SXUxVGpkclhXMTZCRlF3NUVTYkhycUM0dlBDT2ZRdzFlVmoxT2J6clVpMkpZSWRkN3ExamtXM1pnNXV6N1dCSTREZ01POFF6ekZhTVlEUT18&cppv=2
Request Chain 1396
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=UqAHDnx0ZU5TSlJCQ25IODY2WmZWaWZYZkxuY2VsUDF5QkNqT2lHWUI1ZXBoNzVpQm1uajl0SlppWEZLVUt3ckRXditvNGh4NTR1bEV1Mm9pVVdBV1cwS0VhTEdwQURhK2dzY3ROZ2hqblJlT01jOTgxT1hnUE0wcTN6KzVuUlJpWlJuWjhDb094emxkNHVJTWwrSmxaU0JybStJZVVQVlpUVDdxWGxFTTR4TjRPT25IVk4zVTdtLzVHWXcrLzEzUEFROU5lckdaSE9KL2Y3WCtTTG1JYzNrSkgzTjZDYnlYYlM5ajhTSE9FaXlHQUt2S3g5YUptckhCREJYMjNrUG5iY283NTdsOHNCajNDUXJmVTNVU0VkeVdkUG9CUU9meWhIKytqajF4dU8vdi9LYz18&cppv=2
Request Chain 1397
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=TtYTaHwzNVRLS2RJTjZqR0dZWGRSSWV6Rko5THltNVFwcjFQRVpFYmRxSTk3S25YNmxJYThFK2dVOXFrdE9pZTVGNHlpNkdxcm0zK2tnamZNUmpVNldIMHR1RGYya2xxR09vaURzVHVzL0tXRXZ6bEE4NDhCOS9yRW9lQlprMlNSWHRLN0dRQlB3ZnIwMzYzNUhQaFhvMmpMek5UUUJOTW1QQjVzMnRsZTlKUktVV2MyeG9laDFra1FBSVM0OVdaYVlSbzFiZlBXNWFhZmorYmQvWFQ4ME4vK0FWbUZXQ3FpMHp2SUhsVFg4VVNFYUlsQVl2UGxUeWZaSTZwNHJUUVV5NEFlVWN6cFhMMmVZb3hJeWtxNS8zNjRLbUVNcGxOTEQxNzljcmNvTW8rUFpTYz18&cppv=2
Request Chain 1399
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=-Gl12nxvYmpObC9iSVFNdnVNT1VaT0poVzFZQmgwRHJrNDUyV0JzaVcwSktFWjNtMmZWNG5LUnFnRG93b1F2Q00rNnRGZFdJVHBsRXZGK1B0cmNZdDVvb3I5RlFyQXR5NEpJRVE5dHIxL2FvRVNXVmdsVEpPWFhQWE1JZWFEeDA2WjVHQUJaMTF1eXdYeG9pTGhsSDdhSTl0WGZlaEZpRVJmcHdwOC9hZlZjODlFUEQ2UG0xOXZIVDVZdDVJcVJ2bW9GdDZqVzEzTHJyL054U1lZek14djgwYksyRzJ3V2hsdE50LzBsWTI5TDBQSWpmYnFmRzduQ2REak9FQTN2TkUydlRvOHhYOVkvUWxLd3FVZ0VDRVpqOG5ZWGJhK1k1R1c3Tll5TTRlNEx2UiszQT18&cppv=2
Request Chain 1400
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=-_qfeHxPZS9hVEN5ZmpXSU1NZGF5OU80OEFRUVZBVmFhZnVxajIxekpRM1k1RFMwRjJyOG1LNVlrUEtDV2d6ampPaENHd0N5KzlGeDBYcWFndmczdndtanNSZy8yQ3VNNzRvSWtIekRydmpmdzJvbit0WkFmYlp3WXVYb014bjhlbndGQU5SR05NM2xWYnJ2TDFVamhYZUJjZTc3Zkp5Z2VzajdIcys0NEZDRW9sMVVVSXNUVG9LN0JQM1EzWFpSVHhDNk1Lc08vRXFnUGljWUtmeWJ4ZWc4MnUwUitmR2o2UENHTUF6akdTb1IySTFSLzltVmtWNTViRkpheEduWTJROFFDNXUvWjV0cWRZbGVvTWhXYU9DbnlLZER2SUQ5K3JHN0RJSXlyQy9WcEhVdz18&cppv=2
Request Chain 1401
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=sfgG5nxvakF0L3ZOaUFRbEduQ0VsMEkvVkFvQTJBMG5FQkIvR0ZWK0lkMDlnb0FUNldLajAzTmFDQnp3LzZJSjNyMTFzS1cxYkU5dTNjc05lNkNqVEprZk90cm43c21rTkNCNnNQODJrY0ZSV1JUejczVU9zdFovckM4enBHZkExM3ZkSGdHM1J5c2JTZlJyb3ZEZWYyNnhtZnV1L05qMHlQMmRsM3U4c2Y5NzBkZlFvQlB0aHlqdFB0cmJaaVowSldrcTlSbU16Ykx3YWZnUXVrTWR3V2RrZ3UyV3pjcjdFRjlqNzVIeVM4Y3JxbjNBbjRaK3ViZUh0a2FlM1QyVWRONVE2bE1EcmRLcmtJL1pYTXNMRXc0U0Y2eWhMV2pBY09kMHdsQy9QYitSSEhUbz18&cppv=2
Request Chain 1402
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=y8PqmnwxYndRUlhXd1ZPT2pzUXB1Nmw4VllMU1ZvdktSS0pEb2F0MCs4YXNiclRkNU9lZWxJc2xmeCtubWZ0Q3JzWnVSRzRZNHZUMkJmZTNrcFZnSXhmbk96SHpqWDU2UDljTnZXa2h1VC9zSUUwM2owV1pwd053L3dZVUFBL0pCd1dQQWNuS0NMRGFhbkIyaTJuQXIxekhIMGE0MG9NakI5OFlkWXBzRmlUdFBRaXc0SnlDRkNoTzJEb3dkV2dTbzhOTVhLcGVPMExSYSsxeVd6d0lTb3FuOGEzK2sybXkwSTJDcHpMVG41a0lNYjVDMWNPQmE3SEoxbzk4eDRua2ZZVjYxTHFMUG9qQ2lTMnZYSnJHcGxEL29ZbGtLTzFpd0szeFRrYk05d2YrZUJLTT18&cppv=2
Request Chain 1408
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=vJWGrXxWWS9sdmM4NUJHNXN6cm5lWldTQWpwci8wS2F0QzdXQUd0OUxaOCtNdWdGU0k3N3JtUEdIQXJETi9Vem04WnFJRUcyNC9WeUpDaDU3Rld5UDlIWXdLWjFJbGFaTHE3UllXNXFzQXQrM0tKVHM2TGc2VnQwZExCRVhqd1JIYjhIZjFPUlAwUXFXc3BvVGlPU0w4U053VktEZmlzMzhYRmx6dENha1dsSkxTZEhYc3VZc280YVVKcHd6MTBaYXdDMXZLYVhJRHhjKzM0UWRkQVVEUlZob1pxTzlWWmZOWkJOa1gvVXlCaXA0S2U2dytSdkd1TG1odGh4M1l6VHRwMDhnZkFPT1VwWjYzc2JpZzU1RE9VTkJFTEcvZjRkb3VBd3czNXlSU2piLzg4cz18&cppv=2
Request Chain 1412
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=nw-FJXxJclhGZFhGUDhUUFhZK0l1bmhFdVZ5OXY4TlVHZVVtbWlMQ3Rqb282dkE4QUhnM3JCYmExN0drOWpsRGE4dlNRYk11amQ1clhBZnByNFpqOXZ4YXljZFkzUXJqWDN6M0dZSGNLSS9LMW5IQldKbTBPb3QyUzdwNHIxdmdtelV3NTFydVpwU2tjclU0ZVEvaWNWS2p6QmVLQWRXbzZkQi95ZUVYSzEwK1djemMxVlNKRFlaZmVqMFQ0ZFExamFzbHBBYlFteTFIdUtreWNqZE5Yc1NyWDQ5SlpjVW1rYTkwenVDc3AzVVdnQ2hTUmZLNjhzVVV5bmpxbFF5dzhNZHZBcUlJRisva1NldGZ6TEpVNkV3ZVI1ZDRMU0l2THhEam9qUXJCNWJhTVVhVT18&cppv=2
Request Chain 1414
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ophcoHxKcTZzT0xZcHIrSWRBMnliYWZtMWthOVh2Q0Z2UkpnYVg0WnYwV2txSHJoWTcvbERHeEtjbGpGbWZyazhTUlZMZHpjU1lERTlBNVZkeGdBSnFkbzFienhUSWJKODBzSEVmTGZRcU5EaDVHeCtwN0o5SDZTRDZ1ZlBMb1dYanlzNWJHVXo1QUgxaUlyWXM3MU10eFdRVG96Q1NnM1ExOHRaTzNyd25weG9BeXZrM1M2d0kyMWJHcW94QXVHOE9UQkU2VllpRmNaZy96TWxnQTJUWDllNGlDdDZGTzYzYmhZSDJyOTBkSXhvN0pVMFlFV20vOW9yQlc3b0pzTVl2ZzZDYVZQSzFYVm0yekoxTG5WNjNPeVlMSmVWZFgwMGhrWlVGNW5VUnh0ekQwQT18&cppv=2
Request Chain 1416
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=NVWBB3xWTHNOWGNobXhPd3cxcmRDTDVTOExLMVhCenUvamx6eGMvNGVvcThMS1NJNGVHNldCak93ZXhDaGFmNW1mSk9zOXVFa2xRUklZL0pxWHU4SWd4d3hNZXBEcEpuczdjTUVOd0VPL3V2NVVENE9hZk1sa204dU1MZXVYZ00wQkVtK3RWTlk2Q1FKdzRLSm9JTEpXRzJNSE16a3VMdlIzV1pxYlJHNmpPMmZUQS9lSEI0K2xBVnJTdVRqbzAxUDBueTlVL1Y0NWJydlQyMlpKNmcvVkcwTll6NVozRjNFQThkTytjcHZwbERHcEhiQ1RGTWN4NTdtbW9VQVJaRVNQTTJ3Znk4WXhiQ1lvZ1dXMzBPUDhpZHBhcE9tZWZpRWRWZXN4NUkrb21uQTNxdz18&cppv=2
Request Chain 1418
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=2&topUrl=ua.korrespondent.net&bundle=vUMZTV9ub2dZZUJOU24wMXNWS3R4eUVyNFNCNVJ3QU9NZ3JXbU55V2dhZ1UxbTBNdUgxTEU3Tk52c1dkNDhhbDJMVzViY0wyeXZKY3JNNVU3WERXbHB1ZEIlMkIzM1d6RmdIZjBTMXJhTVl0ejQlMkJEJTJGbGU2ZWlOOERMQVEzWVI3TnJIc2pINU14MUlMVTlkWnZhdUdjYUFtdWZsZGFNR1NtSUUyNFdpeGtGZzZwNzI0ZVklM0Q&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=dFPonHxsMUhhOTNxb3p4cGM2VmxWZllNMVREcVVVYW9zZkpWVnlycng3TVhDWVJCS0RzL2NZY3YxMGtUakp4Rk1GNTBvaHFoSURvYUlZMlVEVzhvT1B3RmJQRnlPMTBYeDhFUjcySjU1OTdzSnpzUnFhZXFqZnFWUVIvVGxQRys3aDkyVnpTSWpaN2MxV2dhNnJPSXRSVTdwZWpUMGpUWlM0UFNMNzBqTjM4QXJTZjAwd3NxT2hMMmVNMDFzVmRyMjZNK2h4Sk85ZmVOUndLaUdxTXFRSjErZWc3ZWNTQ2lmTncxQ0M4MzZlTm1UbmNFYTZjS21LRmNZeHJ3cGsrMGxvM0MzTEx6TFFGYjdwbU9lZ2xOVUlyUmdFaWdWYm5WRjR0VndBZFd0a1k4WmVpTy9QaVdXN3pmSGtLZ0dVS2kyVXZZWnw&cppv=2
Request Chain 1419
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=2&topUrl=ua.korrespondent.net&bundle=vUMZTV9ub2dZZUJOU24wMXNWS3R4eUVyNFNCNVJ3QU9NZ3JXbU55V2dhZ1UxbTBNdUgxTEU3Tk52c1dkNDhhbDJMVzViY0wyeXZKY3JNNVU3WERXbHB1ZEIlMkIzM1d6RmdIZjBTMXJhTVl0ejQlMkJEJTJGbGU2ZWlOOERMQVEzWVI3TnJIc2pINU14MUlMVTlkWnZhdUdjYUFtdWZsZGFNR1NtSUUyNFdpeGtGZzZwNzI0ZVklM0Q&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Qlkpy3xvOFBGSzlrWWpMc3YwS21OTjVtVlJvVkYxWXZ3RG9vVWNRUnZZdkRiSWlUdzh1dG9XSlkrZVIxalp1RHpreElKTTN1LzhQUmdSMGRWM3ZPeWRHeCtpSGhyNjdlaEJMM2xORmpXRDhPbkZTTC9NUEJpL01xcXcxQjlUK3p0UWZUQVJ5Q2RoRWFVbTQ3NThPWFdvb2JYSHZIMVF3RitPTnltV0E4QVd0Y284OGxpTWtKayt6eHhnam9RUHFIWG9BSHBMUTJXTTZuWGVReVZMSnRjWmJ3Zit2em1HUHY5eVkvUUZEbGpWcitqeHdkcWN0S2ZtWk1RU25GZnlUVXhNTVAxVFNKMmpReWRXOXpsN3V1azhMWkJCQUdUVHBZak83MGFXZFRoUUZVNWVhM1Vyd0x4a0hBaTFNR01CWldIT1dreHw&cppv=2
Request Chain 1421
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=2&topUrl=ua.korrespondent.net&bundle=vUMZTV9ub2dZZUJOU24wMXNWS3R4eUVyNFNCNVJ3QU9NZ3JXbU55V2dhZ1UxbTBNdUgxTEU3Tk52c1dkNDhhbDJMVzViY0wyeXZKY3JNNVU3WERXbHB1ZEIlMkIzM1d6RmdIZjBTMXJhTVl0ejQlMkJEJTJGbGU2ZWlOOERMQVEzWVI3TnJIc2pINU14MUlMVTlkWnZhdUdjYUFtdWZsZGFNR1NtSUUyNFdpeGtGZzZwNzI0ZVklM0Q&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=BIPoI3wrL1dPK1pVN1psZitNK1NxeGlwaVBOUkJVKzg3WVFjN1hva0ZCaGlHaFl2QU5KTWxOVXdNTVhrSUJ3UGhyOGdndk9INHpDUXRkV2VHNHpRNUpIVTFnM0NxU2o3WW9GZS90Vkdlcm1MMVZEZlRJMEsrSUpQRHhLNjhzYlBsWHZ4ZEtmdi9uWTlkWE9KTlhzRDlqcVpPRzR5R1NLRlVacE83dXJVNTNtQWxZZEVQb0R1NUFoQjNGdldGSGdvb3NlQk8vTUZxYmZCMzJtaXg4VWtXNWg0cTN2WE1EMUNEQk9CZ091SXFNN1N2QlR4eU1vYUJDajhGaytRTEY5QnJIejhoVmxCY0VnNEJDWFRhMHVxbGhWWGJSRWJTK055Y0N5bVBLZ0FiRWEyb0IyanY0Z1pybGc3WUhwSEZiUkFkUEF5MXw&cppv=2

1367 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ua.korrespondent.net/
Redirect Chain
  • http://ua.korrespondent.net/
  • https://ua.korrespondent.net/
132 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
006636a3dab8be5d11b6574e9aaccd503876c184617f9b2a4d0bda608d06543a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
70cd7aa969970221-ZRH
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 15:45:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

CF-RAY
70cd7aa8feb701db-ZRH
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 17 May 2022 15:45:15 GMT
Expires
Tue, 17 May 2022 16:45:15 GMT
Location
https://ua.korrespondent.net/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
opensans-condbold-webfont.woff
csskor.ill.in.ua/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/fonts/opensans-condbold-webfont.woff
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26dc9aca8f2ab8bbb58b5e9e5918988475e42f7cffad974698a71b2addc6ec5b

Request headers

Referer
https://ua.korrespondent.net/
Origin
https://ua.korrespondent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Wed, 18 Dec 2013 10:08:55 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7499fa28d9fbce1:0"
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
49816
index.min.css
csskor.ill.in.ua/css/ 		188 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3c914c5ec7768654dc4f35534b46d2da72708c4db16148a833ce1847b893f60a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"80b91c43f335d71:0"
last-modified
Tue, 20 Apr 2021 14:41:35 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
30556
responsive.min.css
csskor.ill.in.ua/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/responsive.min.css?v=1.1.2
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eda53a126b9ad636ada21bc74b0e54c5dfa526083e7a876b17eb90061254d275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"08f70dd1331d71:0"
last-modified
Wed, 14 Apr 2021 09:52:22 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
5192
admin.css
csskor.ill.in.ua/css/ 		3 KB
936 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/admin.css?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d2fbad9636c1fb1ddc3e083984f2b5d3a955a32fdb6247876aabee203958e7dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"0dce73f2e70cf1:0"
last-modified
Thu, 15 May 2014 11:10:16 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
855
adv.css
csskor.ill.in.ua/css/ 		2 KB
603 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/adv.css?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2791dcb76821658dce3165022548a9d1032f4c99efe7acfaafdd6327cbd88129

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"0dce73f2e70cf1:0"
last-modified
Thu, 15 May 2014 11:10:16 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
560
jquery-ui-1.9.2.custom.css
csskor.ill.in.ua/css/jq/ui/smoothness/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/jq/ui/smoothness/jquery-ui-1.9.2.custom.css
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1885450c0476075437b5f7356ec5dc33fa5179e850cc4dbf59c29f37744818f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"066d961b32cf1:0"
last-modified
Tue, 25 Feb 2014 11:20:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
6146
royalslider.min.css
csskor.ill.in.ua/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/royalslider.min.css?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bcab73e79e54f5f8b0cf77546f937aaf4aed60947fc1e4a7801813ed34728c4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"0b82a90356dd41:0"
last-modified
Fri, 26 Oct 2018 14:09:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2594
elections.css
csskor.ill.in.ua/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/elections.css
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cefac0898ee1d19ff1fc498113e6f7b81a0f5a6e63b3ae72106cde5d0454bc01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"0c5215929f2cf1:0"
last-modified
Mon, 27 Oct 2014 21:02:42 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2480
js
www.googletagmanager.com/gtag/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1609229-9
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aff3ed80f54d644de675767310cee9d3859596d0c29e32ec71beb2d740d6ff68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39367
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 May 2022 15:45:16 GMT
jquery.min.js
jskor.ill.in.ua/js/jq/ 		125 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/jquery.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cafe2ccc723f38d12406fdcc2b9777f7f89363a39bbd09c91bb75876f24141fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
39559
jquery.Storage.js
jskor.ill.in.ua/js/jq/ 		1 KB
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/jquery.Storage.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
11449813770e57069d077ac0ad5beb3f7406204c87d961ba1b53c30dba58b3c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
559
jquery.lazyload.mini.js
jskor.ill.in.ua/js/jq/ 		4 KB
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/jquery.lazyload.mini.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9ed325bb4e1bd9f76da8039c87602d63b91e6963d6bf830e62d938a1b90cd133

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
901
jquery.tmpl.min.js
jskor.ill.in.ua/js/jq/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/jquery.tmpl.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
af6592d435a34ae2cbc384c908b2000e3a33f3c3d7bace1a84ba7880a8a80d9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2804
scrollable.js
jskor.ill.in.ua/js/jq/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/scrollable.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3224cd51f4161d44547a1f5a57a5566582c3d6a690d2212af8a0a8739d0c8e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"0a5952db3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:46 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2214
menu.js
jskor.ill.in.ua/js/modules/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/modules/menu.js?v=2
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a58c45b495338481a91c73729bf3916ce6c7d8e9f0566c0e731a7a3da7dba81c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"0d2c62eb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
1610
profile.js
id.korrespondent.net/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.korrespondent.net/js/profile.js?v=3
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
214227a16b4ff571023cbfabe1a74a46b33fb30abbcd8d1a722ae12e3afeb794

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"805bc4c505fd41:0"
last-modified
Mon, 08 Oct 2018 21:45:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
1803
common.min.js
jskor.ill.in.ua/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/common.min.js?v=1.3.5
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6c288ff9874a992ad5021f7197dbcae181ccbc9b1ced648acd5d9efa6ca51f7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"8079673e54d81:0"
last-modified
Tue, 19 Apr 2022 22:37:19 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
1649
dropdown.min.js
jskor.ill.in.ua/js/ 		2 KB
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/dropdown.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d169a4b4bf7e00787e12931b5c2040d76f6995b3ba3f06050274b28644b47d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
900
select.min.js
jskor.ill.in.ua/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/select.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c5cad78844631f748de4f5526652f08ae1504dce421b6e8dcd796af07e639ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"0d2c62eb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
4138
jquery.royalslider.min.js
jskor.ill.in.ua/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jquery.royalslider.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
daa9c1c00563b973df8c5dad719b8670a599a9465ba9bbac4d222c586b538571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"0d2c62eb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
16792
holder.js
i.holder.com.ua/t/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.holder.com.ua/t/holder.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
i1.i.ua
Software
nginx /
Resource Hash
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2017 14:14:15 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Wed, 17 May 2023 15:45:15 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-05-17T15:39:13+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Mon, 16 May 2022 12:35:25 GMT
branding.js
jskor.ill.in.ua/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/branding.js?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
898e180e28f0d79507e9383a6f58303043c24013cca819f7451381562f323093

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"8024146284dcd71:0"
last-modified
Thu, 18 Nov 2021 13:58:37 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
1794
hide-banners.js
jskor.ill.in.ua/js/ 		2 KB
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/hide-banners.js?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dd89c698f5518b8e74892fd52085772390a4cb078ff04939584650c0d3507c67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
content-encoding
gzip
etag
"04941ac51d51:0"
last-modified
Tue, 13 Aug 2019 07:52:08 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
647
invisible.js
ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/scripts/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1652799600
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f092792429d25d71773736aae4a2cc2e28d5ddde94faa0550793e773680d5478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
70cd7aab7d0d0221-ZRH
logo.png
ua.korrespondent.net/i/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.korrespondent.net/i/logo.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bc485c60c1e0395cf0c58a2a9bcc80550b8f289f5be78594484b3eeed36c37d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2016 11:44:00 GMT
server
cloudflare
age
3450
x-powered-by
ASP.NET
etag
"0c0d08369dbd11:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
cf-ray
70cd7aab7d0f0221-ZRH
content-length
5600
2737565.jpg
kor.ill.in.ua/m/610x386/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/610x386/2737565.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
42211ebbea82542a6f45ab273a9cbb369a47efecbdc062890440a8e91b5e747a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 15:22:22 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
111599
expires
Tue, 17 May 2022 15:54:47 GMT
2737566.jpg
kor.ill.in.ua/m/400x253/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2737566.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e6cb24788beb80768c1088bb0ab66da02ee37eab8d650ddaedb8f771919efc49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 15:24:34 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
38098
expires
Tue, 17 May 2022 15:59:58 GMT
2716089.jpeg
kor.ill.in.ua/m/400x253/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2716089.jpeg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1d66b0316883e5a2e72413b94d5635a1f7367c0bbb3b2f53c5e4d01cc9df43ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 15:40:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
83699
expires
Tue, 17 May 2022 15:59:41 GMT
2737545.jpg
kor.ill.in.ua/m/400x253/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2737545.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c363958668849930c9a1236e47a50a9965ffc5456e67d40e80abec20597bcb19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 14:42:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
59029
expires
Tue, 17 May 2022 15:54:30 GMT
2736414.jpg
kor.ill.in.ua/m/400x253/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2736414.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
713cbfdf4f9df462e02ae8b2467ec7a72cc3de72946dd309da48c236bffb1e87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 09:09:46 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
59088
expires
Tue, 17 May 2022 15:57:18 GMT
2737533.jpg
kor.ill.in.ua/m/400x253/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2737533.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a228cd66abee213a149a72841b3033ddad4d159635ac52a28999a43208c8686a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 13:52:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
30255
expires
Tue, 17 May 2022 15:59:40 GMT
2737522.jpg
kor.ill.in.ua/m/400x253/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2737522.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2623a709e861cf87f1214947d635159f9119d1684a9e35dd0ca949bf6abaadd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 13:09:42 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
51249
expires
Tue, 17 May 2022 15:58:45 GMT
2737514.jpg
kor.ill.in.ua/m/400x253/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2737514.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
566f947370152934604bbb3901ae16de7d39b6d0eeb608faf146938819098a6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 12:45:00 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
24723
expires
Tue, 17 May 2022 15:58:45 GMT
2737501.jpg
kor.ill.in.ua/m/400x253/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2737501.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0c5afd153c7ff1d95c9d85013a341481423f056e668060a5459daf893d36746d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 12:01:26 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
30909
expires
Tue, 17 May 2022 15:58:45 GMT
2737499.jpg
kor.ill.in.ua/m/400x253/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2737499.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
281490b867b88c9618b8b12e1d1a50197d4d0cdb5e936102f695bdbf314ace0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 12:07:00 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
26522
expires
Tue, 17 May 2022 15:57:18 GMT
2737496.jpg
kor.ill.in.ua/m/400x253/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2737496.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9f039d70664972cf903f5b4a855889345bde351da767980018d2eb2250b204dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 11:45:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
30675
expires
Tue, 17 May 2022 15:56:42 GMT
2737478.jpg
kor.ill.in.ua/m/400x253/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2737478.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
31aea49db59161e38957338260ccf19a6ad4255e4fb15768ec4a91ecc27695bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 10:53:38 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
22932
expires
Tue, 17 May 2022 15:59:58 GMT
ajax.gif
ua.korrespondent.net/i/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.korrespondent.net/i/ajax.gif
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dd4fb84ef463207662efa03dbd05515afb3aee6a71fa7c5e56e7b0b13504a7b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2016 11:44:00 GMT
server
cloudflare
age
670
x-powered-by
ASP.NET
etag
"0c0d08369dbd11:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
cf-ray
70cd7aab7d110221-ZRH
content-length
5483
2737563.jpeg
kor.ill.in.ua/m/190x120/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737563.jpeg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
72c646a8cf993cd2078ffa7f21550b71538fec109ee6891a1702e69f05b9637a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 15:14:53 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
5992
expires
Tue, 17 May 2022 16:00:02 GMT
2737280.jpg
kor.ill.in.ua/m/190x120/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737280.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fc5eb13bc7f1ce47c755a457a0c236e42a3fe66be41db2d2b917dd028eb24ef7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Mon, 16 May 2022 15:19:58 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
14501
expires
Tue, 17 May 2022 15:52:41 GMT
2737548.jpg
kor.ill.in.ua/m/190x120/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737548.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
073de888dafda4239fb98116dba9ef48e1bd318cc353b7b88ecd4d98818ef5f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 14:33:37 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
13172
expires
Tue, 17 May 2022 15:49:39 GMT
2737523.png
kor.ill.in.ua/m/190x120/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737523.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
61035d17b30b46efaf132ea0023fb6546149f815be4ad9b3de54a34e50420790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 13:14:10 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/png
cache-control
public
content-length
53205
expires
Tue, 17 May 2022 15:49:06 GMT
blank.gif
ua.korrespondent.net/i/ 		45 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.korrespondent.net/i/blank.gif
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f2688cfce6737668af724081900a94bfdcf6437cf8372189005178964e7d1831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2016 11:44:00 GMT
server
cloudflare
age
3375
x-powered-by
ASP.NET
etag
"0c0d08369dbd11:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
cf-ray
70cd7aab7d130221-ZRH
content-length
45
2737567.jpg
kor.ill.in.ua/m/190x120/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737567.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
dbfa88af4b40ae505cd0434f9639e9226fd906834d09d5082c6c905074050389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 15:36:33 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
13808
expires
Tue, 17 May 2022 15:53:44 GMT
2737539.jpg
kor.ill.in.ua/m/190x120/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737539.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7c8670dfa90770f990bcc5cd14965168dcaf8ebef89427eb3e5dfbdcd822834e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 14:27:58 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
14975
expires
Tue, 17 May 2022 15:59:26 GMT
2737536.jpg
kor.ill.in.ua/m/190x120/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737536.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f468676d36b467d4ff505a4bf3b5a7b8dac85b750c3d1b8bc852cfb4f11423b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 14:09:02 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
15823
expires
Tue, 17 May 2022 15:57:17 GMT
2737503.jpg
kor.ill.in.ua/m/190x120/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737503.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3e8fd1a017d2f97b51a6d913bf169614650057ccf90a14a28e1ffd91241bef7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 12:26:28 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
12286
expires
Tue, 17 May 2022 15:59:40 GMT
2737492.jpg
kor.ill.in.ua/m/190x120/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737492.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3c7fcc20311b75a3428bd70f0abf6ea8dae98a0c646ecf1ba837397f485b285f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 11:38:12 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
12814
expires
Tue, 17 May 2022 15:56:52 GMT
2737481.jpg
kor.ill.in.ua/m/190x120/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737481.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2d73dc25470ec39e6d94f36c63ab86d87ac5f2396114a69e28514bdb39b3e63d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 11:12:32 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
13012
expires
Tue, 17 May 2022 15:59:58 GMT
2737478.jpg
kor.ill.in.ua/m/190x120/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737478.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
92620614cc40133a6b34f0a1ff30bc7d2188e9645c548666b2b61206782937be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 10:53:38 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
6308
expires
Tue, 17 May 2022 15:55:41 GMT
2737443.jpg
kor.ill.in.ua/m/190x120/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737443.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f5522c565532fe12314aa7212b0f8b74ca6dd29928fa8bc81466843c5f6b55ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 09:13:54 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
14200
expires
Tue, 17 May 2022 15:59:58 GMT
2737405.jpg
kor.ill.in.ua/m/190x120/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737405.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
91c8e5073d68f88148cf4f94162d9621cb9d3c17143fc5b5a5dc147b429ce9f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 07:14:49 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
12727
expires
Tue, 17 May 2022 15:53:38 GMT
2737382.jpg
kor.ill.in.ua/m/190x120/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737382.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
df3f6d94bd092f4756fcb83a462855317d91ca61ae33847651ec6d9da1af6b32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 05:46:29 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
15262
expires
Tue, 17 May 2022 15:46:31 GMT
2737366.jpg
kor.ill.in.ua/m/190x120/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737366.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2cde2dbf249ca548606136a33465d51203701dfce627f65d3685903f505643ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 00:04:10 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
10247
expires
Tue, 17 May 2022 15:59:41 GMT
2737338.jpg
kor.ill.in.ua/m/190x120/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2737338.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1cf2d75769a67fdccddf5ef7f2bd800e3093f0bac91d30c69880cd22fcc561c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Mon, 16 May 2022 19:01:23 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
12280
expires
Tue, 17 May 2022 15:58:45 GMT
2715997.jpg
kor.ill.in.ua/m/86x115/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/86x115/2715997.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ee83c984c733b9c55a91f42e6cf39ba90c22bc0789296f4b7a5ec189ef24afbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Sun, 27 Feb 2022 21:34:42 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
8895
expires
Tue, 17 May 2022 15:55:39 GMT
disclaimer.min.js
ui.ill.in.ua/s/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.ill.in.ua/s/disclaimer.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
193.29.200.140 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
2356de1d2ca4b622f2949c68f0659a08d577e86204c4700c439132c5164d17ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:15 GMT
Content-Encoding
gzip
ETag
"d67f5a9ce421d51:0"
Last-Modified
Thu, 13 Jun 2019 12:36:23 GMT
Server
Microsoft-IIS/7.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=31536
Accept-Ranges
bytes
Content-Length
1352
icon-sprite.png
csskor.ill.in.ua/i/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/i/icon-sprite.png
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83ab5047e820c4c9edf0823374a8a31e0119fae38f345a88caa81b46184dfe5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0ef6440fe69cf1:0"
content-type
image/png
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
29852
blank.gif
csskor.ill.in.ua/css/ 		45 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/css/blank.gif
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/royalslider.min.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f2688cfce6737668af724081900a94bfdcf6437cf8372189005178964e7d1831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/royalslider.min.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
last-modified
Tue, 25 Feb 2014 11:20:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"066d961b32cf1:0"
content-type
image/gif
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
45
preloader.gif
csskor.ill.in.ua/i/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/i/preloader.gif
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
90102a5b0d498a0928a1923216a5e922fa4dd138a5c7ecad85c6f5b6cdd6bdab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0ef6440fe69cf1:0"
content-type
image/gif
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
6154
2736799.jpg
kor.ill.in.ua/m/67x43/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2736799.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
eb6238bd370c0803ba276ce0e785f0098fabb4dc750a33e46d9454dc9cbcd326

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Fri, 13 May 2022 20:14:53 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
1808
expires
Tue, 17 May 2022 15:52:45 GMT
2736414.jpg
kor.ill.in.ua/m/67x43/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2736414.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e5eac7089417f76b4d3fffb3eefa6f18005b22a4bab1b2a3d016cc3c34355142

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Tue, 17 May 2022 09:09:46 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
3129
expires
Tue, 17 May 2022 15:59:58 GMT
2736904.jpg
kor.ill.in.ua/m/67x43/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2736904.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
66bfcdd8d1f402fd444580bb1678fe9850fba8ce62054823ab0c5ca8b76f8e50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Sat, 14 May 2022 22:02:20 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2727
expires
Tue, 17 May 2022 15:59:58 GMT
2736981.jpg
kor.ill.in.ua/m/67x43/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2736981.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
43759f0464c3d509ebc17613c94fecdecdb67e95ccd22d04b8c17f14d53523af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Sun, 15 May 2022 15:23:10 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2360
expires
Tue, 17 May 2022 15:48:15 GMT
2736995.jpg
kor.ill.in.ua/m/67x43/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2736995.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
61a007cdbf155c10f81d3e192be0746301588f226860f28df2af7689cb42c9b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:15 GMT
last-modified
Sun, 15 May 2022 17:38:06 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2110
expires
Tue, 17 May 2022 15:59:42 GMT
subscribe.png
csskor.ill.in.ua/i/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/i/subscribe.png
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
84510fffe17fea544ae340bc9373b62106bfccc148f93e8ac4bbed045c64e9a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0ef6440fe69cf1:0"
content-type
image/png
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
4138
s
r.i.ua/ 		834 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.i.ua/s?u1647&p4&n0.5663661985708768&c1&d24&w1600&h1200&r/ua.korrespondent.net/
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8108d5d4fdef74c3659603b1c911f49133f04d6b59c4b5fa2a7cb0565c51a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-type
image/png
cache-control
no-cache, must-revalidate
cf-ray
70cd7aabfa369b51-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
e.js
cdn.umh.ua/libs/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.umh.ua/libs/e.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block;
last-modified
Tue, 01 Mar 2022 15:54:34 GMT
server
nginx
etag
W/"621e41ba-16f4"
access-control-max-age
1728000
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER
expires
Wed, 18 May 2022 15:45:16 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1609229-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
630
date
Tue, 17 May 2022 15:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 17 May 2022 17:34:46 GMT
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1085232946&t=pageview&_s=1&dl=https%3A%2F%2Fua.korrespondent.net%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1144382965&gjid=895632484&cid=590111183.1652802316&tid=UA-1609229-9&_gid=2060306892.1652802316&_r=1&gtm=2ou5g0&z=1032798411
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
load
z.cdn.umh.ua/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1261666467&div=zone_1261666467&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=538&pl=3&mi=4&me=8&hc=4&n=1652802316187&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=1210321059
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
409101c7f92c8873fa29c2ccfffac7631efca3f69a735ac60c6acbe1dbab861c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
809
expires
-1
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1609229-9&cid=590111183.1652802316&jid=1144382965&gjid=895632484&_gid=2060306892.1652802316&_u=YEBAAUAAAAAAAC~&z=1793233975
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 17 May 2022 15:45:16 GMT
content-type
text/plain
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
mwayss_invocation.min.js
ad.mox.tv/mox/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1261666467&div=zone_1261666467&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=538&pl=3&mi=4&me=8&hc=4&n=1652802316187&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=1210321059
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 17 May 2022 16:45:16 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1609229-9&cid=590111183.1652802316&jid=1144382965&_u=YEBAAUAAAAAAAC~&z=1875998560
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1609229-9&cid=590111183.1652802316&jid=1144382965&_u=YEBAAUAAAAAAAC~&z=1875998560
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impress
ad.mox.tv/delivery/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1554&height=288&width=400&tld=korrespondent.net&in_iframe=&position=btf&screen_width=1600&screen_height=1200&top_domain=ua.korrespondent.net&top_url=https%3A%2F%2Fua.korrespondent.net%2F&domain=ua.korrespondent.net&url=https%3A%2F%2Fua.korrespondent.net%2F&referrer=&async=1&uid=6607856318
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4373f01790de4633d4f8c1a0c41d9433ff1340b747e3e2b66b5a10e01bf3a251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
gtm.js
www.googletagmanager.com/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P7KPL8
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bcb2af46f36601d7db84a81d1e770cc11ca811479ff5dcbd776cac6d79788aa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40673
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 May 2022 15:45:16 GMT
load
z.cdn.umh.ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1479810766&div=zone_1479810766&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=538&pl=3&mi=4&me=8&hc=4&n=1652802316187&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=1210321059
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
4e116d848d1e92cc4bdabac68198c7fc4685a28dedfd6f5fd1cf097e239e4b20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
989
expires
-1
load
z.cdn.umh.ua/ 		1 KB
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1526170517&div=zone_1526170517&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=538&pl=3&mi=4&me=8&hc=4&n=1652802316187&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=1210321059
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
fe5d9f2d55123ec93199abf0e69784c8de8c7322997556df78e830e389d5a301

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
769
expires
-1
s
h.holder.com.ua/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b2222&c1&r71020515&dholder_2222_hp&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
f33f1bdc9a50e30cf25385e60f566bc63bf2af2931b58283f1db01d5174ffc62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
1365
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3292&c1&r71020515&dholder_300x60_92&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
load
z.cdn.umh.ua/ 		75 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1624934371&div=zone_1624934371&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=538&pl=3&mi=4&me=8&hc=4&n=1652802316187&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=1210321059
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
97cb426b07a50b994eb79c3e0b49d747c69bbdaf5587f55fe6a8f6b5b2e08929

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
xgemius.js
gaua.hit.gemius.pl/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
59b7f3bff218252c356e1b38ae9289a63b4f16a2d8196ea2222e0418b90cfdd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Sun, 15 May 2022 18:49:38 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
14060
expires
Wed, 18 May 2022 03:45:16 GMT
user.hnd
id.korrespondent.net/aut/ 		9 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.korrespondent.net/aut/user.hnd?_1652802316281=
Requested by
Host: jskor.ill.in.ua
URL: https://jskor.ill.in.ua/js/jq/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bc788950c34406808d0a6d40ee7d7a0a585a3cebcd266cb72b1a4a8a252f1331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private
weather.hnd
ua.korrespondent.net/widget/ 		2 KB
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/widget/weather.hnd
Requested by
Host: jskor.ill.in.ua
URL: https://jskor.ill.in.ua/js/jq/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9d929d0768d8e1e18f2873c1d0e0ca3419fae7e33b48aa6707d58472e5ca7d3a

Request headers

Accept
*/*
Referer
https://ua.korrespondent.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 17 May 2022 15:44:17 GMT
server
cloudflare
age
59
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
private
cf-ray
70cd7aacdf6b0221-ZRH
preloader_photo-gray.gif
csskor.ill.in.ua/i/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/i/preloader_photo-gray.gif
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/royalslider.min.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aa850796db9400b694644339634f8708ffd14e3ac9843972954dcb4571dcb939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/royalslider.min.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0ef6440fe69cf1:0"
content-type
image/gif
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
5916
2737567.jpg
kor.ill.in.ua/m/400x253/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2737567.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
401326e10a9b41c8b89fd0e33bfe54f1888453561c01ba11b0a0134131ad9bb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
last-modified
Tue, 17 May 2022 15:36:33 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
48931
expires
Tue, 17 May 2022 15:54:07 GMT
2737559.jpg
kor.ill.in.ua/m/400x253/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2737559.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7782aa4d5b8ba20dccfcb05f6c4ac975766ade3f78c78733aa7fc1a79ccb52c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
last-modified
Tue, 17 May 2022 14:51:16 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
42112
expires
Tue, 17 May 2022 15:59:58 GMT
s
h.holder.com.ua/ 		289 B
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3279&c1&r71020515&dmain_content_400x400&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
d3813995b4ae43ff33a91686d9a113f37aa2e4d9e1b513fcf64b1499a29f4cfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
289
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3285&c1&r71020515&dholder_300x60_85&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3286&c1&r71020515&dholder_300x60_86&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3300&c1&r71020515&dholder_300x60_0&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b7718&c1&r71020515&dholder_300x60_18&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b7719&c1&r71020515&dholder_300x60_19&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b7824&c1&r71020515&dholder_300x100_24&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3684&c1&r71020515&dholder_300x60_84&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b6100&c1&r71020515&dholder_300x30_0&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b8040&c1&r71020515&dholder_300x30_40&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b2890&c1&r71020515&dholder_2890_ros&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		257 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b8420&c1&r71020515&dfixed_news_link_400x30&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
5bfe17d03c4fa3a3c5d162b60567f7b5f376df577767ca2fbfe3b9fdcc25993c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
257
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s
h.holder.com.ua/ 		258 B
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3284&c1&r71020515&dfixed_news_block_400x30&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
48a6f5412ca2a1f5973d757b6bf56d9fcc8ce71bfd96583810a3894385730276

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:16 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
258
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pica.js
ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/scripts/ 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b5e932006850d28519d73f21bb3181a2d7bdbaef79dbb949388c688c1c0e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
70cd7aacffaa0221-ZRH
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1479810766&div=zone_1479810766&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=538&pl=3&mi=4&me=8&hc=4&n=1652802316187&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=1210321059
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f30477c42f896fc40c43e8f76f3f511eb3174db236085efbb1398136ac2f3c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Origin
https://ua.korrespondent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56071
x-xss-protection
0
server
cafe
etag
1991545337243450502
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 17 May 2022 15:45:16 GMT
67.png
ua.korrespondent.net/i/weather/icon/ 		480 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.korrespondent.net/i/weather/icon/67.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
67886b28d90c1245d2cb1b26da3dc8c3c47f56b2bb5c8060fbe8398765281adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2016 11:44:00 GMT
server
cloudflare
age
3448
x-powered-by
ASP.NET
etag
"0c0d08369dbd11:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
cf-ray
70cd7aad0fd70221-ZRH
content-length
480
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1609229-30&cid=590111183.1652802316&jid=548441401&gjid=486418034&_gid=2060306892.1652802316&_u=aGDAgUABAAAAAG~&z=280293722
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 17 May 2022 15:45:16 GMT
content-type
text/plain
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1085232946&t=pageview&_s=1&dl=https%3A%2F%2Fua.korrespondent.net%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUABAAAAAC~&jid=548441401&gjid=486418034&cid=590111183.1652802316&tid=UA-1609229-30&_gid=2060306892.1652802316&gtm=2wg5g0P7KPL8&z=934495535
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 01:34:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51025
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
15573322
fly-request-id
01FMS77QYFR7T91A14VZPZC4YW
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70cd7aaddeac23af-ZRH
achernar.min.js
ad.mox.tv/js/achernar/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/achernar.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 14:47:09 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6213a5ed-2b1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 17 May 2022 16:45:16 GMT
prebid.js
ad.mox.tv/js/achernar/ 		237 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/prebid.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Fri, 22 Apr 2022 10:13:13 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62627fb9-3b3ea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 17 May 2022 16:45:16 GMT
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f5fce810a506822eedbf33946b50aac5c1898f3789343a7f3ca5008270ce0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28366
x-xss-protection
0
server
sffe
etag
"1217 / 532 of 1000 / last-modified: 1652785528"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 May 2022 15:45:16 GMT
swiper-bundle.min.js
unpkg.com/swiper@7.3.0/ 		132 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
15573364
fly-request-id
01FMS76ETJSXZKGZGFZVHH4A5S
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70cd7aaddead23af-ZRH
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcccfc795c98ea2a307307ca4bdbbe6cb36800219ef4471f1118f47570cf210b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56054
x-xss-protection
0
server
cafe
etag
7531088893509496952
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 17 May 2022 15:45:16 GMT
mwayss_invocation.min.css
ad.mox.tv/mox/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-a0a"
vary
Accept-Encoding
content-type
text/css
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
magic.png
bgstats.mox.tv/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=4dc5fc1e-c63d-45de-99c8-8dd4845a7fda&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=4dc5fc1e-c63d-45de-99c8-8dd4845a7fda&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ca49a378-5442-4763-8228-9207153d0f0f&ssp=prodoohmox&gdpr=0&gdpr_consent=
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ca49a378-5442-4763-8228-9207153d0f0f&ssp=prodoohmox&gdpr=0&gdpr_consent=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ca49a378-5442-4763-8228-9207153d0f0f&ssp=prodoohmox&gdpr=0&gdpr_consent=
Date
Tue, 17 May 2022 15:45:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
login.js
id.korrespondent.net/js/ 		27 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.korrespondent.net/js/login.js?v=4
Requested by
Host: id.korrespondent.net
URL: https://id.korrespondent.net/js/profile.js?v=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
018370cdea1810ad5387e8a6f4ea890e03221d4d87b0d412968a23ba0948af98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
etag
"80801572e0e7d51:0"
last-modified
Thu, 20 Feb 2020 11:25:25 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
4896
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1609229-30&cid=590111183.1652802316&jid=548441401&_u=aGDAgUABAAAAAG~&z=16585241
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1609229-30&cid=590111183.1652802316&jid=548441401&_u=aGDAgUABAAAAAG~&z=16585241
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fpdata.js
gaua.hit.gemius.pl/ 		286 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=ua.korrespondent.net
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
f9a785df8c064ce8df30054cd03b53f84dcc735f9abbd90da7d68bcf036b6d55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
286
expires
Thu, 16 Jun 2022 15:45:16 GMT
lsget.html
ls.hit.gemius.pl/ Frame 1E46 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-146-59-30.eu
Software
GHC /
Resource Hash
962e4d27ab1f8b2e0d9d7a2579399478cc47b4dec2923bb7ad6cdab8d6e241cd

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2726
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:16 GMT
etag
PRIVATE7520710249
expires
Thu, 16 Jun 2022 15:45:16 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
gsconf.js
gaua.hit.gemius.pl/ 		67 B
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/gsconf.js?gst=parent&href=ua.korrespondent.net&gsver=326&v=459220
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
e70792957a2d6b9fe4f3b638d557b304e23215b8031d9e14e2f61be37f008399

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
last-modified
Sun, 15 May 2022 18:49:38 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
67
expires
Tue, 17 May 2022 19:45:16 GMT
mwayss_invocation.min.js
ad.mox.tv/mox/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6795&height=250&width=300&tld=korrespondent.net&ctype=iframe
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b2222&c1&r71020515&dholder_2222_hp&hhttps%3A//ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 17 May 2022 16:45:16 GMT
cmeter_an.js
source.mmi.bemobile.ua/cm/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://source.mmi.bemobile.ua/cm/cmeter_an.js
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b2222&c1&r71020515&dholder_2222_hp&hhttps%3A//ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 07:55:53 GMT
server
nginx/1.13.0
etag
W/"5dc27c89-2699"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
expires
Thu, 07 Nov 2019 07:55:53 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame 21BC 		738 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 15:45:16 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc33
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/46506/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:15 GMT
server
nginx
etag
W/"6282426f-5d41"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/46506/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:04 GMT
server
nginx
etag
W/"62824264-12c39"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame E6EE 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 15:45:16 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc33
login_ua.js
id.korrespondent.net/js/lang/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.korrespondent.net/js/lang/login_ua.js
Requested by
Host: jskor.ill.in.ua
URL: https://jskor.ill.in.ua/js/jq/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
89e0c888f3370962831869b407034daafaa6c60858e9f27b95275439c18697c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=86400
expires
Wed, 18 May 2022 01:45:16 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/ 		309 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc479777461be30c9ce37a8105fda097014f91687a457a6a814a1e62a891bb6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112749
x-xss-protection
0
server
cafe
etag
10312653234286603457
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 17 May 2022 15:45:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220509/r20190131/ Frame 8D95 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220509/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57728
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 23:43:08 GMT
etag
1428802124239944296
expires
Mon, 30 May 2022 23:43:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
70cd7aa969970221
ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/cv/result/ 		2 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/cv/result/70cd7aa969970221
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1652799600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
server
cloudflare
cf-ray
70cd7aafcbfe0221-ZRH
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=UTF-8
pubads_impl_2022051201.js
securepubads.g.doubleclick.net/gpt/ 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127621
x-xss-protection
0
last-modified
Thu, 12 May 2022 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 17 May 2023 15:23:45 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		571 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ua.korrespondent.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
77b1332c0394c83625516b21a3e9e7ad11aa4f0b942a9a2f1a583dfd58637d69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Tue, 17 May 2022 15:45:16 GMT
impress
ad.mox.tv/delivery/ 		1 KB
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=iframe&pzoneid=6795&height=250&width=300&tld=korrespondent.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=ua.korrespondent.net&top_url=https%3A%2F%2Fua.korrespondent.net%2F&domain=ua.korrespondent.net&url=https%3A%2F%2Fua.korrespondent.net%2F&referrer=&async=1&uid=3667755134
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6795&height=250&width=300&tld=korrespondent.net&ctype=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b8716d4a21b5bf1b3d9e2523fa7bd2b78e491fdb966caf7faf074977d3374aad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
mwayss_invocation.min.js
ad.mox.tv/mox/ Frame 58FA 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 17 May 2022 16:45:16 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 58FA 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6795&height=250&width=300&tld=korrespondent.net&ctype=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c92ee2460b4063f46ccd0ad0e0a68d212c6b756c4a0ef3a7fdf0afe0989781b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128852
x-xss-protection
0
expires
Tue, 17 May 2022 15:45:16 GMT
mwayss_invocation.min.css
ad.mox.tv/mox/ Frame 58FA 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6795&height=250&width=300&tld=korrespondent.net&ctype=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-a0a"
vary
Accept-Encoding
content-type
text/css
mwayss_invocation.iframe.min.css
ad.mox.tv/mox/ Frame 58FA 		40 B
200 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.iframe.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6795&height=250&width=300&tld=korrespondent.net&ctype=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
334ff4c8e9f20c31bfe49e4f097a08ab9a249180d04b2939832f45eb594eb835

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-28"
vary
Accept-Encoding
content-type
text/css
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
magic.png
bgstats.mox.tv/ 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
rexdot.js
gaua.hit.gemius.pl/__/_1652802316837/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1652802316837/rexdot.js?l=100&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fua.korrespo...
  • https://gaua.hit.gemius.pl/__/_1652802316837/rexdot.js?l=100&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fua.korre...
169 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1652802316837/rexdot.js?l=100&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fua.korrespondent.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=hRragNyv9UvdvsMVtFGLd5YJ.X8.HyE0HvX7u.C1GLj.67mvi6rrzYT.7n3D.ITxqF8oLd88xe9UsagHIEkST6UyGLpY/QBbphRdJXwQJO/&ltime=392&fpdata=J4cl7T2tpccWLrHwPF5JNK1zJS9L8K0KKQnEIo0GevT.A7&fpcap=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
360a720ac17ed5ade4796a5d512785e8a1691bd41a03ed352b19bc61e8708f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Mon, 16 May 2022 15:45:16 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:16 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1652802316837/rexdot.js?l=100&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fua.korrespondent.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=hRragNyv9UvdvsMVtFGLd5YJ.X8.HyE0HvX7u.C1GLj.67mvi6rrzYT.7n3D.ITxqF8oLd88xe9UsagHIEkST6UyGLpY/QBbphRdJXwQJO/&ltime=392&fpdata=J4cl7T2tpccWLrHwPF5JNK1zJS9L8K0KKQnEIo0GevT.A7&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 16 May 2022 15:45:16 GMT
cm.js
source.mmi.bemobile.ua/cm/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://source.mmi.bemobile.ua/cm/cm.js
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cmeter_an.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 07:55:53 GMT
server
nginx/1.13.0
etag
W/"5dc27c89-d0f6"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
expires
Thu, 07 Nov 2019 07:55:53 GMT
cookie.js
partner.googleadservices.com/gampad/ 		221 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ua.korrespondent.net&callback=_gfp_s_&client=ca-pub-3755662197386269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e6d0e4c0b09906b858573f6ff4f1dd3918583945e160b64152928aba0219b441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6651 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1652802316&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fua.korrespondent.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316588&bpp=2&bdt=766&idt=275&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3644822342989&frm=20&pv=2&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=293
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:16 GMT
expires
Tue, 17 May 2022 15:45:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
ads
securepubads.g.doubleclick.net/gampad/ 		468 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2444593629601941&correlator=4011895245281313&eid=44761478%2C31067418&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_korrespondent.net_S_WW_336x280&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C336x280%7C336x90%7C321x123%7C320x100%7C320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=1177607553&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie_enabled=1&abxe=1&dt=1652802316932&lmt=1652802316&dlt=1652802315822&idt=1070&biw=1600&bih=1200&adxs=-168&adys=1208&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fua.korrespondent.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&fws=516&ohw=0&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=true&btvi=1&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
350d9bab3c54cd09958b9d95e7882f3c5e88c2323ed19babeb77aa0db79f8620
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
257
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D263 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:17 GMT
expires
Wed, 17 May 2023 15:45:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dsp.aspx
inv-nets.admixer.net/ 		222 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=1058051543975526.8&cpv=719ccf9b-6489-e81c-2e87-5877af990bcb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22cf17cfca-c89b-2fc5-6b82-e6d895bafc6d%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fua.korrespondent.net%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229c8fb8c5-ed20-4bc8-4aa4-6c76a7434e01%22%2C%22tagid%22%3A%22e5fd91e8-bd2f-4dfd-8828-56f30e9914b6%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1624934371%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
ab21256b0fee24a9396d78685a709e2edd14fea375edf027c77ee91fc017144f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:16 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
201
X-Xss-Protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3E6B 		75 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03e62b611d0cc4ae0043306a29f2db89af57a5531cc964777f7e3f2cfeaa4bde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
30030
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:17 GMT
expires
Tue, 17 May 2022 15:45:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
impress
ad.mox.tv/delivery/ Frame 58FA 		20 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=6798&height=250&width=300&tld=korrespondent.net&in_iframe=1&position=atf&screen_width=1600&screen_height=1200&top_domain=ua.korrespondent.net&top_url=https%3A%2F%2Fua.korrespondent.net%2F&domain=ua.korrespondent.net&url=https%3A%2F%2Fua.korrespondent.net%2F&referrer=&async=1&uid=131828921
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
20654cacd8e8a745c47b379e36214de8b8f36caf7686f30c53635104117c754c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
ads
googleads.g.doubleclick.net/pagead/ Frame 6558 		75 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
376c33f66aa93b7175101c8b60fdf2aeec312a8b47aad53a3139656fe9ae29d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
30408
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:17 GMT
expires
Tue, 17 May 2022 15:45:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cds.js
pa.tns-ua.com/viewability/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cds.js
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
last-modified
Wed, 17 Jul 2019 12:54:29 GMT
server
nginx/1.16.0
accept-ranges
bytes
etag
"5d2f1a85-9c3"
content-length
2499
content-type
application/javascript; charset=utf-8
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/46506/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:20 GMT
server
nginx
etag
W/"62824274-702f"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/46506/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:21 GMT
server
nginx
etag
W/"62824275-a793"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/46506/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:13 GMT
server
nginx
etag
W/"6282426d-326c"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
7103cce7fa6705169441.b.js
cdn.admixer.net/scripts3/46506/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/7103cce7fa6705169441.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:12 GMT
server
nginx
etag
W/"6282426c-2a79"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
5927ef40e4a80e0040be.b.js
cdn.admixer.net/scripts3/46506/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:11 GMT
server
nginx
etag
W/"6282426b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ Frame 58FA 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
ad.outstream.today/delivery/ Frame 58FA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=4dc5fc1e-c63d-45de-99c8-8dd4845a7fda&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3Dca49a378-5442-4763-8228-9207153d...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=08ac6283-c30c-4700-ad53-d22713a8b510&expires=30&ssp=prodoohmox&bsw_param=ca49a378-5442-4763-8228-9207153d0f0f&gdpr=0&gdpr_consent=
  • https://ad.mox.tv/delivery/sync?userid=ca49a378-5442-4763-8228-9207153d0f0f
  • https://ad.mediawayss.com/delivery/sync?userid=ca49a378-5442-4763-8228-9207153d0f0f&inner_redirect=1&inner_uuid=4dc5fc1e-c63d-45de-99c8-8dd4845a7fda&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
  • https://ad.outstream.today/delivery/sync?userid=ca49a378-5442-4763-8228-9207153d0f0f&inner_redirect=1&inner_uuid=4dc5fc1e-c63d-45de-99c8-8dd4845a7fda&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
0
0
swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ Frame 58FA 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
15573323
fly-request-id
01FMS77QYFR7T91A14VZPZC4YW
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70cd7ab19d7423af-ZRH
achernar.min.js
ad.mox.tv/js/achernar/ Frame 58FA 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/achernar.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 14:47:09 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6213a5ed-2b1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 17 May 2022 16:45:17 GMT
prebid.js
ad.mox.tv/js/achernar/ Frame 58FA 		237 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/prebid.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
last-modified
Fri, 22 Apr 2022 10:13:13 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62627fb9-3b3ea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 17 May 2022 16:45:17 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 58FA 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f5fce810a506822eedbf33946b50aac5c1898f3789343a7f3ca5008270ce0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28366
x-xss-protection
0
server
sffe
etag
"1217 / 950 of 1000 / last-modified: 1652785528"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 May 2022 15:45:17 GMT
swiper-bundle.min.js
unpkg.com/swiper@7.3.0/ Frame 58FA 		132 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
15573365
fly-request-id
01FMS76ETJSXZKGZGFZVHH4A5S
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70cd7ab1ad7923af-ZRH
/
onetag-sys.com/usync/ Frame 35F1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
42d6bd1ae33583571053a66dff105cdf8e752a30c4bc64d28b6679d07cd8782c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1378
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
magic.png
bgstats.mox.tv/ Frame 58FA 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
/
onetag-sys.com/match/ Frame 35F1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Tue, 17 May 2022 15:45:17 GMT
Server
MT3 4409 ba5503e master zrh-pixel-x30 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=1&uid=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 17 May 2022 15:45:16 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 35F1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
1274270525133315898
onetag-sys.com/sync/i,34/ Frame 35F1
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match?party=1167&cid=RkwF1xx8hQyouCwMAfXvtFhzW730jnoEzStRYFtLW70
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=RkwF1xx8hQyouCwMAfXvtFhzW730jnoEzStRYFtLW70
  • https://onetag-sys.com/sync/i,34/1274270525133315898
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,34/1274270525133315898
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
server
nginx
location
https://onetag-sys.com/sync/i,34/1274270525133315898
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
onetag-sys.com/match/ Frame 35F1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7526226888202003154
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7526226888202003154
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:17 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8aae0bef-6bb7-472a-820d-d6aac81fb3a5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7526226888202003154
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 35F1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=RkwF1xx8hQyouCwMAfXvtFhzW730jnoEzStRYFtLW70
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 35F1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgNKx6zIXdSPrB2asis_ZWz9pBD1cH1FgMA
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgNKx6zIXdSPrB2asis_ZWz9pBD1cH1FgMA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgNKx6zIXdSPrB2asis_ZWz9pBD1cH1FgMA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 35F1 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 35F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 35F1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RkwF1xx8hQyouCwMAfXvtFhzW730jnoEzStRYFtLW70
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RkwF1xx8hQyouCwMAfXvtFhzW730jnoEzStRYFtLW70
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
64K4N60XBGS865JE13TD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RkwF1xx8hQyouCwMAfXvtFhzW730jnoEzStRYFtLW70
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 35F1 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:16 GMT
content-length
0
/
onetag-sys.com/match/ Frame 35F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJrEsf1_MH-Prm6zOVybXhw&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJrEsf1_MH-Prm6zOVybXhw&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJrEsf1_MH-Prm6zOVybXhw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 35F1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ
  • https://ups.analytics.yahoo.com/ups/58488/occ?verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-f6b7eI5E2uGJEr1mIwuH3Ri5627Qpr4OkyEVycI-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-f6b7eI5E2uGJEr1mIwuH3Ri5627Qpr4OkyEVycI-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-f6b7eI5E2uGJEr1mIwuH3Ri5627Qpr4OkyEVycI-~A
date
Tue, 17 May 2022 15:45:17 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 35F1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=ca49a378-5442-4763-8228-9207153d0f0f&google_hm=Y2E0OWEzNzgtNTQ0Mi00NzYzLTgyMjgtOTIwNzE1M2QwZjBm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJk_N0oNQw60QLTIzXlj8vw&google_cver=1&ssp=onetag&bsw_param=ca49a378-5442-4763-8228-9207153d0f0f
  • https://onetag-sys.com/match/?int_id=30&uid=ca49a378-5442-4763-8228-9207153d0f0f&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=ca49a378-5442-4763-8228-9207153d0f0f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=ca49a378-5442-4763-8228-9207153d0f0f&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 17 May 2022 15:45:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
magic.png
bgstats.mox.tv/ Frame 35F1 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png?RkwF1xx8hQyouCwMAfXvtFhzW730jnoEzStRYFtLW70
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
pubads_impl_2022051201.js
securepubads.g.doubleclick.net/gpt/ Frame 58FA 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127621
x-xss-protection
0
last-modified
Thu, 12 May 2022 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 17 May 2023 15:23:45 GMT
truncated
/ Frame 58FA 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
prebid.1.2.aspx
inv-nets.admixer.net/ Frame 58FA 		42 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:17 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://ua.korrespondent.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
a.min.js
0.code.cotsta.ru/dist/ Frame 0A51 		290 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0.code.cotsta.ru/dist/a.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/achernar.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.119.59.4 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
353757-ce44784.tmweb.ru
Software
nginx/1.14.1 /
Resource Hash
52843d80d9ae9d8b68ec95209a51d1cf09949d770d786ac40a859a4dd92e1188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:51:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 May 2022 11:47:04 GMT
Server
nginx/1.14.1
ETag
W/"628239b8-489a3"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
c
prebid.a-mo.net/a/ Frame 58FA 		0
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Tue, 17 May 2022 15:45:17 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
111
vary
origin, Accept-Encoding
integrator.js
adservice.google.de/adsid/ Frame 58FA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 58FA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 58FA 		471 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948631371613234&correlator=1951440058520999&eid=31067526&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_korrespondent.net_banner_300x250_fixed_C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=1&adks=3587731689&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3D5dc5d84568a6b3a0-22ed4bb096cd0032%3AT%3D1652802316%3ART%3D1652802316%3AS%3DALNI_MaGP0hGPNNXGPa_2HfboOvm2NfsQQ&cdm=ua.korrespondent.net&abxe=1&dt=1652802317192&lmt=1652802317&dlt=1652802316827&idt=322&biw=1600&bih=1200&isw=300&ish=250&adxs=2725&adys=911&ucis=yo2mrporrkr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=1800x-1&msz=1800x-1&fws=260&ohw=300&ea=0&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=299451047&ga_fc=true&btvi=0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
16b71c76d319bc7418cb1f850239d4c6cbe2072d6e2ee3e51f10df9798f635ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 58FA 		90 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948631371613234&correlator=1951440058520999&eid=31067526&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_korrespondent.net_banner_300x250_fixed_C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=2&adks=1431293351&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D5dc5d84568a6b3a0-22ed4bb096cd0032%3AT%3D1652802316%3ART%3D1652802316%3AS%3DALNI_MaGP0hGPNNXGPa_2HfboOvm2NfsQQ&cdm=ua.korrespondent.net&abxe=1&dt=1652802317196&lmt=1652802317&dlt=1652802316827&idt=322&biw=1600&bih=1200&isw=300&ish=250&adxs=4525&adys=911&ucis=8jerb85ak8zr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=1800x-1&msz=1800x-1&fws=260&ohw=300&ea=0&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=299451047&ga_fc=true&btvi=0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
2f027321b44909e60a1d55b151050edc557341df591a1820f0492332d4d9dcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37952
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 58FA 		463 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948631371613234&correlator=1951440058520999&eid=31067526&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Ckorrespondent.net_banner_300x250_fixed_C_%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=3&adks=2728105711&sfv=1-0-38&ecs=20220517&fsapi=false&sc=1&cookie=ID%3D5dc5d84568a6b3a0-22ed4bb096cd0032%3AT%3D1652802316%3ART%3D1652802316%3AS%3DALNI_MaGP0hGPNNXGPa_2HfboOvm2NfsQQ&cdm=ua.korrespondent.net&abxe=1&dt=1652802317199&lmt=1652802317&dlt=1652802316827&idt=322&biw=1600&bih=1200&isw=300&ish=250&adxs=6325&adys=911&ucis=3gu06j1o1dni&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=1800x-1&msz=1800x-1&fws=260&ohw=300&ea=0&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=299451047&ga_fc=true&btvi=0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
8a76e6c4d6dc5bfe0c96b2515e545c1c3862ee28ca9448cb33e5ca73138bda90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 58FA 		89 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948631371613234&correlator=1951440058520999&eid=31067526&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Ckorrespondent.net_banner_300x250_fixed_C&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=2071096867&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm46%26yb_tt%3Dtt9%26yb_ff%3D1%26yb_th%3D7%26yb_tm%3D45%26yb_wd%3D2&sc=1&cookie=ID%3D5dc5d84568a6b3a0-22ed4bb096cd0032%3AT%3D1652802316%3ART%3D1652802316%3AS%3DALNI_MaGP0hGPNNXGPa_2HfboOvm2NfsQQ&cdm=ua.korrespondent.net&abxe=1&dt=1652802317202&lmt=1652802317&dlt=1652802316827&idt=322&biw=1600&bih=1200&isw=300&ish=250&adxs=8125&adys=911&ucis=a7pix3rg84xa&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=1800x-1&msz=1800x-1&fws=260&ohw=300&ea=0&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=299451047&ga_fc=true&btvi=0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
9f774258fe6cd767d6737d1828e8b693a94a0be3f575caac1dfb442ca2f82255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37880
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 58FA 		89 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948631371613234&correlator=1951440058520999&eid=31067526&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=21621488598%2CMAT_korrespondent.net_banner_fixed_b&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=476880845&sfv=1-0-38&ecs=20220517&fsapi=false&sc=1&cookie=ID%3D5dc5d84568a6b3a0-22ed4bb096cd0032%3AT%3D1652802316%3ART%3D1652802316%3AS%3DALNI_MaGP0hGPNNXGPa_2HfboOvm2NfsQQ&cdm=ua.korrespondent.net&abxe=1&dt=1652802317204&lmt=1652802317&dlt=1652802316827&idt=322&biw=1600&bih=1200&isw=300&ish=250&adxs=13525&adys=911&ucis=v1i615zfet8w&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=1800x-1&msz=1800x-1&fws=260&ohw=300&ea=0&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=299451047&ga_fc=true&btvi=0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
750ba934ff752a7b8302c0e7dad6945bfae670de702c4c75dfaa63e8918ac283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37933
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 58FA 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a9c5fcb19e6fcd28a891cdaf109711a7c543dd02fca5cf477d7006f91966256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10573
x-xss-protection
0
container.html
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FA67 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:17 GMT
expires
Wed, 17 May 2023 15:45:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cm.html
pa.tns-ua.com/viewability/ Frame 7260 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cm.html
Requested by
Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 15:45:17 GMT
etag
W/"5d2f1a85-b5f"
last-modified
Wed, 17 Jul 2019 12:54:29 GMT
server
nginx/1.16.0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		90 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2444593629601941&correlator=4011895245281313&eid=44761478%2C31067418&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_korrespondent.net_S_WW_336x280&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C336x280%7C336x90%7C321x123%7C320x100%7C320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=1835401595&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3Db0151d092b68d7a9-2228c7c596cd00ed%3AT%3D1652802316%3AS%3DALNI_MZlrnKSBusVp7KU9AN8XNCOMB5qPA&abxe=1&dt=1652802317260&lmt=1652802317&dlt=1652802315822&idt=1070&biw=1600&bih=1200&adxs=-168&adys=1208&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fua.korrespondent.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&fws=516&ohw=0&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=true&btvi=2&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
5136442fb8b8553eab91008ed21f7bbf5eb3dbd22b6a4db9499b4652a145be60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38179
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 58FA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:18 GMT
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 17 May 2022 15:45:17 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=63F2E75B267F4B2F86726480FEE1AC7B&time=1652802317051&location=https%3A%2F%2Fua.korrespondent.net%2F&referrer=&is_flash=0&session_id=527415005&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm,holder&param1=~cm_timer~&param2=0&param3=1200&param5=1&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 May 2022 15:45:17 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
pic.gif
pa.tns-ua.com/bug/ 		56 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?uid=63F2E75B267F4B2F86726480FEE1AC7B&time=1652802317301
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
cache-control
no-cache
server
nginx/1.16.0
expires
Thu, 01 Jan 1970 00:00:00 GMT
3575610951193080629
tpc.googlesyndication.com/simgad/ Frame 3E6B 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3575610951193080629?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkobhMnpIkN1XG0hJ8Fz9UaF2CP9A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1e6299b667f2846ab9229cbaa1ffc9c0d6d1c5fbf7797d7180928413f44406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 21:33:23 GMT
x-content-type-options
nosniff
age
238314
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32581
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 08:22:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 14 May 2023 21:33:23 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 3E6B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:34:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
634
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7989
x-xss-protection
0
server
cafe
etag
11406487492938680093
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:34:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 3E6B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3E6B 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 3E6B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:37:49 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 3E6B 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d7c7efab021e9e62bc332cdffc52226ac5bb888cfa76bfde4a3a183159b4bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 22:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62774
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12360
x-xss-protection
0
server
cafe
etag
2640822135664651074
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 22:19:03 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3E6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cj-3lDcODYoTZAq-H_tMP6vqKuA6I8_r9aZWBvbu7D9vZHhABIMbgi3lgleKQgqAHoAH62ZqnAcgBAqkC_m15dxcRcT6oAwHIA8kEqgT3AU_QIqqHcDeYrRExvRcKgvg8QmYBHWuoDsjyFcN3eb70gWBf5HKn5VIiRy970eGH_gUIF7U7_kKHqRj3rZj4thwIrlWGa3SJQAN5IqUrHwtLubgYP6VbIsQU5lN0Yoru0ALKh9cxg2C0WKX7nE0PU5MTP3dMt6qQGkeY6o015IAHWtRwyZ5Vu_MhE7IfVgdyejZ7Z8V5mvbK1Ja0p8KCoafez-7SHtp9RXNRIxRwkDz-7GQ-H8gkptRtVDNDBUWoqEHkfq2OFQqNvqYuFzTpBakce5GSy_9xQU-xi9WxHXHqpcfw6rmrRw_n9duDvoyyVzt0-oxJulXABJiQzbr9A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfupeXYAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKq7AdIICQiA4YBwEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNzU1NjYyMTk3Mzg2MjY5GAA&sigh=WLhfcmu066E&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 17 May 2022 15:45:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame A752 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1207
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 15:25:10 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3E6B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07551816dea2f38b7f556eaf77f2b3fa230a41c939b1c17554c00f4eaaa58396

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
container.html
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8FF1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:17 GMT
expires
Wed, 17 May 2023 15:45:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ Frame 58FA 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=TjkxTXlIUnV0WUJwT1pBUjYrVlZHNG5vbmdzR3NxY1hlcEhVaDhoT2lvSXg1c0hQakhlaUtHTFJzZEVBNUM4bXREQkNXZEtOV0NpOW1CRkIrVk5XT2Q4N0lIUGFLQm1WbU91dmhGMkdCMDRpS2EvVTZwMUlJWUtFZTM4bHhxdzVYT1o1amRuZkN5bWJrZnVsbGFabTBvVkxBeU1IN0ZtVVFDME5zZGdVK0lMZXIwTHlBc2RDem9YVFZVUnl0QmxQb1lPckpmOXFCSXEzVlNHbWRYRTB2eXhES3FsbjVDdGdBQjJiZEU2WjExOC9uaTF0YnBmQXhQU0pNeDBNMTJJd3F2N1h2QkJhYi94bDVKc2RGQytibUE9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=3&event=js_init&ex_pl_id=none&pl_id=none
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:17 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
getPartnership
a.cotsta.ru/ Frame 0A51 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.cotsta.ru/getPartnership?title=&keywords=&description=&os=Windows&viewport_width=1200&viewport_height=1600&browser_name=Chrome&browser_version=101&language=en-US&timezone=0&init_ref=&user_hash=YlR5cGU9Q2hyb21lJmJWZXJzaW9uPTEwMSZyV2lkdGg9MTIwMCZySGVpZ2h0PTE2MDA%3D&ref=https%3A%2F%2Fua.korrespondent.net%2F
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
176.9.4.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.4.9.176.clients.your-server.de
Software
nginx/1.14.1 / PHP/7.4.16
Resource Hash
5404158b417ec369621fc553149a985782368cb836bc8b6d96877aaded50892f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:17 GMT
Content-Encoding
gzip
Server
nginx/1.14.1
X-Powered-By
PHP/7.4.16
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=0&event=server_request&ex_pl_id=none&pl_id=none
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:17 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
container.html
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FA20 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:17 GMT
expires
Wed, 17 May 2023 15:45:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ Frame 58FA 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=UStOWFF2K0hMY0NYUlVCUWhpSmNlQVc4NWdWQ1JCSEUveEhVbXdicTdJMEJ0MFNaSmtWR3FNcHd5NlFTVVVNKytTYXlwVmZKRC9iZDdPRDBodzBOVUp1MVl4cy8vQUt0clJZY0loN0I4ckJ3bWhDKzM3LzlKVWp4Q3BPMiszSmpvdTZkcmlmY1p3b29IWnI5K0F5UENQcUZSZmZNSUZ1aXczeEJQekRnMmdrelJaZVlHaHlPTUtwSytQOXBQd010RU9NTkUvTU80UG5sWFJLK2pKMmNHMWZIc0YwMVJvVElZcHpLWGxYQzcvVSttN3Bmbm4xNTFNY0dtU3N0SGI3Ng%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4AD3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:17 GMT
expires
Wed, 17 May 2023 15:45:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=SFNId0s1bCtaSGYvaWtmdkJsUHRTOG9pOEVWZWVIa2NsbVNVV1plTFlHL0daWnpKTEpLT1FDQ3FXUm5pVU5sWTQ4R0xLN0Q5WnFETHVJeTM0cVlLQzJ2ZG9uSm5RZTFBYUxoS1JTZUN0VmVLenEwek9PNU52RVB3aXgyRGtCL1BYR1Z3dWlCRjBRVHZQakw5a2dtMnYwUHlCVFlleWJnVkE4VFVWVjBMcnJ4RVh6K3R4WjNtaEo5MW5UWnJweVJnSlRFSWl3TktoUnl5TUFXN2RPc1phcXRuNFRkVytVcFBoTDhjWGZUYjFacDJuUWtuZkRSSnZobFZWMnkwQnNTZQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
9896514671450073371
tpc.googlesyndication.com/simgad/ Frame 6558 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9896514671450073371
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
730fa969cf7402b26778d3e0b24149f1a439f0e8ac5863ae518d069e383b167b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 14 May 2022 13:23:07 GMT
x-content-type-options
nosniff
age
267730
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25559
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 14:20:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 14 May 2023 13:23:07 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 6558 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:34:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
634
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7989
x-xss-protection
0
server
cafe
etag
11406487492938680093
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:34:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 6558 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6558 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 6558 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:37:49 GMT
l
www.google.com/ads/measurement/ Frame 6558 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzn5JtcVyIKAP7cwS5jHBjutxHGFNZ1HzRgODCoFOpZuFAJxpBHpQhaWX1_OQKqFrKEouS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 6558 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d7c7efab021e9e62bc332cdffc52226ac5bb888cfa76bfde4a3a183159b4bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 22:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62774
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12360
x-xss-protection
0
server
cafe
etag
2640822135664651074
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 May 2022 22:19:03 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6558 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COxiKDcODYuWhBNST_tMPruCpuAq49JGQac-1vsrpD5aCzYWIFhABIMbgi3lgleKQgqAHyAEDqQJrWt1WQq6xPqgDAcgDyQSqBPoBT9BMUv_drjetZLeh3Ya-9wytI20NVm46QUm358sL8HErdIyTIPKPPyI3eIsnVwWKJ6LkYSkTEr8OUvf5Tl9Zref-UPABIqa_dvqR7xlN4UD6slmYWBHt9zPEnKvCxLzbuavxvmEt13m3ts84gy5xwSIgmQpAPo3VQxJGVrUyeY9ZFt2iGKZx3zKJ3_0OHgkhiJ3kfZoY5BHuMfvi0wyjMvCJUv6bYJwqNm0zAZzBQ9u1X3iD2NDLPfZ4ikZfpeDSimPzOs0cH6P6wUq4xqDD7wd-S9NczYZql6T4WA_5gzbNlaf9xPh7YzvaLuAT9-aY1mXW-1w_gr0ZI8AEm6et2ooEkgUECAQYAZIFBAgFGASgBgOAB9ar7p4DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQs7MG0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTM3NTU2NjIxOTczODYyNjkYAA&sigh=40prwGg8ul8&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 17 May 2022 15:45:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
header-bidding.js
yandex.ru/ads/system/ Frame 0A51 		127 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
45a90e8f949aa477d2b2e8defc40eb87ba0f28d80e7a69ffebec47eaa74452c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1652802317844281-15285462375653860270-vla1-4283-vla-l7-balancer-8080-BAL-2560
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 17 May 2022 16:45:17 GMT
p4.41.0.js
0.code.cotsta.ru/dist/ Frame 0A51 		281 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0.code.cotsta.ru/dist/p4.41.0.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.119.59.4 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
353757-ce44784.tmweb.ru
Software
nginx/1.14.1 /
Resource Hash
9d2ae8c80a6f17e7068957051ed9b2de5217215c2741b2671f3ae1a1e9ea4922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:51:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Jun 2021 11:49:04 GMT
Server
nginx/1.14.1
ETag
W/"60b8c1b0-46548"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0A51 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
481
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0ZWGTQ0536ATXF27A31F
date
Tue, 17 May 2022 15:37:16 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
p57M59L947pDx8Ad4VIj73NWhDQGB_2M7aITSZ4pY8Ipg2RhSmwt3Q==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0A51 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
3f5fce810a506822eedbf33946b50aac5c1898f3789343a7f3ca5008270ce0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28366
x-xss-protection
0
server
sffe
etag
"1217 / 256 of 1000 / last-modified: 1652785528"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 May 2022 15:45:17 GMT
code.js
top-fwz1.mail.ru/js/ Frame 0A51 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Wed, 22 Dec 2021 12:22:53 GMT
server
nginx
etag
W/"61c3189d-6a23"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Tue, 17 May 2022 16:45:17 GMT
tag.js
mc.yandex.ru/metrika/ Frame 0A51 		202 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
br
last-modified
Fri, 13 May 2022 14:20:22 GMT
etag
"627e3ef6-1149e"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
70814
expires
Tue, 17 May 2022 16:45:17 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=103&event=document_ready&ex_pl_id=none&pl_id=none
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:17 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9034 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNW8GdSif9vPf8uEsobf3FGEMeRpBjyuaUIIpSiZL4ddxI9TrgRw6QNNCQPEtM4Jz5im6c5lfFXWlXLhCEj34wFqbRuXRBGogwvPPoYvUm2YXvsWGeUK4VKbNMHkIfm9rr-vLRWB-vSvsBzGU2kk8BpZwVq0N4xDdBDEMqvht8ViG0ekD3s
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8FF1 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
Origin
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 8FF1 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:26:27 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 8FF1 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7989
x-xss-protection
0
server
cafe
etag
11406487492938680093
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:17:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FF1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B2Kl16DdYInPHMniU0omlQNuCp3Zy3mUboOWR2UdSNEE0cjFSKJbSyGI3jyGi3ncZDbES55XPxDs8BEUOPDp-JR19gPOE8ZrMO6mJ2vYzFuvBtqOM
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 8FF1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8FF1 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 8FF1 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:37:49 GMT
l
www.google.com/ads/measurement/ Frame 8FF1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaStp8Xm4dT7-p_MQNQG8k5DcTV_ONOB22ozhMXEc5MktCiX6JhKDSaOOHpIQVBB_61lpwd5hU9t4jnEXzlOrBfvsoG-zw
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=104&event=ad_apply&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:17 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9FF2 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYrrLbyQEwAQ&v=APEucNV7IwRCBpF4svWBqyWWvSxh6Vyrth2v2_ybt5zscjNSeWikiXnbvXLibs0MshiEqoXp01diOpycphnj6x5HihRhvC_4GxCLfrbSA7UYsycf-fGg6PkUM5An1NFSxrTNwkUFPdrfpfL5XWin8-1jBZaBr57JeUHlA_loj1nLKUlVRpUUQo6NNE5VjlW03yYwOPd1iWs0
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame FA20 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
Origin
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame FA20 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:26:27 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame FA20 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7989
x-xss-protection
0
server
cafe
etag
11406487492938680093
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:17:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA20 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ABPgDIST8_Mt7PaRRN5hxgxn8RNtBaBDRciVSF33jWSPri6C3YWkM6tdyWqC34lkv-138CWEBCrQP-EYoK2wy8gTni-UOiqrhTkeoXFcdSE6uOFo0
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame FA20 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FA20 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame FA20 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:37:49 GMT
l
www.google.com/ads/measurement/ Frame FA20 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcJtAfWr_FfDf69IppfmBNP_ZbdIo3qrQ8I2MkSP1_900VZsoiwM1DvxmJ08RwfQ5t44qB62gFgYhHMXoCz1D1nGXqHg
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame F314 		586 B
315 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNUr_9WpolcfaKHDEDtUZeL9tk84BPoTUYMe5Ghr_5hp1xiI2DVZWQmzMsGkIM32NI_uLcfPC2Qt3YcrHgB0pfPvAhW5jQmOHHipt6VSwW5tKdUspXNYrmr37vmwqmQ6BHhC63B2qJyeP2Lc8sMMpn4_wJgM77HEb4p-nC_JUtODIadJTQo
Requested by
Host: cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
URL: https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
294
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 4AD3 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
Origin
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 4AD3 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:26:27 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 4AD3 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7989
x-xss-protection
0
server
cafe
etag
11406487492938680093
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:17:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AD3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CCOVr5odT9rB8cL3UyadPzgBsnHFbkX06NnznpE5quNkSdXcWWhwuxYJ9oDOsNSkXqA21OWIEQG4BlBI568rLIr3LX1aN2EMeDWTj4lF9Z6UjAPdc
Requested by
Host: cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
URL: https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 4AD3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
URL: https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4AD3 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
URL: https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 4AD3 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
URL: https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:37:49 GMT
l
www.google.com/ads/measurement/ Frame 4AD3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaShe2MFVmFcSxAeLbS0XY0OjapMbPNHMRf1QjBSLld5GvYQOg2eA950TeQm4hH97N-k662920Xjqknp8dfpvag9x86ToA
Requested by
Host: cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
URL: https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame A752
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 15:45:17 GMT
expires
Tue, 17 May 2022 15:45:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 15:45:17 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame E92B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1652802316&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316590&bpp=1&bdt=768&idt=354&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qSUspY2IXR&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E843 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1207
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 15:25:10 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 9034
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOzHwVPv1CLTPXettispnM&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOzHwVPv1CLTPXettispnM&google_cver=1&C=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOzHwVPv1CLTPXettispnM&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNW8GdSif9vPf8uEsobf3FGEMeRpBjyuaUIIpSiZL4ddxI9TrgRw6QNNCQPEtM4Jz5im6c5lfFXWlXLhCEj34wFqbRuXRBGogwvPPoYvUm2YXvsWGeUK4VKbNMHkIfm9rr-vLRWB-vSvsBzGU2kk8BpZwVq0N4xDdBDEMqvht8ViG0ekD3s
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:17 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOzHwVPv1CLTPXettispnM&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Tue, 17 May 2022 15:45:17 GMT
rum
dsum-sec.casalemedia.com/ Frame 9034
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoPDDVm4dy03i1pX65qZQwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOzHwVPv1CLTPXettispnM&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOzHwVPv1CLTPXettispnM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNW8GdSif9vPf8uEsobf3FGEMeRpBjyuaUIIpSiZL4ddxI9TrgRw6QNNCQPEtM4Jz5im6c5lfFXWlXLhCEj34wFqbRuXRBGogwvPPoYvUm2YXvsWGeUK4VKbNMHkIfm9rr-vLRWB-vSvsBzGU2kk8BpZwVq0N4xDdBDEMqvht8ViG0ekD3s
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:18 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHOzHwVPv1CLTPXettispnM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9034
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENNyEjiQHZxM8ty9ZTHfdJM&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENNyEjiQHZxM8ty9ZTHfdJM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNW8GdSif9vPf8uEsobf3FGEMeRpBjyuaUIIpSiZL4ddxI9TrgRw6QNNCQPEtM4Jz5im6c5lfFXWlXLhCEj34wFqbRuXRBGogwvPPoYvUm2YXvsWGeUK4VKbNMHkIfm9rr-vLRWB-vSvsBzGU2kk8BpZwVq0N4xDdBDEMqvht8ViG0ekD3s
Protocol
HTTP/1.1
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:17 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d4170841-22df-4e39-9548-bff3286d9a15
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENNyEjiQHZxM8ty9ZTHfdJM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9034
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzUyNjIyNjg4ODIwMjAwMzE1NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzUyNjIyNjg4ODIwMjAwMzE1NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNW8GdSif9vPf8uEsobf3FGEMeRpBjyuaUIIpSiZL4ddxI9TrgRw6QNNCQPEtM4Jz5im6c5lfFXWlXLhCEj34wFqbRuXRBGogwvPPoYvUm2YXvsWGeUK4VKbNMHkIfm9rr-vLRWB-vSvsBzGU2kk8BpZwVq0N4xDdBDEMqvht8ViG0ekD3s
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:17 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ddecd7bd-5b3a-4669-84f4-da92e7668df4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzUyNjIyNjg4ODIwMjAwMzE1NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9FF2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP9EnVbnu9r85XQrN-wVCgc&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP9EnVbnu9r85XQrN-wVCgc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYrrLbyQEwAQ&v=APEucNV7IwRCBpF4svWBqyWWvSxh6Vyrth2v2_ybt5zscjNSeWikiXnbvXLibs0MshiEqoXp01diOpycphnj6x5HihRhvC_4GxCLfrbSA7UYsycf-fGg6PkUM5An1NFSxrTNwkUFPdrfpfL5XWin8-1jBZaBr57JeUHlA_loj1nLKUlVRpUUQo6NNE5VjlW03yYwOPd1iWs0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
via
1.1 google
server
OXGW/18.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP9EnVbnu9r85XQrN-wVCgc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 9FF2 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYrrLbyQEwAQ&v=APEucNV7IwRCBpF4svWBqyWWvSxh6Vyrth2v2_ybt5zscjNSeWikiXnbvXLibs0MshiEqoXp01diOpycphnj6x5HihRhvC_4GxCLfrbSA7UYsycf-fGg6PkUM5An1NFSxrTNwkUFPdrfpfL5XWin8-1jBZaBr57JeUHlA_loj1nLKUlVRpUUQo6NNE5VjlW03yYwOPd1iWs0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 9FF2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEMizZYSoUTedvzDzXI2x-9A&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEMizZYSoUTedvzDzXI2x-9A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYrrLbyQEwAQ&v=APEucNV7IwRCBpF4svWBqyWWvSxh6Vyrth2v2_ybt5zscjNSeWikiXnbvXLibs0MshiEqoXp01diOpycphnj6x5HihRhvC_4GxCLfrbSA7UYsycf-fGg6PkUM5An1NFSxrTNwkUFPdrfpfL5XWin8-1jBZaBr57JeUHlA_loj1nLKUlVRpUUQo6NNE5VjlW03yYwOPd1iWs0
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 17 May 2022 15:45:17 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEMizZYSoUTedvzDzXI2x-9A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 9FF2 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYrrLbyQEwAQ&v=APEucNV7IwRCBpF4svWBqyWWvSxh6Vyrth2v2_ybt5zscjNSeWikiXnbvXLibs0MshiEqoXp01diOpycphnj6x5HihRhvC_4GxCLfrbSA7UYsycf-fGg6PkUM5An1NFSxrTNwkUFPdrfpfL5XWin8-1jBZaBr57JeUHlA_loj1nLKUlVRpUUQo6NNE5VjlW03yYwOPd1iWs0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 17 May 2022 15:45:17 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
truncated
/ Frame 6558 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
415e3c4982104db9fa994ee5228ae4fee7bbf30bc0102eb848c1c673f5010f85

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
partner
sync.search.spotxchange.com/ Frame F314
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGlFugD-KWQSoe4Ep_U1BZg&google_cver=1
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGlFugD-KWQSoe4Ep_U1BZg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNUr_9WpolcfaKHDEDtUZeL9tk84BPoTUYMe5Ghr_5hp1xiI2DVZWQmzMsGkIM32NI_uLcfPC2Qt3YcrHgB0pfPvAhW5jQmOHHipt6VSwW5tKdUspXNYrmr37vmwqmQ6BHhC63B2qJyeP2Lc8sMMpn4_wJgM77HEb4p-nC_JUtODIadJTQo
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:17 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
108
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGlFugD-KWQSoe4Ep_U1BZg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F314
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTllYjhiYzUtZDVmOC0xMWVjLTllZmEtMWUxZDQ3ODcwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTllYjhiYzUtZDVmOC0xMWVjLTllZmEtMWUxZDQ3ODcwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNUr_9WpolcfaKHDEDtUZeL9tk84BPoTUYMe5Ghr_5hp1xiI2DVZWQmzMsGkIM32NI_uLcfPC2Qt3YcrHgB0pfPvAhW5jQmOHHipt6VSwW5tKdUspXNYrmr37vmwqmQ6BHhC63B2qJyeP2Lc8sMMpn4_wJgM77HEb4p-nC_JUtODIadJTQo
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 17 May 2022 15:45:17 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTllYjhiYzUtZDVmOC0xMWVjLTllZmEtMWUxZDQ3ODcwNTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
102
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55946/ Frame F314
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEG3PiB6nMOUBVzrP-FMqGqg&_origin=1&google_cver=1
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEG3PiB6nMOUBVzrP-FMqGqg&_origin=1&google_cver=1&apid=UP59f078a7-d5f8-11ec-b16c-02080fde3794
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEG3PiB6nMOUBVzrP-FMqGqg&_origin=1&google_cver=1&apid=UP59f078a7-d5f8-11ec-b16c-02080fde3794
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNUr_9WpolcfaKHDEDtUZeL9tk84BPoTUYMe5Ghr_5hp1xiI2DVZWQmzMsGkIM32NI_uLcfPC2Qt3YcrHgB0pfPvAhW5jQmOHHipt6VSwW5tKdUspXNYrmr37vmwqmQ6BHhC63B2qJyeP2Lc8sMMpn4_wJgM77HEb4p-nC_JUtODIadJTQo
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEG3PiB6nMOUBVzrP-FMqGqg&_origin=1&google_cver=1&apid=UP59f078a7-d5f8-11ec-b16c-02080fde3794
date
Tue, 17 May 2022 15:45:17 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame F314
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP59f078a7-d5f8-11ec-b16c-02080fde3794
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA1OWYwNzhhNy1kNWY4LTExZWMtYjE2Yy0wMjA4MGZkZTM3OTQ%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA1OWYwNzhhNy1kNWY4LTExZWMtYjE2Yy0wMjA4MGZkZTM3OTQ%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNUr_9WpolcfaKHDEDtUZeL9tk84BPoTUYMe5Ghr_5hp1xiI2DVZWQmzMsGkIM32NI_uLcfPC2Qt3YcrHgB0pfPvAhW5jQmOHHipt6VSwW5tKdUspXNYrmr37vmwqmQ6BHhC63B2qJyeP2Lc8sMMpn4_wJgM77HEb4p-nC_JUtODIadJTQo
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA1OWYwNzhhNy1kNWY4LTExZWMtYjE2Yy0wMjA4MGZkZTM3OTQ%3D
date
Tue, 17 May 2022 15:45:18 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pubads_impl_2022051201.js
securepubads.g.doubleclick.net/gpt/ Frame 0A51 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127621
x-xss-protection
0
last-modified
Thu, 12 May 2022 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 17 May 2023 15:23:45 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 0A51 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fua.korrespondent.net&pubid=5c3c4d42-c5ae-4bf5-a931-2f0dc2cf7912
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 12:45:39 GMT
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
server
Server
age
10778
x-cache
Hit from cloudfront
access-control-allow-origin
https://ua.korrespondent.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
wGH_vdO0eDwLmWLlCVomv3v0B5yPS5aveVqaw-zDhTfz7HMoju7VEQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0A51 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
43453
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Tue, 17 May 2022 03:46:02 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
9Mb4iRncYomTzUQRUpM5kegSlRTdbAm882Ix3CEugcjRdQA1J3RlTg==
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8FF1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1F0D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8345
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:26:12 GMT
etag
48472445140208031
expires
Wed, 18 May 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/14966983600078554299/ Frame AC59 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14966983600078554299/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
372540
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 13 May 2022 08:16:17 GMT
expires
Sat, 13 May 2023 08:16:17 GMT
last-modified
Thu, 05 May 2022 14:45:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FA20 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcgmrHZY72EviP2tTu4OGCmlBzvEyCVIc7Jg1_EoqOQA2H4mi72_95UB6byLNoskBzAWgTOO2gFufjvxHChs5Pd9FiBV7Kqvi_UG-Cl8KSIC4Ya7Zz-R8hWtvd7FebeVkfrk5gbFkzwB9IM4VDgM3e0JlGt46PXUbU9g1-WUncCYJgTv87_HFNLuwDsDpyT1IOfD7HmyGBOHpvnr-BW3YFLcYzMiMAK5bJKbJKOAIldljNlRM4zhAu2LF_Dvwoyu3BCc89JVK6hgA_qsLPsX9xekgIxi-xisHKLApo3RGQ0D3N3DzC07GQEnU47BZrZyDIqPRZvZM-R5NiM7cBRRjmyLlpK9FPcNd-fnp1RnOwKXk6MN8XCX5B0hsM5X-BKXI_zgjnRJJpOFl2Mv0auzW2qt2aNpsJmqTQgDziiCq4G3d2xUKJymU8z1HrJkx6sBy62jGgITySfQYUf-WLfIB3F_9un1_45j1LGBIXj28J2h0AwbkCrcy2lco4M0T2GoQAVbj5lhn8jkpGJlkcrr_SLUyCdwJV6TsKvmPSe0a4b7gAlZJ2p95HrynpfkfbSlnfE-Gw77ivq17hqEEcOngSATTeKY7vasAq4JKS531U9Dc-o9hq8zscaggX0izw2jW20xAzh1-zW7N40o5kYE87sBvBY2u01uwmU4NpVOTlS7rXZh1q80vKuygm4JfcyWUM7kn-lPP3MBcGacut1nWPbIllqoGe259FxdsUXy3HalZ8lz-UQzCy4-nRt3_DRfhokiBEnS1wTQwomUVxuh2nZOACeLMSi_RYSrp4mP1BaFQw9bP1zlzeXNGPMdak3Pt7OzIejPjmoky0B55VMWczZ1xrCV2u61oI0ahoVQ2V9pKw5FQySH0b9qYXlYUhj-yqsmlB85aNYco3RLF6om774RpzuEcwokzkAOhJY9Vw4yQPcczwo2vrUeyaCgQJOoT0vBJVQroso2Nglz89gknCqcrRSmY8VZwdkGTrvm4GRbJkchZRaW0pOL0rQmVy2qOrzyjqDLZxj99FqeSJwDwlSP__mxzYwK-o47P4kVe2OwrStQAbjJ5sd9tvPXAxCY-VKXbPdA1PP3Wr9mgXJ_7AbSxKtHD7pLCsYgSkogjB4D-98WTLnWdyeqJjOvfk8S0AbDiQm7bn4CollDBtzFd2R4v6LEe5qm76BAWzCLEGIR_pMopO6vh-n2sqiPeozsZGxBAyrr0unv8HlyM2t6TNTAJnznwC6y2Ez1qBiWj3JU1rgj3UHWAXx5w5lBl_2qxgOhM-h1tUDWTLGOWycYmb0_FK4-v3UAzsKshrI_M0cWCxRnBjNXbf8SY&sai=AMfl-YSYZKyKXqfurifYFp4CTx8ZZB2bYO9TnychdqXekMCpcsaqN5pQlrPNV36hwJSzS1RZV7ntniGhmOsWL6J9-MVbzbsrfgBWebp7cKX1ukjYJmOF14WxvD6VZpfB_p4v_vhnB_HssTdAOdbEzteM5HDbH5wD0K0t1DXMbXrsXez3SnzgxXmIMcnFiZ-RsiW5GDqf5vGuU2TzR_DjtGOQioNEqiopzk_SPqrLnJNMUg69ItAe4he_6CjBcqiu1g3bcPDD4tb441bHZ0Jn75IKwz0n0S6TwSRjPdQRiVE&sig=Cg0ArKJSzHWPDb2k-JsnEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=179&cisv=r20220511.52325&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 17 May 2022 15:45:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/862137188495136981/ Frame 91DA 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450954
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:29:23 GMT
expires
Fri, 12 May 2023 10:29:23 GMT
last-modified
Thu, 05 May 2022 07:05:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8FF1 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhuBKEVhlI8SCi2l9m8bv2Ut9pkex4UwcLGUspX9M14zAIlUeabalM7iwAz4bLKQrDnsn-nqmuR8yUCWp8kFrbP9hrVcCVWLrjGFTd8mty0BljM4e5_J4J0ZZhWHQvDKYEXr79zPXMn_kgxHWeHFf410LiYmwxjmRbnxDK8CvTbd2OUj92wDcS2TfsV49scCjghJ-iG4_PBHfey6EQfXSyPxNycchGywsunUJOfNBkD0ZQEW6mPMFVyH4jHTD96HSiG4AGqBlfdZuphb0UgWjQoMWRq9RbIGB3_IdQF9b1KU9_tJjNKDjBgdJDz6UyNH28miJwpvGq6wiVHIlqVc3GzCrKV_IpDNsE6eZ7eTLbloL_gzLyb5z6nPJclCTomQPEzHJQA6xhqI-T2Qmafzo3fwgQPz6DIYLBT9nQhbUJmBiAvKzWBh8xv3a-FFl3D75KvO6rRxFfuiCLCA3gAlH85dWILoBzjXWTDd6gRivikoAOI_j_-C3NR6j0-gTu2VbPb9riHuUacW4XGroFKRRBGOr6mJEtWFa1s4MqON55flNyvHlUsuQCfuOFNl92fA2x_lqOINMVbTi-XR1vWxsZT90MFPhw5DhQSPSaEDk6Dr6nWLC83XIaw6Bjx3ejrqff0oFqkhJyO3lx3uJj4KL2Be-TYOTkm4fzN5LiXP4nzgzy9xe9Zp_5zO-cXpH2VZPilTEy7RJyvp--l0JUtIVgQziYSXjdJfchRSDFXyyTEnlvnXFuM1St9-CkAoljNw419JgTCgOyz3eCOiEBG_GL4r_t8qYKCWMnnriBly34sO5YlL1q_DixzoQ6sIOkVp25WoBRiVh3Bssxl-bKzJFkE5Ge4-LFqKAeGe3q8z4USHulscEg2RiengNHsneMvE6cyYjr92_SeVhsB4dDgY6DUUfcz0MLqNHhZpw0YHPcLwUTEx9kpbsNpYKKLEXWor5kY0lee-1YwUl_0qGu-gM1kNMYw7ViY0cS562PSwqBZZ7hyYwldYK0PNh18JiMHe2cK2KF2tdlVAsw-5mDlKnxfqatxKkm7w4NCNQ_wFq44GX9nAKEliRQafqVe8R28MbCurV18VP8fDouydbBg2HUDZjXwdXVWpLeBmBRpIFSaWcbKjALsJQZk3lhKxFGrSbcLor-WKEpyV32izTylN76JVZCoD2KgiDjTCLVJyOHrouzXENvA2852G1IzRSC8bnA4ZM5YsAJ9K1j0IbNvs4VQWkzwOplLYmArH9KLHQnfneeFA&sai=AMfl-YRf5AW0i496R5Y0jVLH96bY-5oBMBXQGqwbNzOmLeZ2x8ab6U8peDny-Gn2q_a92eVWokYfBGl9_FuBHQnCpo_KA8SJ72RmAGgaiH53kwVuqQ2r7vSzRuOVi_cJ4LTXL4aX_xKXRueZxzCwmGg_fVntxw_q5oryR83JawkR4F7-j2YNI0TUYEpWgJ5KNUok33xAlqgd1EZXLxXYpG-pQ5J4NXgNl1HOA64rT0Gnc2X7nOd-pQIhd3NIaT0EIH8d49UL0Qn9sI027KfckWxc8eEdW9N8e2r_0qgDO3g&sig=Cg0ArKJSzB44GA9cg6X8EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=210&cbvp=1&cstd=209&cisv=r20220511.09738&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 17 May 2022 15:45:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 8FF1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6610617562e795baf33fcac433f1a89af9a3911e78fc5dc34584271cf576d572

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/862137188495136981/ Frame 8F3E 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450954
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:29:23 GMT
expires
Fri, 12 May 2023 10:29:23 GMT
last-modified
Thu, 05 May 2022 07:05:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4AD3 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8Q8H9ckBhekzK50chbfueLM8sigzFzTOU7g2avCTrBEpO0FBykoSgZ3KEparYRJX64OdATsKWCiK1voh2cKcSZgiseVtS-_HNEreZ4i3vIM6bI0gUOHsk7Ste3extYNGindJcW6pCNNPEHD9LQnHZkdCtDROVUUbDghgpmRlYkBts64XwHMqdy_er92yhnzDu_oDn8eQLp76uCMWExv_qrVmht_ixzb1hvXYGYXHPqgvygtldrJ0VrBFwtE6nMfqs2OWrMac7EsG6fQROPGyvg6lfa73BXQ65dMvm1Bpnpugy_qFYjjwMyOEkeLvLEXW3G1j90Xa3_lxQC44YdqxWeMfHm0dfrVfkAwALZgm-i_qI55UHbZa5dq359RO7uuE1B0KSgTU4RT53Y3829AcSLXnIk86FIcBOo9SHgr9B6v8po4DU5RyClJ-4D0sPHZzjyVYTgvOioIrRw2d9viGpQrTwyGD58W_0Enoaa81-9IL54nMktqJQULcCKZONseuiWpQjmeY62ns6hiYUqp2GeMcRepNmRsy16-kERm2DNAtYHoqt3pF-YrfXbC_5cxBbLTV53xwT_kmK_QC7OE-jK6rxJtQ8N8cUEq6BWzYe3gPQAbmAM-769c1tCBA9_OviAXv6WPSe6ratZkVuVN9DoR2srCIy_gKmFconJqNeVzQxKNwT0hATndVOb7_OcHdUEv5AJF8q-anrXs3i8z7aPvaJildtVB_OJFd_I-ezwpPl2egzi5y4gHyCpydYIUlB3TyiwrIoTEzsC2eglJg4LFkNM1rzRouL2y_Y7S3Z55Z5wrobzLkKUbxmOZ2Ep67UDt_8y-OOlS4y2WigMFNwDueP48oCfx2je2ycYigVM6So74-1b3y-QDfV9GUU5DMBHKYBkFImg8C5aTskeApt2gdWZzcn1fqWkcP1wsFqYTnrdEN-w8BhbDiD_C_ZeR55BUnzXwlbSLJmjTY-IbIE0Y3_bCmNk14UJq1hSbDkefOd9VPSNDlYUfuVfb6-uGToDKpG_tyClxxplNEHZCbbTN3JIwzTNDPwcbMZ-OvD494n8VNrIScWTpAfcJDaWqLglEDa4-6Aqdu1ViN--Bm9GgBMANTgd2MWQ-Einrnr_TDl0Y5beXvYU5qhJZKJpnkbOlWq4rusor0IQ89E8aQRJZltkBvW8ta7R3Z0xnhPAIQ81BUoRSZxRSDzbZtTuUJ4IV9RXtahrmECcszmgtsM1wqAdSUgd31C3tbJULVTP3KZbeWjcRWsHUE_OGF8BT_mPH_pw-9DPo8q_7FcV8Rw9gUch93j00M0W4xCL__EAVQ&sai=AMfl-YR4tgIciBFOQ_jJtv3IbbEGrgLw5OPwzydr6pwQBAimDnU0XKt63yFWkMKz9hRxQDnPeYmPbAhWYYm3EhAqJHtUPKrXoUCc5oLjTbVU9T7sRauUoRbjaOMHxl6XTIjvJ4wnOB4uK68F-OvceNwCVEXTKiIgyxR4jUPWi96d6nbM9MJ0Vqa3js0cOpnfVBylF9Mq7mpJz44HW02M6u5T6UZd0NyCXbXFJLgBt9AKhZ6ISaanJZDXudXgm9gT2TQJV4VvvlKjPqZBeatJVPWhsZWkiAFHVfztHyImDW72CxzZ&sig=Cg0ArKJSzAp7GcGN25QuEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=188&cbvp=1&cstd=187&cisv=r20220511.95492&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 17 May 2022 15:45:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FA20 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 06AB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8345
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:26:12 GMT
etag
48472445140208031
expires
Wed, 18 May 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4AD3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
URL: https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 81CC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
URL: https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8345
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:26:12 GMT
etag
48472445140208031
expires
Wed, 18 May 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FA20 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cde6f97f123790494370d0e0d172dbfb42473cc0e050ef14bc93bdd92d91da22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4AD3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e246e715bf18a12050854d34e3775a6aa263a988d74779b58694f5be7c4ecfdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame E843
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 15:45:18 GMT
expires
Tue, 17 May 2022 15:45:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 17 May 2022 15:45:18 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame AC59 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14966983600078554299/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14966983600078554299/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:18 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame AC59 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14966983600078554299/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14966983600078554299/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:18 GMT
main.js
s0.2mdn.net/sadbundle/14966983600078554299/ Frame AC59 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14966983600078554299/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14966983600078554299/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4629d0b183da48a1475d36a5c1842c7b39d94affc1522f802472410ee84e3b85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14966983600078554299/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 08:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372541
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2578
x-xss-protection
0
last-modified
Thu, 05 May 2022 14:45:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 May 2023 08:16:17 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 2762 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=6503205699&adk=2327833755&adf=552537025&pi=t.ma~as.6503205699&w=300&lmt=1652802316&psa=0&format=300x250&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802316591&bpp=1&bdt=769&idt=377&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3644822342989&frm=20&pv=1&ga_vid=590111183.1652802316&ga_sid=1652802317&ga_hid=1085232946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067418&oid=2&pvsid=2444593629601941&pem=547&tmod=1424773764&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9YeFKEa4rJ&p=https%3A//ua.korrespondent.net&dtd=381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 91DA 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:18 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 91DA 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:18 GMT
main.js
s0.2mdn.net/sadbundle/862137188495136981/ Frame 91DA 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/862137188495136981/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc34b5228224caef0a37f0c9ba4ed6b7f3630d3a0f8cc97463c2d7b5d722d374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450956
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2576
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:05:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:29:22 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8F3E 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:18 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8F3E 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:18 GMT
main.js
s0.2mdn.net/sadbundle/862137188495136981/ Frame 8F3E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/862137188495136981/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc34b5228224caef0a37f0c9ba4ed6b7f3630d3a0f8cc97463c2d7b5d722d374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450956
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2576
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:05:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:29:22 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 110A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1
mc.yandex.com/watch/61684903/ Frame 0A51
Redirect Chain
  • https://mc.yandex.com/watch/61684903?wmode=7&page-url=https%3A%2F%2Fua.korrespondent.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
  • https://mc.yandex.com/watch/61684903/1?wmode=7&page-url=https%3A%2F%2Fua.korrespondent.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
338 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/61684903/1?wmode=7&page-url=https%3A%2F%2Fua.korrespondent.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A220073537154%3Ahid%3A163788503%3Az%3A0%3Ai%3A20220517154518%3Aet%3A1652802318%3Ac%3A1%3Arn%3A591344965%3Arqn%3A1%3Au%3A1652802318158155463%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1652802317171%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C4%2C0%2C4%2C4%2C0%2C4%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1652802318%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ce88e7d75016cf4b26ccc3eeb67171b111571dc92178b23bf2ea6abd3cf92de3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 17-May-2022 15:45:18 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Tue, 17-May-2022 15:45:18 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
last-modified
Tue, 17-May-2022 15:45:18 GMT
location
/watch/61684903/1?wmode=7&page-url=https%3A%2F%2Fua.korrespondent.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A220073537154%3Ahid%3A163788503%3Az%3A0%3Ai%3A20220517154518%3Aet%3A1652802318%3Ac%3A1%3Arn%3A591344965%3Arqn%3A1%3Au%3A1652802318158155463%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1652802317171%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C4%2C0%2C4%2C4%2C0%2C4%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1652802318%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ua.korrespondent.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 17-May-2022 15:45:18 GMT
getcookie
matchid.adfox.yandex.ru/ Frame 0A51 		87 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
57966fc56f47234552b7fcc383e13d2c6f9316b3af2199fb5454ee48d1223bdd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Tue, 17 May 2022 15:45:18 GMT
access-control-allow-credentials
true
timing-allow-origin
*
content-length
87
x-content-type-options
nosniff
content-type
application/json
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8DAC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F269 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 1F0D 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBPbYwhuZLaW9Zc9eYz3Zjw&google_cver=1&google_push=AYg5qPKCygtmlfHOU2t2KcKGasYwc58qIZo6oLTBjT1PS9TPa3ks6Z59mW-eD4-tPtI5qtvga16pzjsJ3nN3qI5UUhDfPG1K9x4
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1F0D
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLNKCaTgZHdJAkQ3enm7zCKFofUOeogZ4FmQLwifwG4me3jHdaukLlsaFLo_22uusRSr4HStBwQa5H7vg4VRiD5MCM4We8&google_gid=CAESEGdJ9iJu4fc5jjMWgbsYsmk&goog...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCI6Gj5QGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBMTktDYVRnWkhkSkFrUTNlbm03ekNLRm9mVU9lb2daNEZtUUx3aWZ3RzRtZTNqSGRhdWtMbHNhRkxvXzIydXVzUlNyNEhTdEJ3UWE1SDd2Zz...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWXpDb2JrVjZxS0RMb3p4VGF0WDZUTERhcmdXU25iMC1lSFFNUmdtcjBtZw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWXpDb2JrVjZxS0RMb3p4VGF0WDZUTERhcmdXU25iMC1lSFFNUmdtcjBtZw==&google_push
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 17 May 2022 15:45:18 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWXpDb2JrVjZxS0RMb3p4VGF0WDZUTERhcmdXU25iMC1lSFFNUmdtcjBtZw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 1F0D 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEEsT_9sY13C-RRX_tLCZJFM&google_cver=1&google_push=AYg5qPKdG4p6xDlrVWVvTwyq3MzXVHb7PW5Jx0CkJNRptKLzpD-zNcLYB_JTIsO6pTVOGre8FY-6nnwu8HSzVKRaD_cIZDWAKuNW
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
h92gbqa0ut8v06i3k11pvnh5ufsbhlev
pixel
cm.g.doubleclick.net/ Frame 1F0D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2kXr-2LHSCGpfD2kMttScA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2kXr-2LHSCGpfD2kMttScA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLcxaN1jPiHwXWefWiwNBF7VLxyM3fD7vvsuK-Z9kZm5CrXz_MnthIEkcvNRDtg5ejemjVhpao1qjw6bcgq8cEAJKdUKEZT
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2kXr-2LHSCGpfD2kMttScA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLcxaN1jPiHwXWefWiwNBF7VLxyM3fD7vvsuK-Z9kZm5CrXz_MnthIEkcvNRDtg5ejemjVhpao1qjw6bcgq8cEAJKdUKEZT
date
Tue, 17 May 2022 15:45:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 1F0D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMUZD4R2qefEF6MlOqs9_W4&google_cver=1&google_push=AYg5qPIGPhh8isGb15dm2ziUXR0EYhVKkWcbEvw8OWFm-RF06_L4kpOQLaffD-eQSCDEJpjIrG0...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNBQlRRTlQtWC0xRlFK&google_push=AYg5qPIGPhh8isGb15dm2ziUXR0EYhVKkWcbEvw8OWFm-RF06_L4kpOQLaffD-eQSCDEJpjIrG0DI80Gtg-9mAN_0NC-o2-VVL4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNBQlRRTlQtWC0xRlFK&google_push=AYg5qPIGPhh8isGb15dm2ziUXR0EYhVKkWcbEvw8OWFm-RF06_L4kpOQLaffD-eQSCDEJpjIrG0DI80Gtg-9mAN_0NC-o2-VVL4
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNBQlRRTlQtWC0xRlFK&google_push=AYg5qPIGPhh8isGb15dm2ziUXR0EYhVKkWcbEvw8OWFm-RF06_L4kpOQLaffD-eQSCDEJpjIrG0DI80Gtg-9mAN_0NC-o2-VVL4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1F0D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHUfRr20KS5FHl1Kq0W_npo&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&google_cver=1&google_gid=CAESEHUfRr20KS5FHl1Kq0W_npo&google_push=AYg5qPLIIMwnmOulhSOInIUPXXyR4y1-xil4-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&google_cver=1&google_gid=CAESEHUfRr20KS5FHl1Kq0W_npo&google_push=AYg5qPLIIMwnmOulhSOInIUPXXyR4y1-xil4-nlHd_xDsAIBHYYgKoyxD7Z6iXjBllcWQm23YuldUjFSWJk8TxVRw8uC_nCJEVlh
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&google_cver=1&google_gid=CAESEHUfRr20KS5FHl1Kq0W_npo&google_push=AYg5qPLIIMwnmOulhSOInIUPXXyR4y1-xil4-nlHd_xDsAIBHYYgKoyxD7Z6iXjBllcWQm23YuldUjFSWJk8TxVRw8uC_nCJEVlh
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Tue, 17 May 2022 15:45:18 GMT
trk
ag.innovid.com/ Frame 1F0D 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEKjgokWrou5j4UlozRzHeNk&google_cver=1&google_push=AYg5qPLNCRDW38vXcjjzqHX7HCAmvetzx1CDHPTFzXcNenitrE3qIPPD20FfRcQBaaz5PtovzKt0rdZZ36aDtEILfe17MGXRvggr
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 1F0D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LZOwJ4CnUqOYPPED9R7yWHxkZW_ozvCio5XR4j-MFf2gjqoaeD5-NaUTySqEMFJtog4oGw
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
advert.gif
mc.yandex.com/metrika/ Frame 0A51 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
last-modified
Fri, 13 May 2022 14:20:22 GMT
etag
"627e3ef6-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 17 May 2022 16:45:18 GMT
cm
a.rfihub.com/ Frame 06AB
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEPHg0eMIMXK2JzpuV6wPP6M&google_cver=1&google_push=AYg5qPLN076R9FyRvICGJCCzW5ox7JLJ6rzgELABJUzRspENIlLEg9d_wmXmhORwES1L_FPN3_Ns-FcL6-mwQI7v1ysXGq6...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLN076R9FyRvICGJCCzW5ox7JLJ6rzgELABJUzRspENIlLEg9d_wmXmhORwES1L_FPN3_Ns-FcL6-mwQI7v1ysXGq6eXt8k&google_hm=NzMyMzExMzE...
  • https://a.rfihub.com/cm?pub=445&google_error=5
42 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&google_error=5
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:18 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 06AB 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDX12hwk-ntlOiCC122Xe4o&google_cver=1&google_push=AYg5qPJpwwKyK19Guap0YUWPRH1C-alZ_sMUrO-ljtLlKpT56yQpw3NOsA5KvyCLetl07dUpw4wEPkCE7WoOUaremVfbtWWkJoQI
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 06AB 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEOfcNqfkwOOkrArTtdubfiw&google_cver=1&google_push=AYg5qPLwLLtxGs6Q6HBo89wjXGIykb4lmhiYUvpuqwFPi9ndmqKQ0XP3NDHV-Wsoxn1JfSYMWI1YXPlxbZr_m89ri_MpfYE5HM2b
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:17 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
dot.gif
s0.2mdn.net/ Frame 06AB 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEDy81vxMxVqqZPxhM2Vp1XA&google_cver=1&google_push=AYg5qPKoJyGmnS0Yg2FtcsiVjrXPnDg2rIIBMWENTndb6JqqV8IHV18_7zqQMbXUy4reb_q06V-2CrkaTGZy-ijrg8kXybLE7fvO
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 15:45:18 GMT
pixel
cm.g.doubleclick.net/ Frame 06AB
Redirect Chain
  • https://google-sync.rutarget.ru/sync?google_gid=CAESECV14GPO23KLvq4NelLPS_U&google_cver=1&google_push=AYg5qPIuL7q6g-t1RPdh6woDx4S9avq0DjDy7x4RZk9oUJvbEZc-Mb2Vu5cwlMtqXNdpmjthzZMfibjzB9jgLTyOFy0xaUP...
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=aERUeUF6X09kQjJm&google_ula=2046794&google_push=AYg5qPIuL7q6g-t1RPdh6woDx4S9avq0DjDy7x4RZk9oUJvbEZc-Mb2Vu5cwlMtqXNdpmjthzZMfibjzB9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=aERUeUF6X09kQjJm&google_ula=2046794&google_push=AYg5qPIuL7q6g-t1RPdh6woDx4S9avq0DjDy7x4RZk9oUJvbEZc-Mb2Vu5cwlMtqXNdpmjthzZMfibjzB9jgLTyOFy0xaUP6tRZs
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=aERUeUF6X09kQjJm&google_ula=2046794&google_push=AYg5qPIuL7q6g-t1RPdh6woDx4S9avq0DjDy7x4RZk9oUJvbEZc-Mb2Vu5cwlMtqXNdpmjthzZMfibjzB9jgLTyOFy0xaUP6tRZs
Date
Tue, 17 May 2022 15:45:18 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
pixel
cm.g.doubleclick.net/ Frame 06AB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEjEBPQhwUi_zePry_rgdIc&google_cver=1&google_push=AYg5qPLSdpP9dvViXTcEJqbqx6wp86_dqMlKgJW2SgnpSCeAZVZXZ9O5P4Lp3HdDkGllYHDVG6...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KZ09XM1NSRTJ1RWNwY0tGY0ZXeHNBaDhIT2xBT1N2Yn5B&google_push=AYg5qPLSdpP9dvViXTcEJqbqx6wp86_dqMlKgJW2SgnpSCeAZVZXZ9O5P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KZ09XM1NSRTJ1RWNwY0tGY0ZXeHNBaDhIT2xBT1N2Yn5B&google_push=AYg5qPLSdpP9dvViXTcEJqbqx6wp86_dqMlKgJW2SgnpSCeAZVZXZ9O5P4Lp3HdDkGllYHDVG6OS4Q3ozZi7j6ChijUGhToaZlVh7A
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KZ09XM1NSRTJ1RWNwY0tGY0ZXeHNBaDhIT2xBT1N2Yn5B&google_push=AYg5qPLSdpP9dvViXTcEJqbqx6wp86_dqMlKgJW2SgnpSCeAZVZXZ9O5P4Lp3HdDkGllYHDVG6OS4Q3ozZi7j6ChijUGhToaZlVh7A
date
Tue, 17 May 2022 15:45:18 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 06AB
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJrEsf1_MH-Prm6zOVybXhw&google_cver=1&google_push=AYg5qPL53GYdPu2CgRf1GkrIiKVTTrTQzGVUB5aN1O2M1VHN3UHrMR6nAFtflIMZRXD4aJjaKLJvSQ_-QqG...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgNKx701dweUtpzvNxZ2YKmItxxlgdfppLA&google_push=AYg5qPL53GYdPu2CgRf1GkrIiKVTTrTQzGVUB5aN1O2M1VHN3UHrMR6nAFtflIMZRXD4aJjaKLJvSQ_-Qq...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 06AB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JZADY1MYmpk4GaKPx85KKACFsFEywQoc4VaPooUA1sPzEdYtL2qlB5JgKuuDdyQGIu79GOP10
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 81CC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHbzBFCsWN_eEiKODna7PbY&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHbzBFCsWN_eEiKODna7PbY&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cDdLd1hsdloxTlFablU1&google_gid=CAESEHbzBFCsWN_eEiKODna7PbY&google_cver=1&google_push=AYg5qPLGIHtfo9EP10y7s3JNrSPBKt6-WGiLkAr79tuO3Xe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cDdLd1hsdloxTlFablU1&google_gid=CAESEHbzBFCsWN_eEiKODna7PbY&google_cver=1&google_push=AYg5qPLGIHtfo9EP10y7s3JNrSPBKt6-WGiLkAr79tuO3XeIfbUKv43ZOJeg4o1peYV15vS_e1WYQcNFnBdiuQGXiwEuih8wK6rA
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:17 GMT
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-057420aad53a017a6@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cDdLd1hsdloxTlFablU1&google_gid=CAESEHbzBFCsWN_eEiKODna7PbY&google_cver=1&google_push=AYg5qPLGIHtfo9EP10y7s3JNrSPBKt6-WGiLkAr79tuO3XeIfbUKv43ZOJeg4o1peYV15vS_e1WYQcNFnBdiuQGXiwEuih8wK6rA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 81CC
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOVtCA4YOLVa3xfKPo0lXzE&google_cver=1&google_push=AYg5qPJEdDmvLZwwmEDPA_WUms91VgI8u7UhuL9HDnR5tuti5rVHxVWQfaXHQe_U9QB38juR9JslzrIn8DYHiD...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5ODczMTkwMjU2ODY5MTg2MQ%3D%3D&google_push=AYg5qPJEdDmvLZwwmEDPA_WUms91VgI8u7UhuL9HDnR5tuti5rVHxVWQfaXHQe_U9QB38juR9JslzrIn8DYHiDGMyP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5ODczMTkwMjU2ODY5MTg2MQ%3D%3D&google_push=AYg5qPJEdDmvLZwwmEDPA_WUms91VgI8u7UhuL9HDnR5tuti5rVHxVWQfaXHQe_U9QB38juR9JslzrIn8DYHiDGMyPz5O0ecoKqA
Requested by
Host: cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
URL: https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5ODczMTkwMjU2ODY5MTg2MQ%3D%3D&google_push=AYg5qPJEdDmvLZwwmEDPA_WUms91VgI8u7UhuL9HDnR5tuti5rVHxVWQfaXHQe_U9QB38juR9JslzrIn8DYHiDGMyPz5O0ecoKqA
Date
Tue, 17 May 2022 15:45:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 81CC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI4RXBGG3tzXJ28JYPAB8Fg&google_cver=1&google_push=AYg5qPJCptRv7mfEZrVPFB0O6Cw-xHwztUHC4fTQbdgOybKpV8zeiuE2Pn6zO7LOeFWgGK6uYNsg1IgN-goaIGj1CCLQLD2...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJCptRv7mfEZrVPFB0O6Cw-xHwztUHC4fTQbdgOybKpV8zeiuE2Pn6zO7LOeFWgGK6uYNsg1IgN-goaIGj1CCLQLD21eYZP&google_hm=NTAyNjYwNTIxMDgzNDk1Mj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJCptRv7mfEZrVPFB0O6Cw-xHwztUHC4fTQbdgOybKpV8zeiuE2Pn6zO7LOeFWgGK6uYNsg1IgN-goaIGj1CCLQLD21eYZP&google_hm=NTAyNjYwNTIxMDgzNDk1MjYzMA%3D%3D
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 17 May 2022 15:45:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJCptRv7mfEZrVPFB0O6Cw-xHwztUHC4fTQbdgOybKpV8zeiuE2Pn6zO7LOeFWgGK6uYNsg1IgN-goaIGj1CCLQLD21eYZP&google_hm=NTAyNjYwNTIxMDgzNDk1MjYzMA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 81CC
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KsiYgF76Tge3UrjzVNDvZw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KsiYgF76Tge3UrjzVNDvZw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJcGNQVkViMvTkI23ylgnhwl6xsAwLkVnvLQ8SIGh8jNGAYIPp4o8KC2Yfj5npp8eIO_zJRnTZ0_KtBQCXcgd30UsLLjsG5
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KsiYgF76Tge3UrjzVNDvZw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJcGNQVkViMvTkI23ylgnhwl6xsAwLkVnvLQ8SIGh8jNGAYIPp4o8KC2Yfj5npp8eIO_zJRnTZ0_KtBQCXcgd30UsLLjsG5
date
Tue, 17 May 2022 15:45:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 81CC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMUZD4R2qefEF6MlOqs9_W4&google_cver=1&google_push=AYg5qPL10ENZqoXXdmfu_LvUeMqygK8iom_pPt4pC_MCvBlS-HI21txAW-L-zpadHJrgJ-ndJzj...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNBQlRRT1otMTUtQUdYRQ==&google_push=AYg5qPL10ENZqoXXdmfu_LvUeMqygK8iom_pPt4pC_MCvBlS-HI21txAW-L-zpadHJrgJ-ndJzjl3SqB5nRz_UF6j3DgmFohFjBb
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNBQlRRT1otMTUtQUdYRQ==&google_push=AYg5qPL10ENZqoXXdmfu_LvUeMqygK8iom_pPt4pC_MCvBlS-HI21txAW-L-zpadHJrgJ-ndJzjl3SqB5nRz_UF6j3DgmFohFjBb
Requested by
Host: cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
URL: https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNBQlRRT1otMTUtQUdYRQ==&google_push=AYg5qPL10ENZqoXXdmfu_LvUeMqygK8iom_pPt4pC_MCvBlS-HI21txAW-L-zpadHJrgJ-ndJzjl3SqB5nRz_UF6j3DgmFohFjBb
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 81CC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKZFC9grbfBzbpBd6Vi7LRk5eEM-E8J4h0Hy3olWF-R0bzIwquBHMa_yRGwUoQB6j_nHZNyEOJBUD24kjTLWJTCSbzJjEBU&redir=https%3A%2F%2Fcm.g.doubl...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKZFC9grbfBzbpBd6Vi7LRk5eEM-E8J4h0Hy3olWF-R0bzIwquBHMa_yRGwUoQB6j_nHZNyEOJBUD24kjTLWJTCSbzJjEBU&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKZFC9grbfBzbpBd6Vi7LRk5eEM-E8J4h0Hy3olWF-R0bzIwquBHMa_yRGwUoQB6j_nHZNyEOJBUD24kjTLWJTCSbzJjEBU&google_hm=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKZFC9grbfBzbpBd6Vi7LRk5eEM-E8J4h0Hy3olWF-R0bzIwquBHMa_yRGwUoQB6j_nHZNyEOJBUD24kjTLWJTCSbzJjEBU&google_hm=
cache-control
no-store, no-cache, must-revalidate
expires
0
pixel
cm.g.doubleclick.net/ Frame 81CC
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHxkHn6MSP8qXGhSQ2cTUBQ&google_cver=1&google_push=AYg5qPKUWdQ9ByLn9ipucPGeYFCoS2gT8ED-dEDpgvG2mvTRFc18pSGfdggJxvGPUvvD7h0B-48q-xBR700htJm4rdvkdFLb66MG
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPKUWdQ9ByLn9ipucPGeYFCoS2gT8ED-dEDpgvG2mvTRFc18pSGfdggJxvGPUvvD7h0B-48q-xBR700htJm4rdvkdFLb66M...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc5MDY5Njg5MDg1Mzc3NTQ2ODYzNg%3D%3D&google_push=AYg5qPKUWdQ9ByLn9ipucPGeYFCoS2gT8ED-dEDpgvG2mvTRFc18pSGf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc5MDY5Njg5MDg1Mzc3NTQ2ODYzNg%3D%3D&google_push=AYg5qPKUWdQ9ByLn9ipucPGeYFCoS2gT8ED-dEDpgvG2mvTRFc18pSGfdggJxvGPUvvD7h0B-48q-xBR700htJm4rdvkdFLb66MG
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc5MDY5Njg5MDg1Mzc3NTQ2ODYzNg%3D%3D&google_push=AYg5qPKUWdQ9ByLn9ipucPGeYFCoS2gT8ED-dEDpgvG2mvTRFc18pSGfdggJxvGPUvvD7h0B-48q-xBR700htJm4rdvkdFLb66MG
date
Tue, 17 May 2022 15:45:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 81CC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_ApuW3Ger-ju3yQ4ZzxEht0oeTEeKABsGEeJl3wPMn8JM_KESnEEQSaaVsDYxgmBDtT_H
Requested by
Host: cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
URL: https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2775 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:42:24 GMT
expires
Wed, 17 May 2023 15:42:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C575 		783 B
538 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8cb8b1066f52418e8d7cb17f8c879479d7de0de840d45b16bc3f4b5fce204fca
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-k74-Ay0WbYN0CO8Bw1JVjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
516
content-security-policy
script-src 'report-sample' 'nonce-k74-Ay0WbYN0CO8Bw1JVjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:18 GMT
expires
Tue, 17 May 2022 15:45:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=645&event=init_creative&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:18 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 0A51 		157 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee93dc8d1013f506af8ca9cf3f19d7e3c574a7182505aa568975459949c590f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56057
x-xss-protection
0
server
cafe
etag
13910861082784805377
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 17 May 2022 15:45:18 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=647&event=start_auction&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:18 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
comdirect_yoga_300x250_js.png
s0.2mdn.net/sadbundle/14966983600078554299/ Frame AC59 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14966983600078554299/comdirect_yoga_300x250_js.png
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
698501f11b36a327c270eb27836e542a38de7b80217b15f4996bd8d12fd7a198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14966983600078554299/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 08:16:14 GMT
x-content-type-options
nosniff
age
372544
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113763
x-xss-protection
0
last-modified
Thu, 05 May 2022 14:45:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 May 2023 08:16:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FA20 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcgmrHZY72EviP2tTu4OGCmlBzvEyCVIc7Jg1_EoqOQA2H4mi72_95UB6byLNoskBzAWgTOO2gFufjvxHChs5Pd9FiBV7Kqvi_UG-Cl8KSIC4Ya7Zz-R8hWtvd7FebeVkfrk5gbFkzwB9IM4VDgM3e0JlGt46PXUbU9g1-WUncCYJgTv87_HFNLuwDsDpyT1IOfD7HmyGBOHpvnr-BW3YFLcYzMiMAK5bJKbJKOAIldljNlRM4zhAu2LF_Dvwoyu3BCc89JVK6hgA_qsLPsX9xekgIxi-xisHKLApo3RGQ0D3N3DzC07GQEnU47BZrZyDIqPRZvZM-R5NiM7cBRRjmyLlpK9FPcNd-fnp1RnOwKXk6MN8XCX5B0hsM5X-BKXI_zgjnRJJpOFl2Mv0auzW2qt2aNpsJmqTQgDziiCq4G3d2xUKJymU8z1HrJkx6sBy62jGgITySfQYUf-WLfIB3F_9un1_45j1LGBIXj28J2h0AwbkCrcy2lco4M0T2GoQAVbj5lhn8jkpGJlkcrr_SLUyCdwJV6TsKvmPSe0a4b7gAlZJ2p95HrynpfkfbSlnfE-Gw77ivq17hqEEcOngSATTeKY7vasAq4JKS531U9Dc-o9hq8zscaggX0izw2jW20xAzh1-zW7N40o5kYE87sBvBY2u01uwmU4NpVOTlS7rXZh1q80vKuygm4JfcyWUM7kn-lPP3MBcGacut1nWPbIllqoGe259FxdsUXy3HalZ8lz-UQzCy4-nRt3_DRfhokiBEnS1wTQwomUVxuh2nZOACeLMSi_RYSrp4mP1BaFQw9bP1zlzeXNGPMdak3Pt7OzIejPjmoky0B55VMWczZ1xrCV2u61oI0ahoVQ2V9pKw5FQySH0b9qYXlYUhj-yqsmlB85aNYco3RLF6om774RpzuEcwokzkAOhJY9Vw4yQPcczwo2vrUeyaCgQJOoT0vBJVQroso2Nglz89gknCqcrRSmY8VZwdkGTrvm4GRbJkchZRaW0pOL0rQmVy2qOrzyjqDLZxj99FqeSJwDwlSP__mxzYwK-o47P4kVe2OwrStQAbjJ5sd9tvPXAxCY-VKXbPdA1PP3Wr9mgXJ_7AbSxKtHD7pLCsYgSkogjB4D-98WTLnWdyeqJjOvfk8S0AbDiQm7bn4CollDBtzFd2R4v6LEe5qm76BAWzCLEGIR_pMopO6vh-n2sqiPeozsZGxBAyrr0unv8HlyM2t6TNTAJnznwC6y2Ez1qBiWj3JU1rgj3UHWAXx5w5lBl_2qxgOhM-h1tUDWTLGOWycYmb0_FK4-v3UAzsKshrI_M0cWCxRnBjNXbf8SY&sai=AMfl-YSYZKyKXqfurifYFp4CTx8ZZB2bYO9TnychdqXekMCpcsaqN5pQlrPNV36hwJSzS1RZV7ntniGhmOsWL6J9-MVbzbsrfgBWebp7cKX1ukjYJmOF14WxvD6VZpfB_p4v_vhnB_HssTdAOdbEzteM5HDbH5wD0K0t1DXMbXrsXez3SnzgxXmIMcnFiZ-RsiW5GDqf5vGuU2TzR_DjtGOQioNEqiopzk_SPqrLnJNMUg69ItAe4he_6CjBcqiu1g3bcPDD4tb441bHZ0Jn75IKwz0n0S6TwSRjPdQRiVE&sig=Cg0ArKJSzHWPDb2k-JsnEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=508&vt=11&dtpt=326&dett=3&cstd=179&cisv=r20220511.52325&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
comdirect_markt_300x250_js.png
s0.2mdn.net/sadbundle/862137188495136981/ Frame 91DA 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/862137188495136981/comdirect_markt_300x250_js.png
Requested by
Host: bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
URL: https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f34081974aa06e2e70a3b6260e788f57d78d5c920e759310b2e4bc0f6cc070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:29:21 GMT
x-content-type-options
nosniff
age
450957
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137120
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:05:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:29:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8FF1 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhuBKEVhlI8SCi2l9m8bv2Ut9pkex4UwcLGUspX9M14zAIlUeabalM7iwAz4bLKQrDnsn-nqmuR8yUCWp8kFrbP9hrVcCVWLrjGFTd8mty0BljM4e5_J4J0ZZhWHQvDKYEXr79zPXMn_kgxHWeHFf410LiYmwxjmRbnxDK8CvTbd2OUj92wDcS2TfsV49scCjghJ-iG4_PBHfey6EQfXSyPxNycchGywsunUJOfNBkD0ZQEW6mPMFVyH4jHTD96HSiG4AGqBlfdZuphb0UgWjQoMWRq9RbIGB3_IdQF9b1KU9_tJjNKDjBgdJDz6UyNH28miJwpvGq6wiVHIlqVc3GzCrKV_IpDNsE6eZ7eTLbloL_gzLyb5z6nPJclCTomQPEzHJQA6xhqI-T2Qmafzo3fwgQPz6DIYLBT9nQhbUJmBiAvKzWBh8xv3a-FFl3D75KvO6rRxFfuiCLCA3gAlH85dWILoBzjXWTDd6gRivikoAOI_j_-C3NR6j0-gTu2VbPb9riHuUacW4XGroFKRRBGOr6mJEtWFa1s4MqON55flNyvHlUsuQCfuOFNl92fA2x_lqOINMVbTi-XR1vWxsZT90MFPhw5DhQSPSaEDk6Dr6nWLC83XIaw6Bjx3ejrqff0oFqkhJyO3lx3uJj4KL2Be-TYOTkm4fzN5LiXP4nzgzy9xe9Zp_5zO-cXpH2VZPilTEy7RJyvp--l0JUtIVgQziYSXjdJfchRSDFXyyTEnlvnXFuM1St9-CkAoljNw419JgTCgOyz3eCOiEBG_GL4r_t8qYKCWMnnriBly34sO5YlL1q_DixzoQ6sIOkVp25WoBRiVh3Bssxl-bKzJFkE5Ge4-LFqKAeGe3q8z4USHulscEg2RiengNHsneMvE6cyYjr92_SeVhsB4dDgY6DUUfcz0MLqNHhZpw0YHPcLwUTEx9kpbsNpYKKLEXWor5kY0lee-1YwUl_0qGu-gM1kNMYw7ViY0cS562PSwqBZZ7hyYwldYK0PNh18JiMHe2cK2KF2tdlVAsw-5mDlKnxfqatxKkm7w4NCNQ_wFq44GX9nAKEliRQafqVe8R28MbCurV18VP8fDouydbBg2HUDZjXwdXVWpLeBmBRpIFSaWcbKjALsJQZk3lhKxFGrSbcLor-WKEpyV32izTylN76JVZCoD2KgiDjTCLVJyOHrouzXENvA2852G1IzRSC8bnA4ZM5YsAJ9K1j0IbNvs4VQWkzwOplLYmArH9KLHQnfneeFA&sai=AMfl-YRf5AW0i496R5Y0jVLH96bY-5oBMBXQGqwbNzOmLeZ2x8ab6U8peDny-Gn2q_a92eVWokYfBGl9_FuBHQnCpo_KA8SJ72RmAGgaiH53kwVuqQ2r7vSzRuOVi_cJ4LTXL4aX_xKXRueZxzCwmGg_fVntxw_q5oryR83JawkR4F7-j2YNI0TUYEpWgJ5KNUok33xAlqgd1EZXLxXYpG-pQ5J4NXgNl1HOA64rT0Gnc2X7nOd-pQIhd3NIaT0EIH8d49UL0Qn9sI027KfckWxc8eEdW9N8e2r_0qgDO3g&sig=Cg0ArKJSzB44GA9cg6X8EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=537&vt=11&dtpt=327&dett=3&cstd=209&cisv=r20220511.09738&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
comdirect_markt_300x250_js.png
s0.2mdn.net/sadbundle/862137188495136981/ Frame 8F3E 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/862137188495136981/comdirect_markt_300x250_js.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/862137188495136981/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f34081974aa06e2e70a3b6260e788f57d78d5c920e759310b2e4bc0f6cc070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:29:21 GMT
x-content-type-options
nosniff
age
450957
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137120
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:05:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:29:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4AD3 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8Q8H9ckBhekzK50chbfueLM8sigzFzTOU7g2avCTrBEpO0FBykoSgZ3KEparYRJX64OdATsKWCiK1voh2cKcSZgiseVtS-_HNEreZ4i3vIM6bI0gUOHsk7Ste3extYNGindJcW6pCNNPEHD9LQnHZkdCtDROVUUbDghgpmRlYkBts64XwHMqdy_er92yhnzDu_oDn8eQLp76uCMWExv_qrVmht_ixzb1hvXYGYXHPqgvygtldrJ0VrBFwtE6nMfqs2OWrMac7EsG6fQROPGyvg6lfa73BXQ65dMvm1Bpnpugy_qFYjjwMyOEkeLvLEXW3G1j90Xa3_lxQC44YdqxWeMfHm0dfrVfkAwALZgm-i_qI55UHbZa5dq359RO7uuE1B0KSgTU4RT53Y3829AcSLXnIk86FIcBOo9SHgr9B6v8po4DU5RyClJ-4D0sPHZzjyVYTgvOioIrRw2d9viGpQrTwyGD58W_0Enoaa81-9IL54nMktqJQULcCKZONseuiWpQjmeY62ns6hiYUqp2GeMcRepNmRsy16-kERm2DNAtYHoqt3pF-YrfXbC_5cxBbLTV53xwT_kmK_QC7OE-jK6rxJtQ8N8cUEq6BWzYe3gPQAbmAM-769c1tCBA9_OviAXv6WPSe6ratZkVuVN9DoR2srCIy_gKmFconJqNeVzQxKNwT0hATndVOb7_OcHdUEv5AJF8q-anrXs3i8z7aPvaJildtVB_OJFd_I-ezwpPl2egzi5y4gHyCpydYIUlB3TyiwrIoTEzsC2eglJg4LFkNM1rzRouL2y_Y7S3Z55Z5wrobzLkKUbxmOZ2Ep67UDt_8y-OOlS4y2WigMFNwDueP48oCfx2je2ycYigVM6So74-1b3y-QDfV9GUU5DMBHKYBkFImg8C5aTskeApt2gdWZzcn1fqWkcP1wsFqYTnrdEN-w8BhbDiD_C_ZeR55BUnzXwlbSLJmjTY-IbIE0Y3_bCmNk14UJq1hSbDkefOd9VPSNDlYUfuVfb6-uGToDKpG_tyClxxplNEHZCbbTN3JIwzTNDPwcbMZ-OvD494n8VNrIScWTpAfcJDaWqLglEDa4-6Aqdu1ViN--Bm9GgBMANTgd2MWQ-Einrnr_TDl0Y5beXvYU5qhJZKJpnkbOlWq4rusor0IQ89E8aQRJZltkBvW8ta7R3Z0xnhPAIQ81BUoRSZxRSDzbZtTuUJ4IV9RXtahrmECcszmgtsM1wqAdSUgd31C3tbJULVTP3KZbeWjcRWsHUE_OGF8BT_mPH_pw-9DPo8q_7FcV8Rw9gUch93j00M0W4xCL__EAVQ&sai=AMfl-YR4tgIciBFOQ_jJtv3IbbEGrgLw5OPwzydr6pwQBAimDnU0XKt63yFWkMKz9hRxQDnPeYmPbAhWYYm3EhAqJHtUPKrXoUCc5oLjTbVU9T7sRauUoRbjaOMHxl6XTIjvJ4wnOB4uK68F-OvceNwCVEXTKiIgyxR4jUPWi96d6nbM9MJ0Vqa3js0cOpnfVBylF9Mq7mpJz44HW02M6u5T6UZd0NyCXbXFJLgBt9AKhZ6ISaanJZDXudXgm9gT2TQJV4VvvlKjPqZBeatJVPWhsZWkiAFHVfztHyImDW72CxzZ&sig=Cg0ArKJSzAp7GcGN25QuEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=503&vt=11&dtpt=315&dett=3&cstd=187&cisv=r20220511.95492&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js
pagead2.googlesyndication.com/bg/ Frame 110A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb1bac609d9ab7475b4b5ba3672047900f760ab867b1c2b8449b1d5d4fd17259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 05:44:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
208838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13696
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 05:44:40 GMT
-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js
pagead2.googlesyndication.com/bg/ Frame 8DAC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb1bac609d9ab7475b4b5ba3672047900f760ab867b1c2b8449b1d5d4fd17259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 05:44:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
208838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13696
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 05:44:40 GMT
-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js
pagead2.googlesyndication.com/bg/ Frame F269 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb1bac609d9ab7475b4b5ba3672047900f760ab867b1c2b8449b1d5d4fd17259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 05:44:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
208838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13696
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 05:44:40 GMT
truncated
/ Frame AC59 		67 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b35f733585d06975a6242dae18c828949a60fd621a8208e9ac24838a0ffd7dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame AC59 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 91DA 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 91DA 		41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29aa34e0852c0a6ff15b303c58c95ea0636eb17ef6f9f5b4c760604bdc5301ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 91DA 		43 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed55972fafbabf4133dac52851a2001812430919a9414ec539dde1daf9cbd6b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 8F3E 		41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29aa34e0852c0a6ff15b303c58c95ea0636eb17ef6f9f5b4c760604bdc5301ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 8F3E 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 8F3E 		43 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed55972fafbabf4133dac52851a2001812430919a9414ec539dde1daf9cbd6b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
e5fcfd3cb07e90950347.js
yastatic.net/partner-code-bundles/581749/ Frame 0A51 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/581749/e5fcfd3cb07e90950347.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
845cf130f99729033fce99a3a8ccc29728a85f49bb012227ab0c67e42ba10e1c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ua.korrespondent.net/
Origin
https://ua.korrespondent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
10047
last-modified
Fri, 13 May 2022 15:20:56 GMT
server
nginx/1.17.9
etag
"1ff801809b96a416501c8b25240cb56e"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 May 2052 22:20:42 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 0A51 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220517
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ffbb4c6100e795393a8490047ec6c8c1d6ce1891931da4e2024bcd985b26751
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2659
x-jsd-version
1.0.1344
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19169-FRA, cache-cdg20761-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-bWsRxx75N7TPb7TbJdE627ZN5n0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R02bCCihEDOKKlZdP3hrUqAr6NH%2FM%2BgQQSnCS8iTWlqXeb6Na0a6rEu%2BF51f5QOnI%2Br6t8Leh67MFMo5caKauJlWT4hv8cSEQf0AXAD4u6WLdcs7xI51ktbrxYBJDp5FjBiqcm%2Bm%2BKM0AWjl4gY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
70cd7abacb7e01db-ZRH
access-control-expose-headers
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0A51 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Tue, 17 May 2022 15:45:18 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
ad.mail.ru/hbid_prebid/ Frame 0A51 		84 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_prebid/
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cfbd51ac2af699c5852924136c66b15ed62fa15b9b9fc6c52c3be371417430e1

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:18 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://ua.korrespondent.net
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
adjson
ssp.otm-r.com/ Frame 0A51 		2 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=250&s=23110&bidid=8582ccbfa6be7f&transactionid=dd2f2e37-9351-4a47-a6ba-169ed05a5cf2&auctionid=6b479a3d-f0b1-4607-a8d9-daf1e644bd2a&bidfloor=undefined
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.65.201.138.clients.your-server.de
Software
nginx/1.19.7 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
server
nginx/1.19.7
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 0A51 		139 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
70b775de2cebe6b5a7dfcdc1632a57ada3f2268aa518b57e156844d6ffe32fdf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:18 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e20d699d-8347-4550-bbf4-d111bec08867
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ua.korrespondent.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ Frame 0A51 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
ee63a08679eb42e840fae6c822a5ebf8511af62ecdcaff6298a7af884e5f7bb2

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ Frame 0A51 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.41.0&cb=19039932360
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:17 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://ua.korrespondent.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
activeview
pagead2.googlesyndication.com/pcs/ Frame 3E6B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudEfBt8TA-qGp9i5Wbt8pML-Oe6oTI1H6izqZ3Ps3VGTqgicTE8HUwfOALpZh9B1sN7TzWxJW1dtevHHhtFBQIrP81c8A8GYIPkUvrpws_J_Rl24QE2OTd2cpZ&sai=AMfl-YQWEI_-5Olw1KYtNfG5Ee6ggsZShrQedptwHiSjnrBoCSCHH8vQDvL-kLcoB057EOCradUYVJbAwr-2&sig=Cg0ArKJSzNdNg8rfM21QEAE&id=lidar2&mcvt=1089&p=0,0,90,728&mtos=1089,1089,1089,1089,1089&tos=1089,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3638426950&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802316950&rpt=501&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/ Frame 0A51 		305 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8610050614645263&plah=ua.korrespondent.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70b4893455dae4e0d66e418d1ac7a529e033bff29644e04db9af631f7bd1b7aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111358
x-xss-protection
0
server
cafe
etag
9518639981414181493
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 17 May 2022 15:45:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C575 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=1948631371613234&rc=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220509&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59b2e3a6bc9a00d8b70935c05868961ee1a28a5cbcb5464866be294b35f8f289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10580
x-xss-protection
0
6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
pagead2.googlesyndication.com/bg/ Frame 2775 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 19:41:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
72206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 19:41:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:18 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 0A51 		221 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ua.korrespondent.net&callback=_gfp_s_&client=ca-pub-8610050614645263&cookie=ID%3Db0151d092b68d7a9%3AT%3D1652802316%3AS%3DALNI_MamwyTwnoVjZgP7AtBrIpaADixf-A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8610050614645263&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
946331547881086c3139e74bb4ec5c3408d69a234959b7afc88e5d42db31e701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 0A51 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8610050614645263&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0A51 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8610050614645263&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A51 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fua.korrespondent.net%2F&tn=DIV&id=achernar_1554_16528023166283c30c578b9&cls=achernar__wrapper%20achernar__fixed%20achernar__fixedToLeft%20achernar__fixedToBottom&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D470 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8610050614645263&output=html&adk=1812271804&adf=3407270561&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fua.korrespondent.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652802318557&bpp=1&bdt=1387&idt=127&shv=r20220509&mjsv=m202205120101&ptt=9&saldr=aa&cookie=ID%3Db0151d092b68d7a9%3AT%3D1652802316%3AS%3DALNI_MamwyTwnoVjZgP7AtBrIpaADixf-A&nras=1&correlator=3644822342989&frm=23&ife=1&pv=2&ga_vid=590111183.1652802316&ga_sid=1652802319&ga_hid=2125392058&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=2484715974&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C21066428&oid=2&pvsid=361822275069798&pem=547&tmod=449272345&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.z0j9xqtje7ze&fsb=1&dtd=142
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8610050614645263&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0A51 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220509&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8610050614645263&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02cca5b1b107d83d87f92d6418987e95686603e5603dd63e88fa4df978e70bd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10604
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A1C5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:42:24 GMT
expires
Wed, 17 May 2023 15:42:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 85CE 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f5d298c1020c7fe8ecd374ea8690088305178aab62725346a159b49ed57ebe17
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ld5-yodeE1Jv0aohCRnAng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-Ld5-yodeE1Jv0aohCRnAng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:18 GMT
expires
Tue, 17 May 2022 15:45:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0A51 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8610050614645263&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:18 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1253&event=prebid_response&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:18 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1253&event=end_auction&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:18 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1253&event=prebid_winner&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:18 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1254&event=display_creative&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:18 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
integrator.js
adservice.google.de/adsid/ Frame 0A51 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0A51 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1260&event=ad_loading&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:18 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ Frame 0A51 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=361822275069798&correlator=2594407043849564&eid=31060890&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Ckorrespondent.net_amx_%2C300x250_bs&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x300%7C300x250%7C336x280&ifi=2&adks=117400872&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=minjs_test%3Drefresh_yes%26stat_hour%3D18&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie=ID%3Db0151d092b68d7a9-224e44d196cd0027%3AT%3D1652802316%3ART%3D1652802318%3AS%3DALNI_MaBUksfH8lKwfvvwl2I7_TSs1lPqQ&cdm=ua.korrespondent.net&abxe=1&dt=1652802318860&lmt=1652802318&dlt=1652802317171&idt=879&biw=1600&bih=1200&isw=300&ish=250&adxs=1375&adys=911&ucis=el8tejqmk8jj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&fws=768&ohw=0&ea=0&ga_vid=590111183.1652802316&ga_sid=1652802319&ga_hid=2125392058&ga_fc=true&btvi=0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
988502ceee54e2030d6c9b74ac9624570a632211a0835d7b857c481c6b7a42e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8794
x-xss-protection
0
google-lineitem-id
5693555703
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138383165806
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3262393d8824fac4ca60baed50c430f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E182 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3262393d8824fac4ca60baed50c430f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:18 GMT
expires
Wed, 17 May 2023 15:45:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6558 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2NLduJOWE4uzqQY66dLTte-C341zMLnCUkdvVXikupKOIFc1n33wttZJ2GqgOh1n0HbRqtTeyLXG-zipTGSslPFR6OQASdLxdI8bIwBbZxozNitOwEYY6P5fs1Yb0l31sZPjoMw&sai=AMfl-YSYXV7qiapJpND9hMecPcMYrEZcQuHkefdMFoilgFde5T6onSGxLexXye1llKNFEQCz6rI3f0oGznQW0aRZz_o3kVlUlDqxlPU&sig=Cg0ArKJSzEVCama4ymmhEAE&cid=CAASPeRoDpCru77kQmB7coScOHdfvr4Ee9n46qm9yVxDEIok0Sp5RV9lUAUnhSq0CHbudJH9YVHR_hdAxSwmS-A&id=lidar2&mcvt=1055&p=0,0,250,300&mtos=1055,1055,1055,1055,1055&tos=1055,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2327833755&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802316973&rpt=823&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 22BC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:42:24 GMT
expires
Wed, 17 May 2023 15:42:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1694 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
abcbead6c9a1d352d7902929d6c01bdb095412f2d1f0de17f0d95f841f13a3da
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-N-t_TvcbTWFNtMB2wrESNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-N-t_TvcbTWFNtMB2wrESNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:18 GMT
expires
Tue, 17 May 2022 15:45:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 85CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220509&jk=2444593629601941&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame FCF4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfNKXIApw2SkeX64L0tvM3VDlYMtZ0Pl82sNKL00rdqGIxWpEWtlxobBgRXTF4dk82FK20PzrOGzfYDJnuXfBxZwHW_v8KKt21IsE6K1g-18PXL2adcchWpzjVO_9uuQsed6CTaZfR7Cx9YeKKHBJx6i60t0qZyjJQ-CRlIFHWOdDlqvuOXgpEsicbsT8SId9orTR54qWK3H5kPqGJ8WcHwiVoVz1qa0Ibz6T9lMi13RtKjIYlVnBNoe4vzga24O91nmKe9G_84ye0l646FkC944BTMylOOXTWAPDOquSXC1VA-WdkYAfuga7VdKf-JyRoP7cC-MuciSzbTzWIKIabReJtA9VztMIoMhQW7Vau37v_saRW&sig=Cg0ArKJSzPctCbplLpESEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
t.js
mediawoot.com/ Frame FCF4 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29a0a1ab78f6b642d13cd03b37042748690fecfb751ced06e1cbd99b63cbeef3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
znfHThgD.hoe6pJSrwGCXORvVDjWKey4
content-encoding
gzip
last-modified
Tue, 03 May 2022 15:41:13 GMT
server
AmazonS3
age
42756
etag
W/"1fc880f17be764903afba6ce6d8fbbce"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
date
Tue, 17 May 2022 03:52:50 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
C0elRszpFWnanMQZE0RXIIvfTCeK5coItCOpvyj5VBZN2FejBAgETg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FCF4 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:19 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1403&event=filled_render&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:19 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 110A 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnhL3DcODYtLtDqPC7_UP-IKQoAgAAAAAOAHgBAI&bg=!DwylDEjNAAZL3OSAa9w7ACkAdvg8WiniaotOgrQ4EIm0VJ-hWe1_B4n7skHSeUQEG6_wN3goPneMSQIAAAF2UgAAAAdoAQcKABQQOsg5zxLyUymgpdyuFfm1oXMu05kDDoYY9BoOZXhufQy518wUd2437oYf8gnTR1cypLWDIWjZ4JQhnl-9Ki3Xe5GmkFzGsQh9HY_aQl2_tkfvycrgX0hh5jMblAUfLAEzCs_wy_dEfGRn9u7vqob5jwKx6-XjmcLWXNJGLbh7NUTPgpIp6BLFTkEiLVR_pb-6vYNJ1E_qwtnrW4lEozbSD3eKkBJzz1WYAwpTv7QifFf6kWcScQP6Dd3xBhF3GH2oUOGz0BeagLdezo3q_sTsYV2iZO0xjtBaJDe3BTrM17JzGJAq1BsHn7xoUCePR0I4IOLYNUeNKwD3SYtDPUyn4gw53bEBcXfkSoR_zb89tJiZiFB7KFOcVD22t1j598BZn-M1L6ujiEXYTnDkz5oXpufflrJWlCw8_Wn_pDLewBwJWo-7jsgrMuUO7qyByhe3FqhGfNKFOVb4Tv_LcOBOBVgvJQuscJd0JGfW2JE-QWSkwroGpjEgnCsjGd727T1aaby4CulFl5YtBV7lrR12DWRuv6_2wsjlKMgaZvefHHv1Ughab5Sb8j5qcVi5tp8_qucp9WezT7LTV7lC40PN8yLujaopr3ediYA51vJ6LgEVYTuoYxAjyljw53ulpvjuwJySk4PL3RtrcD_rVcZpK_oQO9YMYRuHPB5cpK0BgjexxJu59vK6m3bOzF85k_nahXArPRs4j4UwJQsZxcTARvHDrrFYlhUbPZNzqNBYFcCcrn4qilYpw3THLW9-6R8k3EGGBVP2gQ1r0pJUr9pWt9Flu7AivytVVuvvpUOKe71OOj7QzWAYxJW-0kjGQLBH_AOuZLfYdW6UP4ZzIVPhpAHYyb1hBekBk5oBKX9cQ7H1BDehZyF2Pp8UaL1PNuwxMNHOuFW3KL6o_dgAjpvmatafzaH-HIFfd0_WdHD5y1MFWoadNzaQXb3Nvtu-Abt33iyT85EIUkgKrVkmvrIej7AzwmtaxWdegxmjFxjbI3rPhpEp9Ae-1RV-mJZvV-wWNZVmJDFIOGgxUsAUFBPco3DgqWjk_7FdE8ULQhKUU6__qIoU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4AD3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKQVQFJHSk2tyVwLIBQYP_nIcxlI6cgtzL0DSPdbEUq_w5Q34RjRpAbwzdxRlSxSlENl4QTyxm62IZqlcMJHkoyGjSB4xLa6G8cQSJjoe8WFg&sai=AMfl-YSE0BV4IaE8f3fK0izTcpnSVuznvnVDwaNFtPr0-sKj2t0s-bzeqZPvc8Kr-0swcPESBoQoEyaZ8a0rl1eRI3jYgulDLzuhSfQd23siQ5D6EG3ymrwucTGiIr-R&sig=Cg0ArKJSzB9_C3uRi2o9EAE&cid=CAASJeRoaJlQdzjUJq9s7Ba0htah0WNeQ6fkODPJiEJLGQVB_BAsm6I&id=lidar2&mcvt=1028&p=950,0,1272,300&mtos=0,1028,1028,1028,1028&tos=0,1028,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&vu=1&app=0&itpl=20&adk=1835401595&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802317642&rpt=334&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FA20 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5ezrjbAOJAEe_jPq75QeUlKJ9Wdzd4-cohn3kNRY4khn5kCnYPT2nvc99nzpKo2KjwFMErO2WN7QRbc5V0l2fPlVBgsahdGcWV2QO3nPmulQ&sai=AMfl-YR5ShPkatFY-v65aWhk5qJcp3TC6M-mi3R0zy_m7K0ToOCJXcrGZx1vHYlx4XLZephZXfH-v_S6T7cpYm-Fv9DXlZiqGEw6Wqj3zY85GghNOwaZ5HJa091x9no&sig=Cg0ArKJSzBK1yonAWjtFEAE&cid=CAASJORoTZvCQan8WxQzWvVEodTOvU5szcdN0CO1AanehXmoqDse6w&id=lidar2&mcvt=1029&p=911,1075,1233,1375&mtos=0,1029,1029,1029,1029&tos=0,1029,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&vu=1&app=0&itpl=20&adk=2071096867&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802317626&rpt=336&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
pagead2.googlesyndication.com/bg/ Frame A1C5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 19:41:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
72207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 19:41:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DAC 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsKv9DcODYrrFD6LD7_UPwJa5-AcAAAAAOAHgBAI&bg=!NDelN3PNAAZL3OSAa9w7ACkAdvg8Wp9Wb6pzkAP2Sprtcdrq0ULt_SseTOm9BSuD4XwYGG3lunfptQIAAAF7UgAAAAZoAQeZAxBT-Zo_fM0pu6XV5PmCHq-DLFP3I5fY5llK7xLLze2eO1VJOWAfczdJGtI65tJfT9pQLJ5wsNgRpkjqisdWk3ap-txi1rTPmvy-uc0ll4RfEvHxWUD5kZMIQcYUKXJCraHW8fF0VlhqGh-Zq16nigiIYvJRivlR7iOJ1cysLEtrLQOFhkmX0ja_Y5fLkZ6OOKUD1YspgUr3zNw2pIxTNrmX2SgJK7yp8l-vItKS7ShgDbOzh4yTFrR6_Kr8CHuY02orPHITFbcYEwTkUm1YVx9CYRiszSnfZ4Y6dHJOy1lrJABhgpN2HO3S5lO1OU7q7LoVe1P6YsYPJ8FxUohWldm357Wi2Hs-ulVwLEhm597aj4Yb4_Kl8Oiy1D2oeZJ_pDdE_0PW1Q0D9G6zcBb5vbAMCLj5hnyKcGAOkOqrv6yHnWqJNQF2NUOFJKi_nQx5cKfUW3x4trdql5V17uL3Kcim6gfdy_bVf5V-idTuWb0rJ32TXwEWNbI_XXi-toYknOqjEe1wfR2qqAWr4QvjswVF_XlLM1fAnCg3lRaEjW5W4AVUxO9WjDxo8DFnCTM_r5gBMXuCu10k2ma17yfvFTLXhq0zRqPmR5NydFLQELqj5pHaFJNIAWc71WNfihV-epUQt9jU3jSrJ1SFS8IYskRNy-eMGtYFGc5GhWLGB4NMMAfpgKZYB7qoGLmCbaJisDPp9mzYAu5K_aR-0ygvhpnqtkE-EX52qSkv1RmoQf465qe4GJgEvp2y8u5SKSer-gQKd8Iv_W05d2wWsXE6YrR0FyD8aW7lz-d9o2yBzO__RmH1MYdg4LwTeZfCHHpiQjAQgC6CyhvmvQ11yLzEyJ9GREsOoqHjn9CEmvnb7tE7JD7_qpMahx_cEC5yuWqNra4YjVfJWF6o7wraRKG9rlTTwcDAsfoLRZRn1cLJWMjMFv-PAcj6wSZpqrO7MhjImmsbdIgwD0zKA9p7Na2VJfdUZLKJo18MrWZwue0v8rHfLbrPAkohQM9dWdnkaVQUH_8THszwZaVfhrzZ2irKjJKm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F269 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTNjJDcODYv6NEpTC7_UP0pmvkAIAAAAAOAHgBAI&bg=!0tGl0ZXNAAZL3OSAa9w7ACkAdvg8WkCJ8D8bNENPF9w1ytTYzelv2uo7d6DkE42sy8YI6Rl74N8AlgIAAAF2UgAAAAZoAQeZAvcg8LtXKN0fA-LjGopQcUzVLcAJ-O5uhyjeXxmnWSKrwfi0R6r-3YhtKpDiZ66LaN2UUH4j5ODx0bF-ibdOJ1Yl7t-ZyoDQN2x1T2R-E6Q18CMsNCVSYno7B5bcLIuO1KR0-5BP-yxgzYJ9wqvvkoocs6JN3hxEa4On6noGJode7QoUIpj0X8nIrU2Vpp3_-apRbPrbyPZ_S3U55I1MCI4L0deQW3QZnv-TR_MzoN1WTK1HOllxp7aEsSzGenHoTZAolxB9t0aKB9oaUMiuNAhqj3vrJ7N6Q2d2DyKyN3lu7olgmSmdoNPbYdlPW8k20AztFX0Xbb2sa4vTzEik9rw4l4Ot23UN2KpPaIgqeIEhBea6Pi5P7tPZengBbVQMcZ4fegnNFI_0isutIXzmvtz0PIUsLVHSoNGx3nw27gfj_Y_2m5oBh12dnbSizzjD9CzfiL0ePE2PsgUT9pQQmw8vmSmkwZaWvXPqHGIxRDsrpecPodNRS6btnZFcKoz1cUl0OJ_-R2YVF0HhyyDB6uo9NbHf4e2DZeBhz24lEdWcfbqj4wR4nqNCI5i4-fCRKsd9zpukiJNLKBBO4Kxp_rojFuyGZk205nGH3Fv5TfXNEELwQj2BPBJhecKTCPK1Yikgam5N-k2ON1QVpPI6GqloTKL22uA309EbVqJsk6bb_K7-wm67BYFJ2t-p1mbX5i2OqNsWRAKwWr5oZOagVQGwRXkwtDPuk5opVuOvqBZJMAlVnxEKz3R7j6uNQkiAbbQNHd7JrscQOl8wTew9a7UbtIFaLtHstUtZAIBSnexNYW6-OeZxfE7w3fQEE2oef_J9JbCn81fCmT_zEN6b644PEx3Et_wsTzxaaVDL5SFWh0eHv10e079iy4pEpY-PufToS8TnSu8BWWTY56WCTDczcSis_QAsYk4CuJ0UilkjAceUg2gOblm7dnSMHhvKWcZfi--3mO1CgtJI71Vk5XjvYNA60l1lfvnyXCKh6z2-9mI3jKETny0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 2775 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?De-qaA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 1694 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220509&jk=361822275069798&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
truncated
/ Frame FCF4 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6acfec8f46038e93fd59ac6af902189740650453ced7f31aa1e86949c81080d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
pagead2.googlesyndication.com/bg/ Frame 22BC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 19:41:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
72207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 19:41:52 GMT
g18zrl66q1278cu7c5ytl.json
mediawoot.com/c/ Frame FCF4 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/c/g18zrl66q1278cu7c5ytl.json
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ead57b4a59e7d890408606fb6a388db8691e840a538d2b673b6a826ead64455e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
H21d2acTXKGHZnO_QI9J9fzJ2knU66s5
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Thu, 07 Apr 2022 09:52:34 GMT
server
AmazonS3
age
43208
etag
"49b028150d325a8b352384f92b7ae98b"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
date
Tue, 17 May 2022 03:54:53 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
1565
x-amz-cf-id
ksccQPNzg1l6TqtaKwgLKJv1oZKwbBDhJC_1nIya7kIp_CWxh2JsCg==
view
securepubads.g.doubleclick.net/pcs/ Frame FCF4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFaWmoGKTs0egrR2Uq5EcVNlrKDDFQFIhMddaGkcwNdXNPmJAC23fy39e6GmCqAGsObBZ1A2vPtDcJzx1vs_2FxfKITZQGP7hHKZeIKAOTjB8dQfDY23YcUe7lIs1_CU33l_vJ1HepiPzv30fsdXVuwe5VetGz8Z5LL0MEJsi2mly-FQZUV2wtGCHqZLAZFkVADU37_In5GO48JjCCm6X4o5jW6ahPPNtT-s07mNTui0izp6ArmDryp1AFpFt3PHMg77rPDBo2cfgL06Pwbly5ifh4Cw9rF416cetcmjXvs_PrYyxhvpRJOwulnuHSTkV27JJ8SDDAXkbhCZNTMvC76AJ3H4EmfLKk&sig=Cg0ArKJSzDSJOwS8-8y0EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 17 May 2022 15:45:19 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1506&event=impression&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:19 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F4BC 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
3f5fce810a506822eedbf33946b50aac5c1898f3789343a7f3ca5008270ce0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28366
x-xss-protection
0
server
sffe
etag
"1217 / 284 of 1000 / last-modified: 1652785528"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 May 2022 15:45:19 GMT
prebid6.15.0.js
hb.adpone.com/ Frame F4BC 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ov%2Boslclb%2FZJCLVHUzUe%2FuSC%2BT4i55y94LRVHPKmt3jHuxowrSD4wWgVzaH%2B9PbJ5g9vlVltDykCA0hbeDBnLRzGZhwPpTj4sjstfvNA4iYvLabBdcQH41wVrz4ErbWsOMAVPp4ZLc8vglA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7abf3a1c0f6a-MXP
p.html
mediawoot.com/r/ Frame 33F4 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=zrffrdpel&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
ZBeuSYrKucXaIit9ZBWMUy8CJ1Qj9PCq4A8cQzKOn5o_H7eZs6x4Kw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame E1DB 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=yyakrhcb&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
UCpTlJZ9LVldfHB3w7iyQYLkm8_NNNCqrQix7t3vgGRA5EO56UOaaA==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 745B 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=uowquneh&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
OAa325gP29LiyDBWO9WpDODxOZUSluGH6gv_8I7IzMFIs0xxMg_Vkw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame DBBD 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=pjbzvaf&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
E8TnpJP15b_EMbAiXbiGSP9WcKKOxQ1lovyy-lV8DyCNAjxHRby3rQ==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 331A 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=rabglyjyh&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
jdCJ317U-p279D6nbe2k1GcsE55jjtwRQLZj_sbYVWsVgZDxwlOJiw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 87CE 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=brjrd&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
cHi8_vLed-i_PmqV6MHNid1Z61j__N8wuTZCXa2MRzS-tWZUDNfvgw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 3E27 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=ivawnoge&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
JyCfa6kY8rapfZcxxkyDI5_slxTLBsObjWzYQZ3l3MN8aYUOtiiAHA==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 5907 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=zejlij&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
t0M9_Sj8SjxqvdAUSPbxcgFgjH1W-ulDlhIdTBX7QYh_zfcgQu9jpg==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 91CC 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=yulkjros&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
fchryT7ddKO5wRHf-82c66RP1mggst6ivg8PYRk8ZU95xl6rHOmVTw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 47C8 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=fkkwwruyd&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
9fM4fj72P24BJw5RlI1pwaXpnShCMxVRwdguBIekkMByPSynyuQjEQ==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 5CC0 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=jeeeyszd&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
EEnc9jKrryzhpt5yqIa7ZZCPBSD_Cb_O4V7rgercWiGMPA9GGvmZNg==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame E20C 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=ukbrjr&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
84yDS-8oU06RWohIvGusdW3wyRoASrWyEQvbRcyucNmJ62u5GxRx6w==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 3DB4 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=ztathhok&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
LiGUz4RpPiyEWTQyfIAf5qC9OKrJwZZeD64oN9vkNUa9b7zygxcG7Q==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 4BCC 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=mfvhqvk&e=1068016250166
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6663301652802318999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46947
content-encoding
gzip
content-type
text/html
date
Tue, 17 May 2022 02:43:05 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id
sz66oXNKEeDx2h_W8o1HXCH_ahLQhITtsR9pDSNTPnD1i_k38blpOw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
pubads_impl_2022051201.js
securepubads.g.doubleclick.net/gpt/ Frame F4BC 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1294
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127621
x-xss-protection
0
last-modified
Thu, 12 May 2022 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 17 May 2023 15:23:45 GMT
generate_204
tpc.googlesyndication.com/ Frame A1C5 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TLeNYQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 22BC 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jKK6-w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
prebid6.15.0.js
hb.adpone.com/ Frame 33F4 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zrffrdpel&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLDxfTeZ3pEJP2bnV8iWH7AGfSywH9yYb%2FST9IjSuNObZiJVnvifJ3MiZAdVfI2w8aBqcgSoodlZcqGnlFRFqyaqb7Ha1s3vwENCIgXLf7YS1R3VxxCiXDwm3DAuwKPWZBLX%2BpxviIGOpXo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac03c430f6a-MXP
prebid6.15.0.js
hb.adpone.com/ Frame E1DB 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yyakrhcb&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFE4h%2FcIVLPuJTCd5yoOdX0o6bXeV4H86trrbdEW7yhQcpOU9NUHzG87NfsfYXCkfeljdPgOBJ0s62maP9Wf7tRQ%2FPE7k%2BEoUUZ5Egd7l0MsUF%2Bq5DLyrsi2%2BcSSzijEQX%2F2eQDY4MHsDX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac04c610f6a-MXP
prebid6.15.0.js
hb.adpone.com/ Frame 745B 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=uowquneh&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1t1yJ7g44QXID%2BeSZa1bZ6KBBBKv%2FFJUdUSWaK7xJUp8RGlRkZUdycuxjx6rLDjrxuTdJNZ5ZD6oJ2VhcLok0jADo1JeZfNdm93yFnvi3%2F9CTtLd%2F8HnhVl1WTbrbLBqiHTeWGquLRUp75g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac05c770f6a-MXP
prebid6.15.0.js
hb.adpone.com/ Frame DBBD 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=pjbzvaf&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ih25ekh9nL4oOCnExjHUfx1sWzAk%2BY675jL6k2dPQuCKlDl%2B%2FzIQZYrihfOrM1u2cu8LbPjGZUZq59OFlXmCoovncnR0Zkgid2%2FshqhSKxCygNUfSQuchvCgxWRK8CBWeStxHZTMn9OIdl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac05c990f6a-MXP
prebid6.15.0.js
hb.adpone.com/ Frame 331A 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=rabglyjyh&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9C3xD%2BDdq%2FGqyYu%2FJ4wfFq5yRMZUyJk3K9VZ0cGyYGYR4vXRwaQNb7jmxcodsw%2BEJVAFt5hyBoktTtgCBWAJZSiUnevi8lW4Va0cVyJvVxib%2Flg5kr61ry5lZ8lf%2BV7Tfafc4L3gNVyUHw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac06ca50f6a-MXP
prebid6.15.0.js
hb.adpone.com/ Frame 87CE 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=brjrd&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8kKh039PRUF3RllTQDPmm8Q2QTmtkxxynFZLcDG5%2FoBwtzDgciQhOdnnP5xgUZn%2FINAucEQRs3EUryLq1nKDRNtBHg7ntHcYbW01ZnPTNvqulQyhfY6OYiceeUKFmCRhocDgqx72W53gP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac07cc80f6a-MXP
prebid6.15.0.js
hb.adpone.com/ Frame 3E27 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ivawnoge&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CiRLMRFzaTK9rcPs7YcBBo7SxCsQ0BJr1LLikwSy6VpNaZkV49PdmkpSI14x0fRZpp60u2cuIsEw9OBr1FX5IcanBDi9Yhpq2P0amNKFQgrqJii5cDq5V1dx2o%2FEBCUHFHOaj88IjtWmtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac07cdd0f6a-MXP
prebid6.15.0.js
hb.adpone.com/ Frame 5907 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zejlij&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKJnOXSl%2BaVOUXQZdDtchJE4aeHpRDlVag7Q4ElPKXH1wDzsOgGqlTizx4VqHdIJ%2FDXj6rMhB0WVjoKP9syVR%2BbTo%2FfG%2BOaWM2BJZOco3lk%2B%2FfnzvqLchwkQ7uoaavnQsrLdEhT8%2BTc1Sw4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac09cff0f6a-MXP
prebid6.15.0.js
hb.adpone.com/ Frame 91CC 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yulkjros&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAUZ5WUr9i%2FtCcCQbM7hyJS6IEEvew7eoGFJh5Y1XSkTPojhKVQTmR4jkT7emL82kbAVUX2WsjMgs378G2rth8u66SEjt5s0j3uPqbz8bgk7ukbs107bwht5ceRRPDRgo7pcgd5MbBqJvgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac09d0d0f6a-MXP
prebid6.15.0.js
hb.adpone.com/ Frame 47C8 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=fkkwwruyd&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dscTnq%2BHdtg1pMSnGAfGoRpc2kpwPy9fqwpzd9c5MP5ovSTL2DubZ7J6CFdA%2BD0A3wfwVSBzlJB2rS3JMPGFqfVLTgnCJzAIY7VRnf805D7fGup%2FumviSKYKfFmie%2FNtA3mtpuK5m0NfxKA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac0ad250f6a-MXP
prebid6.15.0.js
hb.adpone.com/ Frame 5CC0 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=jeeeyszd&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FV9RVHUcWA1prH926WkENup%2BgN%2BvqvLtV6ZD%2F6%2BxbmoucItDuPF6QdHlqNvoOA8Fmn3Cnt4FwoXLIgY6cQPYkeCN1aQfgpbCtzfHuykb62S8cYSEGATq5I5tYxxQiI%2FjKE%2F5KVdEtKOByLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac0bd380f6a-MXP
prebid6.15.0.js
hb.adpone.com/ Frame E20C 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ukbrjr&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSL%2FISiz2JZbq5bzZow7qdR%2BBhiA8S4HsdITq0mx0EjZN9%2FlLvpkJMebKO6JgrFvjoUQXdfDwTuQG2WmL5obHBiBbesKcAZv4tgr5EOnRX2%2B5QUNKeECHz9%2BQVTagttSdgdcYeTLvmwuZNc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac0cd760f6a-MXP
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ua.korrespondent.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ua.korrespondent.net
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:19 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
bid
ap.lijit.com/rtb/ Frame F4BC 		94 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
f8ce82dec3625d073adccd48a25e3be8c1dd1f81c8168c4fc402f1424786c5ea

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ua.korrespondent.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
openrtb
adx.adform.net/adx/ Frame F4BC 		0
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cygnus
htlb.casalemedia.com/ Frame F4BC 		36 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2256698bcf7d7be4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22domain%22%3A%22ua.korrespondent.net%22%2C%22publisher%22%3A%7B%22domain%22%3A%22korrespondent.net%22%7D%2C%22keywords%22%3A%22%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%2C%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D0%B2%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%81%D0%B2%D1%96%D1%82%D1%83%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D0%B4%D0%BD%D1%8F%2C%D1%81%D0%B2%D1%96%D0%B6%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%BD%D0%B0%D0%B4%D0%B7%D0%B2%D0%B8%D1%87%D0%B0%D0%B9%D0%BD%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226cac2001ca2f46%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
795c685c734b5c93605fea6453957ff1b2df5f232cc1e72198eac0555a943c21

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://ua.korrespondent.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:19 GMT
arj
adpone-d.openx.net/w/1.0/ Frame F4BC 		73 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9467b417-46a4-4f40-bc04-f94ca70cab2e&nocache=1652802319506&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=%252F21671350435%252C22654422242%252F300x250-korrespondent.net&aucs=%252F21671350435%252C22654422242%252F300x250-korrespondent.net&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
a9a91c544e33d4ac8f55a7e8ce951445f383c7f1e7fcf19a3a3976b9128b0c5f

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ua.korrespondent.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame F4BC 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8d3d9a7c016606c027e6a2bff558abbc183fd6685eed4c18f23c250dabf406dd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
da1d73d3-850b-4bce-9d16-47a33bcb610a
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ua.korrespondent.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F4BC 		425 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&rf=korrespondent.net&kw=%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%2C%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D0%B2%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%81%D0%B2%D1%96%D1%82%D1%83%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D0%B4%D0%BD%D1%8F%2C%D1%81%D0%B2%D1%96%D0%B6%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%BD%D0%B0%D0%B4%D0%B7%D0%B2%D0%B8%D1%87%D0%B0%D0%B9%D0%BD%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.page=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.domain=ua.korrespondent.net&tg_i.pbadslot=%2F21671350435%2C22654422242%2F300x250-korrespondent.net&tk_flint=pbjs_lite_v6.15.0&x_source.tid=9467b417-46a4-4f40-bc04-f94ca70cab2e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5542267444745805
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7b4fd23233a18efd29d67d6cc9774db285019a145345cc77fd7420ee7e4e6669

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:19 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ua.korrespondent.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
425
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame F4BC 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=89317337354
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://ua.korrespondent.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame F4BC 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid6.15.0.js
hb.adpone.com/ Frame 3DB4 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ztathhok&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcQN7ZCsU0JVpLEaaS9BGOyw%2FSWte%2BMWrufbsAB0hpRBYLoSiEbfj3%2Bg1iK1Ow1HH%2FeUUOfgZUpIhPkimicaK2FMe%2BMJdLBmamWaRsr8PG5rBg8aLLdWaxoyL4zK4kd0aWPmxzesoMvajEM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac10dde0f6a-MXP
prebid6.15.0.js
hb.adpone.com/ Frame 4BCC 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=mfvhqvk&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4561
x-amz-request-id
SFG0VR52TJHX5M3N
x-amz-id-2
ybl14vazq7I9thLL+CfDoRh5jNeuhwjKJfFul6wmz8KoT/TLG87TUgtIQ9qpc6djMLU6kv9f6+0=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKjgiQHf45OpmAVstenfKRKxoowYhzEl3M%2FKAqPbIusEtNmtGT2UgTS4FBH%2FcmaHJLcEFKI3YKRWR41pJ8t0bjZgSsOCn3pksFEyQin1LLLszekPHKuPDFiUNBowTqDNeGbnGmfFIb3DseY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70cd7ac10ded0f6a-MXP
546.json
id5-sync.com/g/v2/ Frame E1DB 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
bb10a5efad83c3357587316549392cce6f08b7a116ca74475c01aa23d6479e07
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:18 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 33F4 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
08741e9fed7a6b3507e4c4c2d9ba841aac9e2f81b72840a5f5203d07ab97fd72
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:18 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 745B 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
01ca2b9eced577b462ba2297b15afb231c8d8bebcfc9102de0104cb771a68034
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:18 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 331A 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
100509b468d82dc9928946bcadb81f5e728e9ac60381b6567c6475532219b3c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:18 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 3E27 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
3fca7574c4d3fed80225f1b2689eee405b056d61ea559639317d32a1890ba585
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:18 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 5907 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
cca361f1064a7ec856c20f4a92212371fbb8e9670eeb8fce1f315197bb2db060
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:19 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 87CE 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
30ff7103f39d276069ccd30caf50eebbbcd34fe8627347ad77569148390229b8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:19 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 91CC 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
4833219e20cf14e95286657ed04dcbbad990a1b6fc3a8d7eac27ddcab7fc63aa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:19 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 47C8 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
76c9dd763cd846c0fb9f09376e07e7bf2ba3280b249dd0a4e098f52dd9d59622
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:19 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame E20C 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
31f0e61e590f64f62cf1a31ccc4e06c0b97cd24b63a9f8b7f1957301f197e69c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:19 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 5CC0 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
3820579e3e595ef429b8f5bb133af8011a02dd00a1465e1f10f09e20741027a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:19 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame DBBD 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
c82e63e36f3d41964e6a2f87675047998033312acd50feac5f28613959f5df6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:19 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:19 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
cygnus
htlb.casalemedia.com/ Frame E1DB 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22121a8365bb33a8%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22243bde42c3cb33%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
61dfa015dfe7c190d2698ac0043e3283073ae93a63ea3be4323c6c384d762395

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:19 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E1DB 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319396&tk_flint=pbjs_lite_v6.15.0&x_source.tid=d260530d-e586-4bcf-992d-c160a11dd08d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3314488506936486
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
93ed15a0025114bbfdc04ee2983984ee4b28890aa66be6f545c0428df0954a8b

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:19 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame E1DB 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
a4341bb8ee3b9a7e74046a9c02d788404d3a490f580431b0f06320c077b02635

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
openrtb
adx.adform.net/adx/ Frame E1DB 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fb900881cc83a4c2d257c3b177739e28b3ad73fcca1c07b39bf3b7f310fc5bd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame E1DB 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
674b31ffd0e0bdd2cd40ec67fd273a6b8bdd38807453dd662106eadf67b635de
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
04167c09-ce4b-47fd-8cff-9f2dad889947
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame E1DB 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=d260530d-e586-4bcf-992d-c160a11dd08d&nocache=1652802319783&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319396&aucs=adpn-adtag-1652802319396&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
cf23530df2c7b13e742838cdaf8c753e412985bccf9cc1a4e4e0b6be14d81a9f

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame E1DB 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ Frame E1DB 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=78801764624
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:19 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 33F4 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
79ab1bb4e84e3875c6ac1258af0f34f807306a6dbe4a946a46726e73d2609a8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 33F4 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319390&tk_flint=pbjs_lite_v6.15.0&x_source.tid=af4533a3-dafd-4082-b8bf-07eac523ca32&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9369427697856432
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d4509d94a92dfdf5ea4f0b6109c4ea20a245af466a5ab9ff5dd57fbb5f2b38df

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 33F4 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c3b13148ea39097906d2b3216f32a7db8077a1e4cc657543b9a490ea54cf3c6e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b9ff7e8d-6a0b-4fbb-bfd1-ec458e53547b
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 33F4 		72 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=af4533a3-dafd-4082-b8bf-07eac523ca32&nocache=1652802319808&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319390&aucs=adpn-adtag-1652802319390&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
8ab26f24b5a77ada773b5f5c2b91cc3fc914262ab8f74d7e6221d9bcaaf9315e

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 33F4 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
5f447e92a1506f46e085d52551c5cedf164b485a206a5b1f1253d7d7a0b1c8f7

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
prg.smartadserver.com/prebid/ Frame 33F4 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cygnus
htlb.casalemedia.com/ Frame 33F4 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221305b54b22d468%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214a1b4a54d37caa%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
20709fceb4f6a192c0be6394c7b871f8ea06b3e2e68a94cb20385b6c00806a93

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:19 GMT
cdb
bidder.criteo.com/ Frame 33F4 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=4048129245
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:18 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:19 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 745B 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 745B 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cygnus
htlb.casalemedia.com/ Frame 745B 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225ad23f71cbc5b7%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2268b8863f652cef%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e89af8424b5973762e03632b5682f496deb95e90d2810a15720b97a03569b4cf

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:19 GMT
cdb
bidder.criteo.com/ Frame 745B 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=9262034346
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
arj
adpone-d.openx.net/w/1.0/ Frame 745B 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=ecd869e4-6140-4fa1-9e28-3741687c4675&nocache=1652802319836&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319402&aucs=adpn-adtag-1652802319402&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
170d5265950f3f6e41ed96698a3434415c5887ce6a4d98f3df3643282e57f01c

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 745B 		94 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
0f685911674c0e8a0defee67886fcef19b04cd3edb3365a7ed48453950479b0f

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
prebid
ib.adnxs.com/ut/v3/ Frame 745B 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e4689d8b5d0ea3e6bfe47e3edaaf9b221cf7c24f5ea2cefd4b188f2d66934dd3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
508f2b62-8e76-466b-b91e-61206c84fdf2
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 745B 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319402&tk_flint=pbjs_lite_v6.15.0&x_source.tid=ecd869e4-6140-4fa1-9e28-3741687c4675&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1967430681589546
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6d88067ecac60b1595d17558694a488a752749969de224456141cfef8ae07998

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:19 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:19 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
prebid
ib.adnxs.com/ut/v3/ Frame 331A 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8f50e13300811e9c2844d6bd9ac5c5b2f914db113ec68b737483f346f07bec79
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8e94c23c-9274-4f2e-b6a1-356da3d9356e
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 331A 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319414&tk_flint=pbjs_lite_v6.15.0&x_source.tid=71734a0c-0ea0-4ba6-804e-6b733fabbf64&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6644187684403773
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f741e9b4a915275a70423886415479f3829d83de5f384cf916eb734ddb4bba12

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame 331A 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225a3e2ac389d447%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226a9415c3670565%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
056074e8b8ac7c0a335761641b02e052628913eeab13e20c1a63b8e5011a58b5

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:19 GMT
openrtb
adx.adform.net/adx/ Frame 331A 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
adpone-d.openx.net/w/1.0/ Frame 331A 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=71734a0c-0ea0-4ba6-804e-6b733fabbf64&nocache=1652802319865&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319414&aucs=adpn-adtag-1652802319414&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
16505f38e730970522591a4f68a1faa6cd2b7eeba98a99bbab49aaac8eff701a

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 331A 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
68296cc58f7f938d6e936e42cb7dec961ce1fa18f3c82c5a6f6ef32a03043317

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
prg.smartadserver.com/prebid/ Frame 331A 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ Frame 331A 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=40053560604
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:19 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
cygnus
htlb.casalemedia.com/ Frame 3E27 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221eb02b240ee026%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222e57e6410bcad5%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a50f51de69f8e06c4012182dd7696e68d9fbbb2c4bd510480148152823f0c359

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:19 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 3E27 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e26e40b195c610d312241af44b4364351ac2ba3fe9d78adb48f5390aee321aa6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a4fc563a-cbd3-4bb5-ae76-958e9b197125
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 3E27 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
bid
ap.lijit.com/rtb/ Frame 3E27 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
c1312287cffef5fc276fe120a58ffd0911c77f84c7b6ff263ab01e612fda6751

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
openrtb
adx.adform.net/adx/ Frame 3E27 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
adpone-d.openx.net/w/1.0/ Frame 3E27 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=3e37a4c9-b72d-46e0-b4bc-c9551a06e346&nocache=1652802319884&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319431&aucs=adpn-adtag-1652802319431&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
2e44441746df68a95ceb9424b855cca69c6c5095b3399eb1ad306adbb92971a1

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3E27 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319431&tk_flint=pbjs_lite_v6.15.0&x_source.tid=3e37a4c9-b72d-46e0-b4bc-c9551a06e346&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5447358516056706
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4b0588e897a8f8df8291323fc59acd612680fdd1128d6fa1abf4dc59364e5bd4

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 3E27 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=65778423676
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:19 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
arj
adpone-d.openx.net/w/1.0/ Frame 5907 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=c8082a42-b63d-4fa3-a01a-af42d9f826d7&nocache=1652802319894&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319442&aucs=adpn-adtag-1652802319442&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
8451158575b1accddddf37304bc536c4a554c43ff400a3c5e0a337523c2149a8

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 5907 		94 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
5822873f5c5d5430660f2972ce5a178d7c063da38e737061d86791434f41dcdc

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5907 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319442&tk_flint=pbjs_lite_v6.15.0&x_source.tid=c8082a42-b63d-4fa3-a01a-af42d9f826d7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38861433040471627
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6cfdb12134e60431b42ffaa342921359a46a95b717488f2e71d9ceeb3404f871

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame 5907 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227a50bc70d2faea%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228a496a85c5ea1f%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad260de90173b251cce3dd4389c5b65fc5922b639dc89a06ca40beb0b4ff80a4

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:20 GMT
v1
prg.smartadserver.com/prebid/ Frame 5907 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ Frame 5907 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=54873990178
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
openrtb
adx.adform.net/adx/ Frame 5907 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 5907 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8bc5e3a82ab9aa0055b32cde22b467e9c343f24c3407d9d39abdce9b25b97670
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7691740b-c67e-4a91-a571-084bcf5f69fa
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:19 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
prebid
ib.adnxs.com/ut/v3/ Frame 87CE 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d2b7efa589a2fcc71549eafcdddbb08fca3005cd1937f71c4d8e882855786b19
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e8914f3d-705b-48d7-9744-f2711d67f66f
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 87CE 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2236c40e5fc8f0af%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249b6f1eac8fc8d%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6cc3da9ffeb3e78541ff0a57f51c5059b5b5a7fc4918dbd727b3de7b50998206

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:20 GMT
bid
ap.lijit.com/rtb/ Frame 87CE 		94 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b3379b8da32e28c0677a8b54f02920880eb8c22d7e5aeb3f55113b0bb734b6cd

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
openrtb
adx.adform.net/adx/ Frame 87CE 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 87CE 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=20636329248
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 87CE 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:18 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
adpone-d.openx.net/w/1.0/ Frame 87CE 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=1ac292c7-d379-4b99-897a-9445d37a8329&nocache=1652802319919&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319423&aucs=adpn-adtag-1652802319423&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
01c7b190dce2dd486038743d83021384c4361a6eeac7003aa3461a8e29919dfc

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 87CE 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319423&tk_flint=pbjs_lite_v6.15.0&x_source.tid=1ac292c7-d379-4b99-897a-9445d37a8329&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3672474319275032
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c16d2e0a2b653bb50db8f77d431706a8e308cb77077bdf279e661d190449fb4f

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
546.json
id5-sync.com/g/v2/ Frame 4BCC 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
a11aa99dce9700e6870716a8f26f6285cde56dadad384ab1bc59058b7bba25d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:19 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 3DB4 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
10cef860cadbf2d7390d3ac7a03229cdd4f2027cecac984448e17d334a4ac142
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Tue, 17 May 2022 15:45:19 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:19 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 91CC 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 91CC 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319450&tk_flint=pbjs_lite_v6.15.0&x_source.tid=fee8ab95-9fa3-42b0-9dc2-1d6cef2a61db&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.05552049672623216
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
33dee44133a9ba2a40d4b7bfcde4b4c6bcb28459ea666784c860fd287c9e76dd

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 91CC 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
adpone-d.openx.net/w/1.0/ Frame 91CC 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=fee8ab95-9fa3-42b0-9dc2-1d6cef2a61db&nocache=1652802319967&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319450&aucs=adpn-adtag-1652802319450&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e156a61a00ea7d4c72d19a295a2ac7622a45aa9b2464b1d9a937843801b6e980

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 91CC 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
873717f5315c799c66b3651ad2c3205c6d1f17027d007af1ecd054ee14dfe811
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5b6e369d-b7e2-4b63-83e8-d3743bfcc8ce
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 91CC 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=69522692388
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cygnus
htlb.casalemedia.com/ Frame 91CC 		37 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221308593fa2e77b9%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22143bdfa87572049%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f2fb4ad12177603c34fc866a5278b982ad90f9a6a6464516a09fb1357d78b6cf

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:20 GMT
bid
ap.lijit.com/rtb/ Frame 91CC 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
341d5b7148d9012ab3d5cb6d3078f65a9112b0d8b081c217860d7edabac73f79

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:19 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
arj
adpone-d.openx.net/w/1.0/ Frame 47C8 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=6162ecd4-76ab-4f5f-83fe-8e1876fea470&nocache=1652802319982&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319457&aucs=adpn-adtag-1652802319457&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
1bb81774370c658a1ab9f1d3229d25cefe24fe07caa3d763cec7f7d121503f3a

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 47C8 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 47C8 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319457&tk_flint=pbjs_lite_v6.15.0&x_source.tid=6162ecd4-76ab-4f5f-83fe-8e1876fea470&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8910146554986005
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
28ecd64dc4c2143d4d94a0ec8630b3ed5018f1e46f6665627546f1a7bc099b0b

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 47C8 		94 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
7dcf24ec0e4867f333bc53d82bfb558761f188efde235b9692e0d9a90f66826c

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
cygnus
htlb.casalemedia.com/ Frame 47C8 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2295744972893808%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210388cf700ede65%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ab4f28f76e75e183fbb508feae1c2b5763e8c30ae5b2c85a092ffe4e9e3b2340

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:20 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 47C8 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c132e4adb7d1b48cf56e99ac17f4b1b3447ad0dc02503123d18102eee976892e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2408f542-bcc4-43df-ba7f-a7d0975a7ee7
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 47C8 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ Frame 47C8 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=50315102253
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ads
securepubads.g.doubleclick.net/gampad/ Frame F4BC 		89 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1410699056145224&correlator=3333408535482829&eid=31060438%2C31067486%2C44742767&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fifs&iu_parts=21671350435%3A22654422242%2C300x250-korrespondent.net&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1907443763&sfv=1-0-38&ecs=20220517&fsapi=false&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.25%26hb_adid_appnexus%3D184c334e7985dfa%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.25%26hb_adid%3D184c334e7985dfa%26hb_bidder%3Dappnexus&eri=1&sc=1&cookie=ID%3Db0151d092b68d7a9%3AT%3D1652802316%3AS%3DALNI_MamwyTwnoVjZgP7AtBrIpaADixf-A&cdm=ua.korrespondent.net&abxe=1&dt=1652802320021&lmt=1652802320&dlt=1652802319165&idt=379&biw=1600&bih=1200&isw=300&ish=250&adxs=1375&adys=911&ucis=b6jpvip52bv3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=4&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=590111183.1652802316&ga_sid=1652802320&ga_hid=487905196&ga_fc=true&btvi=0&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
21c90ef4fea1ff114e43128bf0c90130967592b07114e2f707fb2ff3335d15e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37792
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F4BC 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f00767a372eccf98ee0a2d035ce6ebe8fcf4fbe73bb945e4ef32e53521e8f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10555
x-xss-protection
0
container.html
53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8422 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
expires
Wed, 17 May 2023 15:45:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:20 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
arj
adpone-d.openx.net/w/1.0/ Frame E20C 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=e3b62880-6497-4126-96e8-b22bac93dd5a&nocache=1652802320043&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319480&aucs=adpn-adtag-1652802319480&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
df6e47f3dead15c7aee83b385619b44bd4d41cf4012df3e34d5e29f511eac6b0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E20C 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319480&tk_flint=pbjs_lite_v6.15.0&x_source.tid=e3b62880-6497-4126-96e8-b22bac93dd5a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6585240559848484
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a7bbec6924c29f79cdb9af96e46a94007ba4a533221187fd567d1fcc6fdcc4dd

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame E20C 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
openrtb
adx.adform.net/adx/ Frame E20C 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bid
ap.lijit.com/rtb/ Frame E20C 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
5a8c21a2959dcfce2e8bff6ac33f6b76d8215ceb3820aa208b0242f53c08baf6

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
cygnus
htlb.casalemedia.com/ Frame E20C 		37 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22119cf637d0732e7%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212c523b5a64beda%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8fc2d2ec6b00399c458036af0176a7dac1d7f439a3b100c68fdf7ac3358cfa5d

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:20 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E20C 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
90c79e03fa35d95fb6b353892fc989a88101c18797ab9a973fa21e25986f97f0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e68ff37c-e6f5-4b4a-8189-bf6f4da1b3d8
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame E20C 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=62663953510
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:20 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 5CC0 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cygnus
htlb.casalemedia.com/ Frame 5CC0 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223ce584447d58b2%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249b8e432a7daba%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2db957374545b2c32e4402d4d5abf5fcb216cacd3a5db090f681b5b1ea14815e

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:20 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5CC0 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319464&tk_flint=pbjs_lite_v6.15.0&x_source.tid=0964d672-e6b1-47ff-84f3-f10da16b28a0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42150988498597086
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5b988afafb0c8079cd95c03d753ec9b18013cfabffebfc423354fd810416a997

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 5CC0 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=98893275842
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 5CC0 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e1bf77100e7012bdf727aafef1f1fefb22edec04e850108c460eea3daa8905cc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
83592184-66b4-4b4e-ad7c-a8d4df1a71a5
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 5CC0 		94 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
98729141ace23eae16771414a64284d02115cae978ab1449e59f968ad386f42e

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
arj
adpone-d.openx.net/w/1.0/ Frame 5CC0 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=0964d672-e6b1-47ff-84f3-f10da16b28a0&nocache=1652802320079&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319464&aucs=adpn-adtag-1652802319464&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
83cb7f810bda6b1257e48d07c0e1c2b20c871b3b87a60375c82008c09e8f9f33

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 5CC0 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:20 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame DBBD 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
adpone-d.openx.net/w/1.0/ Frame DBBD 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=c19b2aa2-56b5-407a-b705-68b170af6056&nocache=1652802320091&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319407&aucs=adpn-adtag-1652802319407&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
2bf2371d0cf337df79a495eb1eba6a249e30d3b141dc80952f72c320780ad583

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame DBBD 		94 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
3310414f9302d194574a6637aba3f1b9b0c2ef8b209343f6c81376c24c551709

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
v1
prg.smartadserver.com/prebid/ Frame DBBD 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cygnus
htlb.casalemedia.com/ Frame DBBD 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229a3d2baa841ac7%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210c9518327605c4%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9cdef11bdfd5caf3e8311cb3f38e522bf265eb01d5447ae6d88cf715c3f22083

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:20 GMT
cdb
bidder.criteo.com/ Frame DBBD 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=39780763844
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame DBBD 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319407&tk_flint=pbjs_lite_v6.15.0&x_source.tid=c19b2aa2-56b5-407a-b705-68b170af6056&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3971878860076461
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1e8ef02ab6bf16eb833ed1a7a6eb98ed2b7876995d63b437b5f8743d5c4b6798

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame DBBD 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bc6ee94750f6dae36ba54099beb18a3a69531be7815242af611866320d0f4bfd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
03cc100b-4a32-4e4a-aa68-6d4a274d79a8
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:20 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
cygnus
htlb.casalemedia.com/ Frame 4BCC 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221bf43c20c8e509%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222f56c7c7b24a7c%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aee72ba4decb77a11f961dc8208b8fae272533e494a6b3a4c93d3ddb51c1bfcb

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:20 GMT
bid
ap.lijit.com/rtb/ Frame 4BCC 		94 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
df9df41904b3fd286051e97d31bc4abe45df6b12fd446e8758c67d74958e5049

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
arj
adpone-d.openx.net/w/1.0/ Frame 4BCC 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=de42c9cc-e973-41a3-b01f-16697b760d93&nocache=1652802320129&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319520&aucs=adpn-adtag-1652802319520&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
af832497634cb3531c1a8cd5fde46d9574ca98bfc323ab36043b6cc8b0b83c59

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4BCC 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319520&tk_flint=pbjs_lite_v6.15.0&x_source.tid=de42c9cc-e973-41a3-b01f-16697b760d93&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6842349162484764
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ef491d1d9a3c4cb158c1081ae6d386279a598eca65ad85af9ebe3efcd9288f81

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 4BCC 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
618865ff3c0bfd77007b84470e9183c201470fdbb27da471dcf8ad5675f28cbf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1f09afe3-5b52-48c1-95d9-d132c3b83d42
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 4BCC 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=72152931670
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
openrtb
adx.adform.net/adx/ Frame 4BCC 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 4BCC 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 17 May 2022 15:45:20 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 3DB4 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cygnus
htlb.casalemedia.com/ Frame 3DB4 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223ecad3c9f5afbe%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2247c704f2fccf7a%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
30c5af0bf597201deaefe81ec3f32d1d49b940712bfc2663599c2c9619ba1f69

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.85], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 17 May 2022 15:45:20 GMT
cdb
bidder.criteo.com/ Frame 3DB4 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=61388830962
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 May 2022 15:45:19 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 3DB4 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3016ebc21a753c1a83fd8de45134e2824a330d46f0473cc5f4f124e6333ef8d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
60afb520-caf9-42f6-a856-a8b9fe016860
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 3DB4 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=357e7e45-1f2c-4d17-8163-4ac2507fe22e&nocache=1652802320152&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1652802319514&aucs=adpn-adtag-1652802319514&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
f90d9a9060e9457a9419f170312e450c97edf2747b647243e15e5d5aa7315627

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 3DB4 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:19 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
bid
ap.lijit.com/rtb/ Frame 3DB4 		93 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
365e832d17bc4a34ffb01f8efebe4e69b4349ef6f1164e8e574aaa20cc125bb0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3DB4 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1652802319514&tk_flint=pbjs_lite_v6.15.0&x_source.tid=357e7e45-1f2c-4d17-8163-4ac2507fe22e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.865133892116321
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3823f2dde505d1689755ccccee9bb05b63815a306fbf5d0149ae0134bb583ec1

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 58FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=1948631371613234&bg=!5eal5qLNAAZX5TVhd-U7ACkAdvg8WoaNs4YjyN2Y86tnISnGChLObTrJRTQuFqYSGAwwEVL-rLujCwIAAAFZUgAAAAFoAQcKAIgO-fiyky8J83Ru7HBLSpXtWzsBh_FUHC4_i7MPfPHS2Bm48mlRKqArbKJYg3CK7tQMXdjWob0EkSW1zSFrLrQnN_AEG-FaxISTYyGC6N-AkWXzqlMH_Tz459Edb8AQEpLg_BZjwOm92wiDeRkXsjQtWmawfm74LZCPh1UPlpnQLFu_BRPGhkS3mQLGDBvPFPfiW18Q2QlmJGmquvQ1Hr2pAX0wdAogOp2FBc2pVbjk0GIFD6vX5XxAQb9nqoTGPcfiJCJy8bPIbIkuKJXolVNP9YYBOrKYMZC-W1SocwiPaYFXNiQdrPB5tWkQ53QYOy6QTBYIeiaovqSjIegqG_rKIgCMTX6RkAdvmRuI3eR4GO283x8nojX3ddbZLSPWXcr-E0IIfP3EDDhvaus23A9wF6O3tc67moy3iZMy7qixUzmGJS868MtRDXOgtj4p4t63TgdBZU_wRvqSJA_y0oJpEcWk3FmcfZBO4RLwIPnG2xMMYZHcWv_5lrPVegnbXnaU9GB8-aIdlTI9whnoXOHuJT356P_qXLHZEhy_CSp54aSl6--hmrhCQxih4zcOZDViZL00u2gijJIZtGud_k7aUyClNCY5VXSzCEOv7R-XzTdYF34qG2haGNv75O3ye-BvdbeA-s9rX3Pxh26ebS8gHm-zdR7RcBTnBUkgAiBkbhHoclCXEppcfroaU7ycD3exwGmLL6lm04ZUhC4AdqG0CAkJjQjykA6yXsizayNS2p9ripP45Dl5oN6MyO4HSGyyCNMLMqNEKlFkx7BGfexjsQjeFjOUnnidnMUg1lCgbqcHAMQAN_tQ96Ly5apoo8IeTjr3g_I5Bp4_aGBEZ4EtuxzYIGlHwiZcMQTu_eGeFPphp_1SzNaDDsLDr4bMDxSCTif7XXD2axhb30dOueFHDm027a9SCuCy8Md2UpHQCEzAeOzpI5SmagYM6-FCF-1kSpHwba9SBP8by-ECgDvTvw5j-KI-bxIRdxGVnbcHSsCNucjPgOtRqDFbnkVWuPwwwvJQDHtkM0jpiTzGkXMFT9pCAsLRbJmLHc5LM7WUr00ezNisj7e-HXBLxiI156_SaBjZiIdwJLynO9JpEWdAhBv94PZxHN1hNs2ludM1xE0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 0A51 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:20 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 368E 		273 B
170 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNW5lFf09Ni6AVYrVI6BziCKymFtlmZrx1-Uuawg3IMyrbTjQjuY7Ea1eb0WEC8-H93cmovAz_d0f6b886PnR63PUmE-OhlvAHUCV1lHHkf6Ye93jJxiXlk6XKkf7ys9e3Xjo3hX4d_idkMf3dN1chmaZhWXykSDYE6H2fx1ttaPRJrGF6i4x9V5Ik57-C2thkhv7VWrN733HKhlGCIbvV2nA6FnRcRoxE6T2UXHmLPIpzRZ7nk
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
149
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 5640 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Drw9EdWzEwPni6fZ8wIZTWREQofTlUFzUpHnxq81ALN7nsLIz3M14FMuVdflzgyVNedEIt-DC6iTi5_cndywfVzdNxZrBWkKFaQuI25TY8B-QiKmsevanF1cRJYYuErJBuDR8jlkkWMo_c0BbrbDls0kv7Kw&cry=1&dbm_d=AKAmf-Cj3AWInNLaBiUsJF-6fT8JXGdwU6UfnWGXKwkcCW9CBgjK2uqUtTBCFHmuCDITC4NZvB9fZxUSJmXBd4_2Wf4noNPFUtgR-IrIcAUjk7lfNeST5hII9NZw_eu4sDhobjYJPWlC6TtI09P8_LGSZKrRjpHowyr40-pox9VnX-fJclEevV5Ckd5mNRJsni_LLvJL-vvhCzVbRJVBKbheeEH63s-6DsIQ4Zi8AY-6Ixrp2knVZee4hry4ijmNNOj5d4q95cFl6gjFxtqFuYNvxut1MWimxiFOKwXCd3h8bUmevBEKXb4FsGJ77bf6GLesqbULg2CVSJbkuEhFtMIOfIjQIbdj9ywGT46tM6ctHlBTCW82GvnVZNrtpqZvfWZCuRFM4Q2vzLaHNbxuD07VCX339XjPBWc4b4EtgRMOkCl6IfI4lnB6HklmqWYBlW6P5nBo7JE5lnN5rEQuiFeCCT4LL4tEMhQ5SamzldV1SE_J4JiIb8V6A3yl5fF2TWfT76xqr3rXztEjIUQVyQ5qmzjECbWcPhrb5WKE0N6tikK7kXKVbCu6K-amzx0sZw5JtRlflcYQWcqp_Jfr7qch7Vq82bvD28y3CKVsezz3Z_f5GICEXtDv14ECGjkj0xCvOeLCBBw_Qm9gf6EYYZe4xGxV1NTuAS3z1h-FGk5fn1C9EMEih5_u6DlRiejVQipKPVHMbtGz1-wogrhw4L1FVeXw8mzIk-lqpist_vvnRXJyvYqTwuuwroc2vTFGt2CyAMU4nOwvURSfNvAmQtsDFv_-WDNkw_BAUnVXgT52qcBlpqcWtfdj58CrdCif1ZDTKCI7BLrKmEhaPpQBfvWq0JwRC1Q8U2qOsThWusRTTBT-v2VGzesWkf57R2BZ6yk0UV4z_b1DV263nsNB7zBVASVvF3gEOaE6Q_UnjIvnyRRlBrsrmZuCOhG20sT14tMQUF8plevNFYVw66uBpS-RjbOcKjPTUp0MByAPX5aBF5MXfvWPL9G5wugieQ8VHsWGFmUvksb6IKDsrVLLnU3uyiwNdVKMCw6VtCK5zZJulnLSBc8tiojjkCYErUBinOhYZjNAycE_4eDH4rVIqtDmGn2_RRMCgJJvOZtx8G6KR-1e6IGXtZG0ysGHY0vBbkolOcsHkom6l4ck6MhLVDma0pzl05VaTcTSznfqIcJDHBQlS73ZQ0XI6O8nwec_xL-PPxgkmweXVbJgJdZhWsODXRBAPidiX_oRrVOC0TLYYlwFLGt7cNfGkRr5s6BobreIcu5VCYYHbTS1L4DaNrItGYiBR0Giy4yG2bnaYBz8xSfX_4V_ZIt-J83qaUsQj7Q23zj3h8iV4g4WsWiNITiFvN_KyuNi7eVNCTSckwsRvNJe_xuujL7fkUuYjv8wUctmh-Lz-XhttKxGO9Tt0E10IY55ai57D0-D_-Q7JlBQAyWb2FML7GVwKBnEW2VTlyQzY8HiSfnkD8AC_urR_4ymwWQrtXgnx3_3GYJ2R81nzfc7oiuqj1IkRRSf9ssGOn5wi8YU0o_Kyl_IEbM0v__aZ6sD-ciPeMDvry7r-DlRJVOo7vCm6ISJHUaqVsON2pxrqXFmoTtDdyo9xbHobmPXWSgfq3SwMOfwlKHAQXG0mNEXH2teHHEt5Szdf1SIz64TEUkZ1T_LgV-npmYUCcpqxkeDngwbb2xJb8VT1t2HIlGOV2YqwM_icMe4EyvIiFzhlraH9CzrPzqmFab2gZCh4E66IkcJDcxeIDWlHEbnnAWsAb_59YNCtfF361_8w4MeZCRKmVXMo4pRwhyr9JFttz7MYI66ernZEx4Hwu1Hcz4fiJr2OxHyo8P3K0ErhZ7Ac-VYgKd1drcYkkgMXAgx5ClBOPYPF3tv8TgOgTR8KPwVTJj6tk-YTVNsOOWzfv9dimktSNu0KrC_BTGuvwSwMmle1Lc-PIAOLeoa4na9lTRueoglgMwOJuSclvKQKqEH5RV2KnGEeOk17R46hcx-wSR9qrYggvwBCrOHxTZJtGtcQhi2We0rlkQyCUGXnGR4unI0VFCkTI6HfJllotmEMC9niu4Z0fzGYmFXyfoY2i5Ri4sSsBiTE-vSPV_BiH9NrpafpMolrI3o9hisvmpw4NRe1Jls89gBLB8gTRpQLtNAENSVgheHitXiRPOHnevTfGFExJn6ZXgWjnvcbO9SmMut0rK0_D-DUbhXxr816CkKmubOp9adGGuNUTtcLtEC4lbbjmm0zde-8SXK6e_zT1odC0cWvlZhAmJqNRv3AX_3YQRXN6AkWnZyNEmvbxNbEJIAKFXiiSgL2KF2SOKkVtFslOUi74ulD1MxQYTahfEaCDpVdjYlNLAm6Qyz611_afeoI5txCkxTIeKuotQQECNURBsrIJAq4fWFsub1iOdOiv25gdqkCsAS4FfaHlHLculGkd9oUgmwvCRk_BRwyUOVmw2yj3aKuI0cQjVdvz6TNlTvUdYxrzSyByB1tG4MvFS_1-xS88AOamFlcN94mjZ4ZWo7RvTCIJsduF8xpYLAxHBUtTzTiiTSH_k_0sMKtwg4oA8e4z4VgiRMaXTO_HIzbrhrQk56bMy0Gx1sWtlGBPxu0yIfd8l4ZrEnBJiCQTNEDPTSt9hMb3z9sWgCpxnot7KrOGqyOHLFiunD9zvD98BjrSkhRHiFamhcLKjb6sJzeCRkE3uqFMlMEiU16nQMG-rw0G8yy39xMGOhUst2rQr1nqza_KqoDiBn9Wy-TTWP6VxzthviQDJQaMO0e2rORbAoHd8Y3VnOX4EhLVsGaTRDYkkEw57OXIyDfHO38zzmS3qHw2rab8Uzw0gWXFM1gAAqQIQIEXXsPykvJQoRPKQCUt9Fy4kiOFpzWNh8C9CFHvA3lqtPdl_igzL5kKLGhoarpaHashUlsally3Z-tsL3N-OsbMcLKDEcYvqYCX7k0BpKAYC5mWWYab-jR09rGE5wPDcCF3W5bZnk7BftSuDZkqoPnOHQPY6cCsbfK_JKRNqjbRPKarVxGSRqVG3_v8CvC3A_UZZlt5nqCXbccX9CxxhWGqUBUpGXi6Q1fzde-LXC18pd1P8F9vgPB-EYad8lUd1KKtGKVj7iw_S8eQr8aUY1PAyueMAwoTJpDuSgJ11IMWpTzWlcsYUSoz08ByefbUK-E0-2pR4o1aiQJs705SUMckffMmbcSNjz1fmmLCAJNB-j8u3Y_EGordWXxBlvDWXmtYd_JzKIcIZb2r18xHJEqBWRYfLUdGsDFO4szJBRSmZD3TaAtY_Z0uHxzp70uKpf1G7K5etlazdWFQS68MajmPgtFW5LcEmuj8Dc4FsJTXjBdf-W8lqCv68eb_1mmNyYvEOudcwchObUx4j5c_wIe9EkC6l0wO8iVx6eX_hSTLxSns5DEpuDwWJTnIw5UhlblpP6xmPL_-Oeifpvigdf0dUiNsw_SjBg1V_Y4jshMLvqXPOnfxceREDwg6JLvQ8wj8m8jeqym04h4_XGVQVEL7pkhDcKbVWjSEJ-_pVIzAuNXBnTUArnMMtDg6J87PsOukdg4Jxg7IGxWXyQyy77WDIIOexOyguCri4ZEwIx&cid=CAASEuRoYDoCgVgBtDVimK1bHU7TtQ&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d71640d70655b29c65977ccb7e822e4e6e0da61d56a43d73cbda7e8f2841ead4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32406
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 5640 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4066-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802320.257967,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 4982851
it
ams1-ib.adnxs.com/ Frame 5640 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiPho-UBhDAibKY84-4uBwY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4ub0DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q1BUNHJEOE9EWXNISU5MS09qdXdQMTRhVHdBSDYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RZl80WTZqZmdHNTlLRWZFX0h3bm5nbFA1blByWGZXMDA5OV9FWHNvaW9ScDJmd1kySlItZGlZRFJ2QWhGcFAwX2tMZkVPWXlRNWJTTTNoMmpYY09UVUxmNTNIc3pLYXFCYlhsZjMwRkQ2NEhMc2tFWU8zRXY4eVhBNno0a3JWVXl3S3RaZGRwRlUzZ2ZENEYza3lNdDVKbU5yMU41SFVVR2NHTEZWS1k3bkV3Ym5ydVl1blIzd3duRUx5ZkZ1NFJPWFR3ejA4R01YQjlXOTkxcUtQVzU2ZnU2OVdNUjQwSzRwWERud0Rod0FERE1rcEhuZWdOZmF1b1plcVI5aHJhUmZUcmxmQVEzd0pHeXZDaE5iTS16bFJqMXhtSnI4RGhqUXNkZk9iTVZocmYwWlk1OEU1V3lSMTRud1pMN0dWcjNMWGg0MmtxZEZjZ0NEQWpLTlRlTXhrWl9UcWdRWU1DNVRrdjd1VkxTV0dQWHAwQl9hc0FFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9V1hnaWlqUWlhb1kmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um9ZRG9DZ1ZnQnREVmltSzFiSFU3VHRRJnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMyMDQ5Mzg0NjY3Mzc1NTAyNTI4IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFgemjiIbShq4jwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAe5vQPSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=5cf24800d09aa81e696faee2438d4c930b5f1409
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6c244e2a-cf10-4499-919d-88bf2a1f1445
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5640 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BB75sjzKu2buGGFVYVAij_BaAkKYEOIs84iHf0quWYMdhg6_oflRagGCBTEY8O32e4j7eiNwe3bfbof-SeoR-gWQpXsVGhon2Flo8vgXvRmXHutFM
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2F24 		261 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNUiHLNTO9k-L2oM7-WkvpwzQd2HK45xlMveSWW3vNlkQX3ArwAcZdptzJdY_LG3TFuK4Vegb7QL8F9L54ajbGtk10RO8WyenBoX7USXWDSyIwWQ1KvnMYDPuyZdjQ0acRsYzB02ae-FaCdZnJZD3C73YvsKZDPNzLhP2s10TsF2TGJa27uZzgMkmOQkY0qmIjhrIA_qpd5Io1nq4pPpG4cx4m7j__FXiYATtp1yTINmJ4BjXiY
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 1026 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdHGQvRXsb-429yQleklrK4nk2fRCrWHj0fZtMsof5CjXomcEPSj31CxuA7vwtMNR4cJBwPy7K1EyxtL2tOjuuA_uQseZBjZds1espKR4LGK0ifNScnyRDyAKb12rOWxHQ7_qo5GJ5EIrG0EPaw6QMDJb-Dw&cry=1&dbm_d=AKAmf-Cv6PQTbKj_hJSY5sCf2rMJHNGKJcoHs4Da3lsEq7bvn3hO0yOmoaSpj_hSFPssX43nG9UnU85OOjXmo4kOLslu6_JmrfI-5wGuYRG8IykImX-c6K8BSFNOPZEe8pF_t3j1Ybm4No1l08UhD6hKnpl9o4oJ-8cLqvMdLqNrysTSw40tI8W_Ffkh3uhFZKIx4gtvyHLS-buwJHfYYv-fDp7TXxywIk8bJ9hrXzY6P0YzaVp7WBWSr99rpWTWLvJF7lXuG7i8BDrRzhi-eXqNbXi8CNyPL8nc4ceZ2vvi7fj7Nb3iXA4ikLtTyyFj_fid58VoSmZ8Mvrwl2AjztIM8TBxqmhO7j33G307l6KjC3YQ4gMnr8pnr5pC4b-Nk-WBwjCth0BQePI0wSbMcRLdBJ1Os1P6temGuXqkGHVK4QxeJ1OWf0Gmtz8c-bzmYgMgnBU5RCItWUvltdbKJbTk54T7QH2jlusk7f1pyrSCwO3HZqhE3AcNo5PHC29EKu3W-OLdPGiZmZhpfuMT15hcMH_zVVATsdCuZ3j0rGo52x7edXHMvlC0kYcYp3NFIriR7H5es1fMh1QxgQ7oTmQUL4OpjfHefsk510Ld38fE3hzu95e0b1ki6rQbTHbfA38QtXcK8MBcEeF97Eiq4gCI5_nDrkhYoQjngUFouJFnUNAb1VhJmUPAL5IUG1BReAk1MLOecAYViw1JnWOTc-U05hM9-0VV6ZQFv6p5lTOk_IRjhJOOc1R3tJ00VPS_DEE8juBQnlQpUWOoRMNmOkkrRjOSp4ppELS6yBqfZc1nyZXL_jwAncgIgnzceAZzJ_tQM9rg9pn65jZWxovIIIR1paem7Em58VoB6emYrNkaoEAKPJqMD-ivFcNL0XUikW1iiJ6VVsR60-TzLJ-eCZLuxbr95zsYdmW_F4psT9kcIC-oykhV_StuyeGj8sH2sUR2whXXr9EcgfgnFKHUOCIRKfvv1cZW7rGn4stGNYt3FbSEBJp_dVP1GscJxxZc5MqbovGJAZ_k2_9Dc6pC5qlXugsuw-TvVuxAOXekIq7KQdssPTXwQxslB1LZKjVGPloy2PvwhylWdcMn3CKVBc1geAfMJvIHHgmjQoAJ0oxV4lrD7L64neiKvBH2os3XW0F6lbcT-ED9Pje2w88U9ccB2-9IfvjnNntMotZHpV4o1-jfgMfXTScqFcdDt340RvsGbCTC-MGrHTkerPawNfNBrnRHFrKIpKDvAx0lCoIpxnj3hLHj10SluVcREUTHWrQA3Z4bmXXHCpqM54tLF9zRNB-BmduUOb2do4Eyw5MuSKbEepMVxlzq330TjDhj6fH4JA9wez0OyPmr7M2eXyYti8Q-wBfOCKAi5UwjdphTfRmuq5TDCIaqxTmGzKPNVMVeb7WAy4442etfgwChCqQfUdZz0lJnIeN6Gzs1kFicreTLMz10poixHnK7LwAZb7tDVky3KaBm1ox-l6P8mlvOyM3j9a76z0myGvT9zbKLCSjZjwdQOWe7n_kjaXtxqwZQ9yE1bu0ryWD_XGjPzUQddgNbZTmMFc7zPnAe4dWztAs7jV65S_enrm8e6PVp3tc6BCQmwc6FU-kjJCjOxosWJIvneXXMTeyzHj5pkG5rikV76-rZmLb1MRAashUYhr8bRNf7ygpN0gbaeFNvC0YKAZmcgy7oKIs2dCrpptAWf0OBwzHCfBBLvIjKW1FGmbjE3DjGfFBdawWcsNIjGZlo6nS5-fpqRgAgUM00hjKaQaesM14nY0q4e6VfDJvhW3Q6XmjzTP9uDMHn5D_0JoOun0R_eLY6QCtcTwErDzptLLwbZgy631RXRaGaMglQLaKQbyV_wF5TsN8GR5UpsMN0UdlnN-kpg3g-4PXQ5WfFIRNAIbaCJuRiWpUhSLr7Bc4qj9exTkV6xgB3emqezKU8jtdIA-BcZEt9ff909cuvYPBB5wuMFlCWRu2rYz-rTQ_VKDm4LvkJ15lneaKg5G-jUe5b0lf84E12D1z3P6-0bzvnttyKAdx6_rYJc-ylXf_i_DXK-egXR6H-EkIQgV_oRprLk-mtXcedpb9jt0Ymm3LouPJjivXRiWibv64N6wfvBqFcSC6oHwrOmTrbP_h7_HKtm_Ismnty456NGL3C--BqsuZw_rGBPHECLYCnVQWx1J0dXYmgrq_Q33QiHXeIDt-EDMvlqym0sk2i054RWR4uEyzEeRHPvqYmsrmpWE11zixG_DmPE-B6o_SxVb5UdMjxq9zsnP5N9rmvTqo8EOQu8iB_x5dz50270iublHOefcOymZtPkJZumkP_ZMEv5BIkxOZAgS9sa7B-Edzi4Q_zfte5XbYbfaRNi7VEC2-3pE9FOyyLKLcDi2fJ9-ixB2_jL7GmXqLnt3T1ybZtTfB1aT0DXAS-FqLTuMvmody15uCyl00Ou5abPh32hBXLv-mVz6igmZqnGrur_UjmIO7FsyIeq53r6QLe_R1K7hH-dhzG11GkealxEvYNMkRakP5sAfeExIfzgBzGW2mbjPiFqLCgJJiLLYchrQdQa7CPO350CJOIzq4ZfTHVyl6c_MZ4F0iBuMS-dqhJcSPY0WcuwNC5nVbMesm7UcDvExag5jBlb5Q16-AVTIDRtllyb6N2oE0joneAueFoicDNKwC721zBeKO-pdhSSXJLVCbRkXhUWKWg3uuXIp8Oi9FZPy0Ix7__jMQfR0zwDp46NA1-dw1LYVyAlkx37H35RnmYtG3KHOfasRvoHNmqImHBTx35-Fcdg-QqmaqWioFOmhho87Eizd8Sn2R_AHXe2P68q_nKYsYUqNMJmXnTcirIdw4egUVYt83slJO47u8tV4uzr-nGqZ74RA3727qq65_NHyYtCnCoX0GHBcRpir0z-7-PeAD6-e99MaZivzSyzK8WXzPRez46u-XV13ttus6npCWJKIDvT-_BAoyKiySYj1cr_RcbesjGCZZbmBslIwYXlFi6WdiFUbVc1K1Pj-dgnHgzZk4qVvE11aNWlYq9uBfFxzJfRZD22hsFzAur2fu295qqQdoI_NI-CGCNp9rIduagNpHEGBylEcfkspottQVsKuFLlOjZdUutA8XxxH8qVKPE8FuEjRflmWDZx2ixFU9gd-X0ziDJ9RBuXl2O3ExllcvJR2ZMh1G8DfuktdFaxUgYwD9_GPnEvFCvbopb1Yr8OPonoESp6nSxKkQxeXizUpGc0-ZvO3KGmfa0ZUw4GxmFeBoyEn0CA546A600gSIgbnFXbSIqu-IU05kEFLo6xKIQVQfufMpsAX-JtE5SZ2RVnx9nR-YOhSZQe4KIiAXRgkJvhVWcNPlXs4iZ1nNdKp4lW1uamt3f4L0yl5E52e1PeoVflEE3fzruk8ZbV1AhXhDxkRwr4k-yLYniVW9qt9YnH2xM8fdOKSkk3piOx_xrVlfBpPNRwuOxrftdNe3mwWpg1qiiRbcYHd0gEZFiFyOmbjNdrXRcXz6CPVb4-ZDBhuDuyoDyor4lToYRZyULV1ddm-975PEor_37pewK3zrgHFHW3u9HjgprKmQyZ6EnuTZuMPTP8ruiuYua5quDqhY-&cid=CAASEuRo6UAjP6MyDoQLQlQ7vvhUQA&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
edaf7ed3f21396bb8a6e178d46c5b811c19546619d23fa6256c46bc245018735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32498
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 1026 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4082-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802320.255886,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 5030850
it
ams1-ib.adnxs.com/ Frame 1026 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiPho-UBhDYiqiviMO4ulwY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4k_sCgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q09pR1pEOE9EWXFENk9NUGYzd082dTQ3UUN2clN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDYTFyZFZrS3VzVDZvQXdHcUJKY0NUOURnN0x3eUxVX1dpcHFzbzlDZHZvSzJsdnFZc1lDVEEwcE1pWnN4QWtLblJreXM0ZC1KMmVWVWJ6OTMxS3BzU0hXWG1aWFgyRDFRQkxLbWxZR2lNN3F1TGZ3a3VCc1Qyb25WU0trcFhIaXMtdlA3VFJhOEszMlZpV1AxcXFIWTZSWVplbXpIVG15ZUJKeHUxVnJLRFM2NGJxQndMVUZWUzgyVmdGYWRfZWYyUjVmWEF4Z3dxQnF2a1R3aDlEYjJuangyTUR0UDRLYjhaNDJYZXRGMmtoMjFBeDE2d3d5SFdXOGNwRTdRc0owX0RTTi1VSzdwM2tNdjJBM25YZXdPMDh0RmR4UGFHdXJTY0ptRlRfaDY0d0tJUmVFVUZGUkJjcnF2YmY1VXhSSGNtWWxiN2FkUV9uQ3FZRXBlcXFQSTdVYXEzVXpsWENubUFnUkc5d3lZSWg1Z2hFZUttckdwTERiRXU3cUlZWllDZGsybk04TUx3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F5LTRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD1NczBTZWJDM1NicyZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSbzZVQWpQNk15RG9RTFFsUTd2dmhVUUEmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzY2NjIxOTgzNDM3NDE2MDUyMDgiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAX9277B8o2P2RvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB5P7AtIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=893c9a66683a615d5206b29d83cdf0604b8cd7a5
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0f4aaa60-cdce-41d2-9fa4-47020cb01448
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1026 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B2fSCZKkLv3WGodAALG2VmdmkcHmiRMtN3VkFCSOkD5HBOY-R-5OwFs7EimJ9SU612BRCzyrf2P7eoMDAQ-w_P_bthpmMQqNAevJDBOA6KksjGskY
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A3DF 		588 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNX0v6DkUR33x267Hgt5dcEnM7G8UPMbqsNVZWUGXAy3-e_KEQLRgp0UPSbO7mOtQbCVW_pVjIP_zQu0FtUg9wiBAmyC0lXIO3DjOw66vT7ELHzqi39R0T4s8qbX77pQr7ZYiI1kB6E54klAdIBqizujtJYDDvLzCd_mn42HIc-xLH825IQQWq0YIFb2-xku7fq9n7EVaC7wjDwIRz03bxu_JYr3sluqQCxxa644KEHv6d_eM9g
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7cb745c1c8cffe3edddd856464e624896014f9b980629890b3986c6da3f056f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
298
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame FDD8 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DG3MseeAwHTtae3TXOubYlIlTzhTGLxI0MX4bW7qbfrX5Fr5r-BOUKQ3GKAWfInKBnwrvysKAr5Kx3fNBY8Fw7p8M7qK7o6nvwMycWSjxMrhp7nzy2B_T4fb73Zq1XjuNdU_JD6anV-ueTCwyil0z9gYJ5Pg&cry=1&dbm_d=AKAmf-AL3JbWIYuFESj-yltRTSFFy-oFGu9EVN41l4DeIOrpmKc5ZQ0WyKzwgDv8kznE8AHvEFDjvmLKfmW15eVX5WJrMu0YD-lAxpJcdMky5OWf3TwgVD5KfXniOzm-eTb8DKdglbQPFUZ_TiHAj-28ijBmpz2Gtq-JUCZBHB1Ons02oKSXlHxVKOHjRGNCmBjMoMoDPajlyySGnNibjiptKXZfcF-EJu2XGGcXNWpo46eq0i5-y_O86ExvvjTbsPZjEyyuCNnfkyUcx5KROmFU5VV5-ZtflOntoMXdrORRJYCSG_GYwhiRM9LEPADcFdFolFNzm-WM7ntuNfkVyvJnWedpZX6zHLFvquPRTA27x8r2xl9IZkwJ_uI2odFkjWgqPbDZ1Zo1Hz0YMvim6FkerRNyYetNARfXFwS6_g-CbUiy5GIKOW5DbIvl0GQecim276RTAoezXTGaUeDy8nLI0pbbEVDn4r1GsD5qKxaEhau3IutDMu7vuVMzQEtHHlSucPzB_22VI8xf4j2fypo2OYMBmMy-xzK2SHEgL4-Vw04NkGjH_BqSga9ycbdfbGqpXBtdVZFclseQKb-YvBVI9GP-rpiEt8GakF7g72CtxQaFa7n3TrmBNfylA_huAXO3JU9wxOxsO1CDV11JNzwfIZD55EHJ5rhTb1XcE69T9RkZCRhNTxpaDIQTNqh0hHATzuAG6xv3eGGXA8FonNi1cCh6TCXDf53IrRZy32L1SvyJJklvcXHlsRios-Fd3RlDRbAOSVmRoNO0FgX6mIhrIexoXrhPbVohuyd802ALRSCk7zj8zc4TSD5j5-YxODla24nS_D9bL0CgZs825hhBKx8iCiqNtggl_Cx2X5P0prgP5_iGdIhsE3CPg9nemSaDBt14OcurbNorh9Po5cEtJ6U6Zkpol5fkPPj_PSKTuVhLMx2GLxfKMbDn1J1yh0J7mz4REMT4PZ5GR7_sF1tSWXRM9pezn4wk1kjSKvnjyrNOujccDEHlIHD6W5l5pjOGgMuVGL7uSv5soFAie0PLLG_z8zhjPIZxIOVCUFlUb6P0WlJVMY40ySewm013x9D0sd5RwUoTZFcy-9W8kV6uZlF078T81fY3iyCynrCFxhUs761oX3eqWXuK1bfNMPsua6ePUIFydidjqI5bYjkpuOiI6yP8rxn2Fys6j0V1o6hLzk2cJPvVGgn4I-noY_LGXGR-F_6yYuEUMj782Astb5lmNB8Cwil-Y25e5f0aDhDGYrUJ-skfGO0gByxX-6SDLUo0YEWvoLPXH4JY92SeSckIL_Zz-PbNVe27rFuIDb2h2-RfGr5bPetEJ62ZsQQeq5wuw25xt8aLlEoVRaCzmpaS0bmFno61L59Sp2hsJVFomxmp3mAO46CjlZx1-4VN9BAl1EHBls1TMtbWcuLRL_REUX98HC11UV3hJv3ki23_pf1jL4A13pnEOjt15YqBlphcX4RM97h5Nyyh3ln01tCoVmqm3juR4MBC0338ni0zN38ZzlSaObqPYddrN2vTLKgyvkgzNWjjWDPzf2IT78Hs4Tcx5obmQ_gWOGhHYD_b7RTI0k4AheRqCM__OSkswwoRmgbZfL5xEjcXhMTlt7ttCzrOx0ZXdjJliejRYyjvBfPXBmHiLtAzPv6NcFoAZo8o3o_gKiWn4bpIyjZ1vCBUtgNlgEgsPlShOmZWXSr5zMTug77YZi6KpIpnk__UuRwFJClVSbmD1Gl4SZujkFvVPU2-Jy5CtL39X9buEdjfmp7_y3RKr_XvpjXkaVHGVL76hOhEKLotTXyVWW0yYMXRtmJmggly75y5JfSw5CRKbFgK4aSGI5XqiOmNJyjfyM0zF3iHB-qKDLiQE4OwGtA8voV-MfZu1_Vc2_DWcYyYnwrELG3XVOjQU9iYTpo3voaADkf2dcumZHr4-aNnzM_nhw5gmCoDqwaYSY51VuB93cNx67hZ_3xTQkc62TWIDnTF1vAyIeG3VLIn3wDsaoYbh6pjYjWkU5pMeEMw-9435WpD-1UFR_2-75o8LE8jXO8swkbIcucJzPcBr7z-UIb4pfqA0emxAgv1Ckc8xo0mcghjgOeisELgCXkF3HBlWHU01URKd7LAw0IMpagwwE3Xc3LbF57KQ75Xoz8cwuWA5EgInNoTiD9VSlGXH7Q6evW0jul40ea8HI7LGwwGplS7Xk1sUHYQuHGOXt5Wvb9wskC2-61fuhyDkOlQHorhkI4_AuPt4Jdow6n_8kVKLODA2xbrj9Y7_U5GQ8WQFyfDUyvpAywuRhG8iQ-NKpbyTtJgRfpoU9QtuwhO713Urrkt0PxU8Ye78UVOyP-i9MOiEZ7e4xauo5rbQMRJexhVOaSrfEeZR1vMDUMKZkQUNx3FF_YEyd-b-DM7ypj9lQNdHSzv0wUB6hxM7VkNVbQvAz96GXs83n-DxBQwltTjzTeUR0R2b9bQDqziwTgSzqXp29Ftc2VRkJLljLFwaLAeGr7inRpH5KzD_kJ6-wtyGrOATHkwXp2YCMPzOR64FT_lnQILuI1cE3DPXtbWzk3dzcnVhIsT-HU3V92Pj4Qasg-OPGpqs_AKpKhTHdrFN8bxJ-XIH3ksBfEbvdoFUCWp4X4jTqM_CQLpTas7YsTA2kuUoKoHYty-HY3Tfxfum59f8jMZKAG6cJHSQ96_fcx1jxJvXiBFDsup_Z5rcVDiK1u92st7cC62C9rgelg1cPVxad8ICntGOO0w82L0ODa1aFRejZFPAWXK6oyI0g-ms2sjmiJHqjkH3lS1YAZGNxmH4vceT_05nfuERx8hIntwQURjj_4a0rf9_MiENFgZxwUkKO6qOyEcz_TNMTBrWruAK5xCizgVUy9wgG1gpa2qrMjxZxQFmEFHGyiyvbjNnJ_9KGiWXGgo4SyREkzWMsdm0jsXStfSGHNvmj-le41eWGamMNaEQNUrNBpW9g5EprKFEDCRvIrzauihy_0fGp216GlzHAkqxngDwT6Urf9vnUfbjz6mabsd5rzidIbeXnTFoOOrwPaSDv0Xc9id87iwD3klA0QwkEnUN_Y_KYBZiVlT4jkQK57AUuwmigLvwajTN6Hhw3FwbTN5STQ6-TW2DVjeRaetN9WmRYQ6gpGYOQCtSA1UhsieO2j_CEWvZaj9dLr-eHd6z_Wa9meEH-cHX3waenjRJfdcKCHaDJQX-1LmaRUuAogIRQcq9eitWAuzQ8X7SNJELagl5jb7jMXRrWTmKvSEbL57QYby4wQAoVKREd4PcJzAnRWCgMxc6TkpZbzaYUlbQTtiIdLA_OeyIiSwnJAZPlH_6gaxsblDXCyNkBORy6Ubg_AKX8DRkWUjSjtrhfPJnKE0pjPkurk16xfNd36ji21cUzpV6iUYbDOmpitboYtsXzSg7j8E_PNDxqU9wuWFzSd998di2QfavRvZqM8kIM4yy2QFbfUEQf7bzrawjVdoyXa-iWstZUSK54j9zCN20uHmumAl6LIk7JqbjJySKq-3_7fUpQCKpZyuMNc4MWvxcoL-LLSH-whUA2AuDOJ4qTaacePUx6D0hxtg4mGhgERej5p7ktOc-7FPZx63w0sdE7OaJjAIgiHn1Px9jw&cid=CAASEuRoWAZk9qx9f1c7uP-GGYGLvw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e12a82b3eac077498c3dd1ae1cc436d38fb596308fc49df55c6726fc3031f3e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32391
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame FDD8 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4082-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802320.267456,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 5030852
it
ams1-ib.adnxs.com/ Frame FDD8 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiPho-UBhD05Omk17ek1UoY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4sugFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q1plRmtEOE9EWXVQck41eUw3X1VQN3AtTWdBdjYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RYnZiX2R4eXJIWUFGWFBrMmdOYVRsaXllclpsR0x6Y2o0d05raUItUW5mdGV4QXg4eHdiZlRkLXlUUTV5NlZycEZBLVNzYllVSHdTQVItOWY3NFduSm91V2M1VDJwamNfcnJwUVV1dk9qNDVlazF6Vi1LMlhabDVGZWlTUnUzLTc0TWFGb2ZHMk5DSzFFWTFQNGJzeEliSlVlTTdwdU9MWFFiVHhfbEZGTXg0ZDZGMEFJQl9IbF9VYXNXQnpCdlBxRklVOWJPZkh0OU51S0VPakx5NUI4WUZQM2ViYmI1bkFrSnJaV25vWXQtN2VPZEh3eWQ1TkRHT0NydGw0QTdnUFJZM0ZUWXI1ZE03OWljOFl0OXdGMHhVeVZIMFBwZG16MS1KN1FiRVdwS2xacnU4a3JRTHVwQ3BRSk9VM3BFU2V2SDVlVDhtRnlPeE9mOEo2SFFFZXQ2WV9ZSGdVR3VtS2xPZjlGaDFWczBobV9RX2cxOEFFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9cXc4WVYtTUZ3eDQmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um9XQVprOXF4OWYxYzd1UC1HR1lHTHZ3JnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM1MzgwMjcyOTQ3NzM4NjA0MTQ4IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFiIOLqMaxp-h4wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAey6AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=ebbf5776ea3eef8cc0886619470d32644b5df91d
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
84aaf81b-670c-48d0-b503-70c46df4f547
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDD8 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BS5c8hVnI0iOpqVKEAg4az5tQ0_gm8cfoh6zQKq1AIIPYKU6dVkHtc9cdX71QqdpY-cQhfzNITyrvfUq0GZdnUF4x18VReEXyBTkuRvaB8DnEW2MQ
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 69C1 		259 B
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNV_D1GsXsC4nFFO_w29wzYDt6v3ktC3A8KmBVkVtjyExqP-0q2W7vm6uWDTnJ3s2rCpsCIEDIl97Fag3AAc_DQU1yOPFdneusZ7HVUz4NmGu9Ce3kPbQR9PWl-KuHXfUstZxQl0e3H2qqCZgDm2jJDVBJsbagTaMmuErpXTZrmwpwqwwcrxzD3BPgqGNJHCJNIqaz0tYYSPPH10N_ZxvH_ql0ysH0m2rw6bhWvXUYFRIaZKSgY
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77fb22b43c39770d38a1aaed6d65e80c8f00d817e9ff803421677e56d23016dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
185
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D062 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BEX4XlBnjhGUPUpGumxExUc2So0XtLP3PY2h-DvQWIVzdjIRQmMs-hXQszojWyqaTxVEFWV6c4WO92ye7B2tg2uHtkXPkT3ZWS4lXOwVrkd_i79AR9zJDhq2Lpt66r5tTyLuNlNnbJyd856qm-lKDKm4p5Gw&cry=1&dbm_d=AKAmf-AxokYf_WKdinvNnbmY0-EwbdBnVWjTgATCl5hVKcJsp2VRLtD_DRk-qOTxqTGcSPgtBtMrQQKRzN9q5Pak9N-hk2I9kRMKnkTCi1masFJJ75pC09VvNFKkeNZ9-DiXiOpRz-eZePB7-XDYkfMt_G8_IoY0mH7AduFG7T_rm_6ZmOItc9sGVPMbfkYZHUTIvWdGy5bhMOdOxLO91dvqMmiqsZbR0yvKFRpN_7PNEuVj7ACvVX9Gs144WtntJVREARM66Zm_2Jy1iBiiCnQR-n6FOAfYPyw_5rwrHV9BfnKs6lLRq2Y3kbxEmTmjKYkk6ZpcrpYa3-cesyv7wlOPbo5wpEt2mOcEPmf1BhdUX001eDfWIu5jfoBRBVdbaLiRhcVOMqQ1Ut4L1hc7CcIvt3l3_pxmifK5xE0Yq7T1FcN1Ku9NjQ06S5KzBhUOUuJkNL9QhObsP_lnp_pp9vYsmbtu1dfm5p1z4yua_fBjdNvPz7H6gQh52CWalfx5bHsifQKfn-TDKv9vvavDqQk7mKYn9cMyyYO67ej9wMUnflEVJ5llUUbToJKxvoy5eBQVHyav9y2SepTPFs84SeWoIO0WkJT-5IUUgL6Idu4uUaiVdXY94LdDWnZ6trsbGSEK-GYIRW5EE-RL0YYtqrm41VRXEKrWBLnfbzq6UnL9bi3moQ9Z8YbjJsHNCb5CFv0M8Jmqq2_-M_6h50eFjWKDb8Fofd1wbU9lqfjAwZxtn39mOuIIArHpWO7sIvr5KOJvkY9FNSeNNBq0wc9GiCqrb72E-7Hvfho-ilrnQNwlwqVPcIhoieJY0bxHip_bs_w2UDN7BiEFQNKTHC_VJ2x_O8d8VAsxVWd8kKbTJzVi1E0zDWYUst9VB3KTd035zZAESfEYLzWdGlJw5nEsejyTqLvBZpiy1X48EzNmTkms0e1Yhhs97jXlFAQ9kFGErKOCBu6b_2nvIWgvQwqNS25NblHhnxjm-tEsMBXiWwu6VqCVH9AQmeEcn8zwRKfq0TuN043Wdieg8G7CHc4V6juFy6WRiU6fKXbMq8xGg83RW50KQVcN8lqF45kWcsyiS5g3PWsgXBRCaS8d8_n5q346G6d9sIuIxh7imUSL48v-SOBiEK-5Ipgi7Rawvj5HWnqDZSB9nljKKXXAnOasrRa0HYhEa_l2zISnE7pWEuTL95ELPnp-ycptkp9T3WtP4QdTtz8I64ysC5n_Wz6wdqqoLFbX7zqMG9TuLUwF7kTnBt9BX9S0U_Ms1rWbKSTO-O5uhlZks5-e1xE40jaa-20e02kPUqtSdjIArxH2AGOFaPcIlvfpcGuO77FO-bM9OeLtNFlvUt1c89EwMaBmZc4dkXkoY06orBRCXwxiGbkYrfg68XoQKWKNWmOi4vNSTR1DCcHV6-84UVVfjBEHSUUAL6OBAHWHINUyKv3M2ldOPaUQy-BCKgmSFQpfDz4l5gCQbX2CAU7ML-WR19IRur8R-tFdbRHa7E0IjTeDU8QAhAjy2zWQapseneOCO3J5waRXbA5TiDvsz4ab4grzCMUlZduVO2JdH_ybCB9OVgUg-Zdc4MR77WqNGgTLlSmk014AehKHiuPP2Xkfb_8FEsfAHvU9ddjelXlqJhasB7owrgv3j-yUsZ0jzbK5WnCqcZPMtGiF7tvicYCVlc3Oro4wgOGL5JllUdAEeEv2wJaKa5FtSDyoaoMo_JEXesUcnyAYTdJgPqZj8IjnmIgsNOaLtr2HmEkBVDf3-AQgYq5SZ1X_cwU1OiKypJxZ3ijM_IPoUpXfpeZleR-8Zk6GszBjKinAQ4jRAt1ok5bdBEBWwTQ2yYNMURr0jVqaM8ebRy4meak8njHllpVnIdnfuueiNobqjzwWR08AJCylbHHs_WZkOiZv6pEWaDjbsiIa3cTdVGuRR8SqBc4S8k9u18zRIurELoblypiq3ISRZZ9xFSPHWDTOr-HiM7SSBJZhkdSChdNMasbGu-6hJTn4vldtdKuWBsAlEfC9adnmSEaJ-TOr-krSUYNvmqp9Bcyopiq7YhlcnMskqMIr8Eq1rjOYvKz5dk2b-A8XCfxLugr6XaEgkBbDkCpimmE-mNWGCea75DgPQ8heFAO9Q-VBS4UPuib8Vx53iDXkQkZWGjegJrQ1-BS6v_rNOHdgzLJsqtBZuCsfUFTMRzrGk2a8FTqImiM8Ya6tMIZ3pso4VtBXN0fW-3iZUkAfk4X4G2OUhSnXX0TopqsntctRgJo6LEY6xUo89Fi3rlshP5dHo7on1ODKt5w9Wec_m57ZHwrfTfacPUbuWInzF8_Q2I_I56aqiFBwqz-_JDehoN3-hPaZxelYUlDzcbbPaA1E4VYFBuNSWeoT8CZIoILe2j1elJmrbmdWWdoo8LJFNu7tarPmNa3KdkDkEpcJyaBnG6azDxqt8S-msqtvL5GhKn-Y5tg0_d1ZpJJY7d0D-_jXIS64d7FVaWmhRPf9AmdjcQOVFsPR7mwtH7PEWZM8u2DLUXV5N649tqiXz9U17H-Me7lD0tda7WtkA9GQakbr6vtHkdtERhfA7_WT0Fsp3BW8mgtOVQIC2AIY-votawkwRStO1wEdo_MqQXvf9j3eH9C_yHFanizIb2QksI3dD-ctS0tnPl4dHWnkIHuGj6JBVzYnWYK6VoErdhF4U7xkGFZvbP3EI0vJXpJ28n_xO6FwGuXkCJe_4O_P0J7p1I897V6STrolx3Z2AWtkUSwL4FPr7tqa5mre3J0qMgzl8kPLMCz0atdHD8XpVKQZugpTIApGjkvpNLga7qxDW3YWezcqgki_oYbwhSqwUlM5TFEbvW8_q7_G4nHkJwstLWpM44q203yXBdgL7tnAglerByzsoGWem-2jDSY7TNKXC89h6T4YOU38WnxvlYxouH3akrwstGgo6Sha6haYZxGaPleywFBFS1ZMmtTUH8SubAsU4VYh5t2CxTcyuAWr0t2CS5IiDyJPGjfBGfX3VKENcuj7QhedkwdemP70HcAaJPEfH-YJI_c48KdIVhWLg9g3Tzy7pLvj5gOWCF_TIjcwtzg__1sBLd0uApzQC7rLWV3FFQSChWzabN389VbjHdXzZV6O-e5FKEAPCtIEl5nh1on6i10d9qZrijwSDNzv1_YUIHpqrDaBXLt1C_kUCh_pUAJuSrMOuMAuXxcv1q4b2GL7d0vg18dc2BHRklIBBz-nm-1_Vch3AGcam02Mv6BOzDco9czTSZvST_PQmbbjEGr2GBzaZveDPOx2dQURxldkeshVQDjjFw4jLx4OlXKPOjWyutOLSFfKgs_49YKaqyG6hTPLY-DW5FJYgMuDlcCXVe4rg9PhKz0fVVorSmGvfp8XKUxa6XPOykG4gv3zYGw04qRSPgJdW-UAbr-FYhVVn-9c8ABw_6ALPpNJj3IAIPx3t3zbnLY4hz42T9luIgJsW9EtX3xbbezRMv608YgjNx_lAEWR1fAVIwcQz-JkWocs-PVpoirsNilj_9fNgzCfnkS5kkEmu_MeldcpLt1Im-fG4OXxIy0qTwrlD7j-TwS4zx12KdYtihEaxfaZ6w6IusLu11AbJ_W_&cid=CAASEuRorBC-pY5AKf7_6cuMVVeKTw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d63997c367ca1c932f48189579892c685eb6dc680ffbe2cb9b653f692156d59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32377
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame D062 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4082-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802320.267486,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 5030852
it
ams1-ib.adnxs.com/ Frame D062 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiPho-UBhCnzafHnpzatScY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF40OsDgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q0Y2R1lEOE9EWW8tX09vbkpnUWZYaW9Yd0J2clN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDZzVtMmI0Q2tzVDZvQXdHcUJKY0NUOUE4emU3d1d5M19Ka3lOdC1ST28tNm9mdkJJQ1hrcnZrOG9xenBjSV8zUHV2V1dCTklWN1ZWbkgyX0VROFV6bGZHX3FZclZyRkE5WXpIYXJPX0pLbTlYank3a0VHdVU5dzFGQ0VMZWRZMGk1SFFORGxla2lHV3VBM2NobmwweXJNVFM1b3VwdjFYSVdhMVdjUzUzcEZrdThQZ1hMNV9EM0VBb2VFdEZEOTZSSHFnbm85WTY0NEtLVkxGRFJENThsUWZrQ0hvVzFWSVRuYm1aRDVYZVJSWkJzQl9sejNUVVlVcmV6M1F5YlgtQ0RINlZlUnl1Z1hOcWw5b1NGaFhWUmVNekFqX252NEhZNmVDcmdSU3BwamFJUmVDSldwanpDTFJnYTVHb2p0QlBJc0ZDamJsUEEtX0hEV1RwcXlBa0V3bWltclJvNUV6YnNQQjRvU1dYMUNERzFYWlotUWg4ZWpaTnM1QkdaUmxZZE5BLU9rb2N3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F5LTRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD11ZlZnem5HUmE2cyZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb3JCQy1wWTVBS2Y3XzZjdU1WVmVLVHcmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzI4NDA0NzkzMDk0NzE4MDMwNDciCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAWd57SEneyroGzABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB9DrA9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=a4d12cf96046dade65195211755b5192218f7f2c
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9d7d6dc0-c8cd-4abf-b92d-128da1a22ae4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D062 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dyb6tZohirNhrIjZ92-O-5MIXzPysZj2UT3GI4aIAvhxdBPcXuUu7VzrMDif1fTfJdJcMlYgoGkMtZEX18lCTK4k68BRyY2kYf5gtCpCCiDNZPwVU
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j7ljeqx6jfhz
hal9000.redintelligence.net/zone/ Frame 1306 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/j7ljeqx6jfhz?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=6288863528235289568&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6288863528235289568%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
98deb7ae6374c26152fee7f2a1ada6115b0b69b105f27cfdd56dd29c0223ac47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2800
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
tags.mathtag.com/notify/ Frame 1306 		49 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTnpoa01EQmhZVGN0T1dRME9DMDJObU5rTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyODg4NjM1MjgyMzUyODk1NjgvNjYyMjM5NS80NTYyMzEyLzEzL1BlbXpRQWFSM0I1dVJGREFuYjNKUHlJSmlLMVFRV3JuV1VTekFiejAzVVUvMS8xMy8wLzAvOTU2ODAzLzI0NTQwOTEwOTMvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYyODg4NjM1MjgyMzUyODk1NjgvYW1zLzAvMTYyNS83My85OTkvMzIyLzE0Ni43MC4xMTcuMC8wLjAwMC8xNjUyODAyMzE5LzE2NTI4MTQ5MTkvMTMvMTAyNjQv/QGVAsLxTV_oPKI-PhAB20N36YtM&nodeid=2814&group=cdg&auctionid=6288863528235289568&shardkey=6288863528235289568&sid=4562312&cid=6622395&bp=a_bahafd&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.135.81&type=imp&client=c2s
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.320.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
x-mm-bid-request-time
1652802319
Last-Modified
Tue, 17 May 2022 15:45:19 GMT
Server
MMBD/3.320.0
x-mm-latency
2 (1)
Content-Type
image/gif
x-mm-dbg
Invalid
Cache-Control
no-cache
x-mm-host
cdg-router-x99, cdg-bidder-x163
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 17 May 2022 15:45:19 GMT
analytics.js
s.update.mediamathtag.com/2/619621/ Frame 1306 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//ua.korrespondent.net/&ui=78d00aa7-9d48-66cd-0000-000000000000&ap=&ti=6288863528235289568&pv=0eaeb631-9796-443e-a6d7-bb939c981128&pp=10264&sr=13&de=43003&si=5614020&dm=300x250&ac=651871&cr=6622395&ai=216536&c1=4562312&r1=146.70.117.0&r2=&r3=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f97715fb5d00253be6c3e95f63ff036b7aa2e548b0eba2ea40f3e9bf1f021bfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2958
Expires
0
img
pixel.mathtag.com/event/ Frame 1306 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=6288863528235289568&v3=651871&v4=4562312&v5=6622395&mt_nsync=1&no_attr=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4409 ba5503e master cdg-pixel-x24 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Server
MT3 4409 ba5503e master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:19 GMT
img
tags.mathtag.com/event/ Frame 1306 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=6288863528235289568&st=4562312&time=[IMP_ATTR.time]&nodeid=2814
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.320.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Server
MMBD/3.320.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x28, cdg-bidder-x163
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 17 May 2022 15:45:19 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 1306 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4066-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802320.271114,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 4982852
it
ams1-ib.adnxs.com/ Frame 1306 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLQCvBMUAUAAAMA1gAFAQiPho-UBhDYncGA9MiRoUoY0sWY0qrvobloKjYJ203wTdNnuz8R_x6yBPZxtj8ZAAAAIK5H0T8h_x6yBPZxtj8p200JJPTiATEAAADgUbiePzDLiKkKOJhQQB1ICFCW2qiGAViTwosBYABotNiwAXjH7AOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC-AAwCIAwGQAwCYAxegAwGqA7MGCuoFaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUbnBvYTAxRVFtaFpWR04wVDFkUk1FOURNREpPYlU1clRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpZeU9EZzROak0xTWpneU16VXlPRGsxTmpndk5qWXlNak01TlM4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVQzFIVEdGU0xUSmlkamh5VkVOUWFtWTJRMFppYWtVdk1TOHhNeTh3THpBdk9UVTJPREF6THpJME5UUXdPVEV3T1RNdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWBHUTE13ZDAxRVFYZE1WRUYzVFVSQmRFBRA6MAAQY3ZNQzgFfAkIDFl5T0RW_ABoWVcxekx6QXZNVFl5TlM4M015ODVPVGt2TXpJIQQwME5pNDNNQzR4TVRjdQVMfGpBd01DOHhOalV5T0RBeU16RTVMekUyTlRJNE1UUTVNATzwaVRNdk1UQXlOalF2LzNDdXFKTVk3V2l4b1VMeTNiRFNESWpBWUxUWSZub2RlaWQ9MjgxNCZncm91cD1jZGcmYXVjdGlvbmlkPTYyODg4NjM1MjgyMzUyODk1Njgmc2hhcmRrZXk9NjI4ODg6HQDwfXByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9iYWhhZmQmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNS44MSZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5NSZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhM2MkKtALAaEzUzNTA5MTY1NzkxMDEwMDM0ODAiCTI4MTY4NTI3MCoGMTAxOTM2Ogc2NjIBY_CwwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBJbaqIYBiAUBmAUAoAXQkvLL6JHZ0ATABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX5yyH6BQQIABAAkAYAmAYAuAYAwQYABSUs8D_QBvmrAdoGFgoQBREdAYgQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8IAAEjRCAAMAA4vQZAAMgHx-wD0gcNCRFEAR4I2gcGCSdE4AcA6gcCCADwB4njAooIAhAA&s=6f6852995bc7c2f5aaa1ac0c3335fa699542139a
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2f0aaf25-85d9-4d80-abb5-1dc2ee5cea21
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9508 		239 B
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNV2wslm9CuO6YE3cfnaGDk8q2xiYHasPm34UuyoDJwThWcWih7XKdGhJQTvdoYEOBbRaBHSi30ouWkp-ahc9NiIa-fCGg3fjjKeIRRU0UF4jVbp70fDD0Ub19SSSUCeepw2gINoafno_pubW8Wc1LvY2ieFjANrIyKc-lV0tJ5eLUN_y53F3rteu0_UJDydBQLQh5OVLV9SXcgJGkqWmLpuB7FqEPKr4LnJVuEMY65lrMccjbQ
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd909c181b293f4a20f86b2b4b869a437381a04c562b3f82384bf9f13f20e575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
139
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame E306 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bw-HMYTiDXcnrkbFABdRpIXt2hSbuFetviyhtBivp4u5DFNF5OIKvqnae9KuQZRJGlKxwjCDE8KPyz9q68GLR5Rq7VwjKSvBQY294DpV676eoxSCMgTInguLVgqJ2JFbPZnnaOkbXr2jxgpsQuM1DO5JbJpw&cry=1&dbm_d=AKAmf-Coa2dqzhWuuGbZI6QSSsOlUDF1jUIyWxJ697tTHYVZNSowDLrr02wSpn7g-vetKk-dG7Bn2GXygcHuEEJfhjzmA8FSyjSRibm_eJV0ImTKxNbkxzyt6o8CgVbXLEs0vEPhk10_Ph5oka2Dn9qcPd8Tse1B-cn6zxISVVN0T5SYwz6zUU8PbEg--cTTrLq4ZeIdR-t3yeJKqC9PdA9MrhBeI97mC2od3euGuy83yRt7mAocr_ypibFV49NEDrplg8MnJGN3DevVt3ERrCAtj0iXjDsp43rMjuY8SAt76YQRCR8U4OyGJoguD-QrdAnfTC0_iwxZyd4Rf4E78N6x5BTXBZ40sODpXU1Cd3mvLaHj6SNYGzppxY5E4vZKlWrVgxhq35Z7EYUsjOAeExgufaboU39Tt5KkZNQlvQI06FCqBwbU5o6wroZbZPfFjKVX_5ErgihNDdRHYWK3DdoF5V-Hbp_yxKYeq1iP7QOIr4vQgn4JdZlq8NXSDpJCdisf1icQM6A56YfShKpL0SiKtCelGyoGjPyO0j16lnQCrk4MZXZhp_5q2viV4uUlozHmtd3jN63LklraBs6ryt_XNrzAFev_XR_Q5SQQygSgJIPW2hpnvANqYvN3cqlmwCGA6zA2mFMtIdb61egCCrR67SpRpMCnvQGoHYrluhTSuEUI78eAHVqK983e2wgfegcC23LwctZouVuBtyacOoZgzvGmV3RlDpSgqVwWlEr-osC6NLEOl7HB5QtxopKuRIyTk65HEDlEkbv-BDujsweEThhm0Qbvt2dWiNCzXwXD7Dh4DezIPkIS5lJPJetMuSB9njIazVz57PzeIbs8sUsDQrk2Uy-C6oz6QlOzMAzHU3_F9gvmuamzJb5JyO3Ca7o-rs1jMai2wQAStwKU0Kakr7uyf1hudduBcZZ3qaY00tEe19Wz3u13A-h3B9sY4keETBqXC07ytz4qqn2_R0y7IFB5557OFI1DGlpkkfGWmI7gZUZjdqpWshs5KoU1KBpkVfDKMhSMTjMEH3nkAKXxVGTVpX959vOFnNLwU9tpZGYBQy7BdE8QBe3VMdAjrlWVH2D7cztMAR5HIcUNRFCtU_NYUIi663MWgB2Cpg_7fqQ_0oPbqbi_SyFjcMXMfiNQpHljluuRfYosqRDNHkQ_e5gYVZtgcAG3pyUj8ytumtOeZNqtkeM2kUz5AZlPkGUUFw-9WX4LAuKFR424MiDnKD9F_cEJDFMVzdO71FT8oIobwxzBqwm-3eZo3TJk8Lr8vkjNVorNUP7EePiHvlCjR4tLrKu1FFZ0zySUcyvSax41xXrmAgew3bStv0tFofd8zX-2zxLfdfaRr3MGyOPjIa5HvNub6S4y3WTtrvbUx815N5U06cMB9k5DjC07XFu7Pf7u7Vi9eXoqgRv5Ph93lsfu4-TU53trqDzbfKQSH-oRBVKz7hWww-Rxq9fLqu1Mpv1TDKo4cOzEqXz2p9fji2IfjYZcugKbxyO-UDea71fJERMEBH1K1wz2UX_eg2HKqm0ItXXIpRIRRhRBYzUMzd28ubbMaXTE9dnYFnWrPJgt5Jyiul0gNf6PD_F5RbU_3zzIMSplKLpaM3bu9HoXJMV5XxSmNFigOGcZGjezgSnyGEAi7z8-fL7EpD6FC6Uo7buO0OXdQQGm3ViZQCB6tow5d7kUaZpjFAbAUdijHohLCQ1bgQjdRV4jP9uWf0LEQacALfxPFm-2A7WZRdaduFE-yk1zLqjJg2B2rXlTylAlPqj5RFFkFwslXJXjESRoTfj4P1TYuT0n7lt3rDWp00x1mNLV1NsSjg-3b5qJwly7lW9MWI4fhJPy3fgNtEPX11nlbviPu1mUrsfLRBF2oj4c5MOb7rxRGbWvyRnYlTil0Z4_SvkjtgkLYPOE81XC2ACQPIHuEZHPbEtDXlF9LXS-rFg7M0h4DdgW8L_e6pST9_AN9nit_0YN3Pr7vOg1N5wq3qKXMZr-URKuH1_8AgBqCA8mef_CkdOnZl7E7gqvX1LrQSNYZb1lNmUEg6On9AeF89vgYgG50imUTMiVwsiHI-Oi8VBkRtqDtrnGIltjiDz_y8U5wnBQ5FOhTJLg3YojCBfDIsmhUjlKAonxsBrrOVRYcDQvaZsMrS2zxNBPBTPCT5UGmXL__2yZUMhatqVRhilAyYHVjoug0mgUdAftsQRcJdo6Pp3xkuIdTZSKftdr9nGmCr7_6kLFQR6urocnggOHNLL8OnER6bUqS9E9PhTA9Z-OZM6CXxcpIAxKAVH21DktaFViRddLBtt-fEZyUep-L5nZCLrvgwFKPGw6l_Y-KvoTAHSMztGqrLKb4gnyBfRHteJZycAlcQDq1FypWE-kG3nlGyxX27zLQeAffibQKw7x6rAN0x06tEYqnoVAaoFDND1fI6WX_qfcss20mUbr5bJJFEju_EafTIktfhv9Kdy9JENmL9M7GclLX7fwGirspqdYSOpvhABX6Rb4MSv0j6ouFvy5o7BrEsd008mxJG6dY5ySLZz9I2Erd7vJJqQ0z92rQYgmopovL00HuN5EV1Xrn74PsqesxIYKSVQKyilkuciqCCnTnVDaB-BarYl_Be52Adsw9FA-1hgjMMq0qpsg-t8OHv3BOX9o4yZkadQpQhvCQlGTBcDVxFSPdo13e6JHZwezjb0hpVW9mVp0m4UtmXkIFoKRZn66zp3YYJQ9h9EdOdywzdpRfZJLwPK--WNYAztTxeoJ_cbrRaxo33QAvhzQ5OCUrLOoa8751tZCThf5YmgLY6C3S9Wj6U4JLNkOJXo0VZzxkD0RB-pNqKAV_3AEhJzWUOAs5V64ZfkiezPsaRhFHUeTOloe_Oihcyl6LwOAhjGHoz-GfwMGLygWDiggU6Ivqbb2Klq_Q5lbpKcVW0RWx-rYVP9kspr1rDuUM1209Fi-fqS4ys5EH9gbUOBZif9YRvq3q-dxz1M77UFz-Coi27QpCm-aBcpd4N8wWlX1OsVTERaWyIcp30FudEGobmHPslcNWzkQMDrT0m6OgN5IViV0780suYBY5tbxZH9jVxDBzBqpO8OSv26V5FXJLlX_Q1y5Pz3TLKyU5wLQzJFNuGxpMwNQAMfmnEnTDB5BPPD4Fe_NFbxZUW4ab1yfGe5rh7c0_7KKPVkQYTIVrMuQYY7689lH4uLHofVf52U2J1-IzjswmaFWwpROgoaRpD9vE0vWT1tPiQh3hSEWtqju9nbUHeSHjENh7u13qr4sswF62PkMDDU2L47xoQYu8aW-riEYIDDZGl5r6-O70PiCwn7hKzQjnPdRmroQonbkLIkaLNYfx7U_nrfD1-ez9sqHrQeJPL-qACeBNXYXtsFYEPufCI1zDnmbEBlxe5a5rGjXYKYrAcVTnlIPgTkkP4hZB6MHsc4xnWS2J4rQGnhJFoshLMEPAzudBYXIhmYQT5auczrFxatvcFuUGP1adC7ovlc7nOb-uc2GNnc0_NStHrOi5otKcnoS6BOPj3DfnbR1ZsS9GUv_G3x1yoRYwxSpDz1rgMfgMKlGBJ1rlukxjk7ceKn5h1PqK87lKPmVr9GTMgvT9BK1&cid=CAASEuRoGqiKeWCVtNNiCcGoyI90hw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1850f222fe5b645320d99369f297008a251daacb0eb5775d66fe7853c1983a0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32547
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame E306 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4066-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802320.283990,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 4982853
it
ams1-ib.adnxs.com/ Frame E306 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiPho-UBhDDoYjPravrkT8Y0sWY0qrvobloKjYJQl4PJsXH0z8RWZ74Szoz0D8ZAAAAIK5H0T8hWZ74Szoz0D8pQl4JJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4qb4DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9QzJKODFEOE9EWXB6clBOV0Y3Z09xcWJEd0JfclN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDeWRLSUxiU1RzVDZvQXdHcUJKY0NUOURLRFZrbGc4VnQ0WWZLOEFwNVdiXzFKV2xzUmFPN0pnOWZLb1VJZjlJdkZjd1RkYnY1RVRiT3g5dVVCdTZGNXRmS280WFl4dUUwT21pQ0l5aFpLdmp5WktPZFc4ZU9sc2M5cDBCWHlueXYybE8wbVZDeGY4TFR4MlpIVlF0N1FwRG9aRlVBdFZRSkVOcVRBYXI1enRBbnRnZDBvSTZjWDNkbm9Lbm9lelFPNmJIc19ic0h3N25SZ1NrZERnZ1Myd0QzRzlZYXZDQTZMcGFtX0xTaTZkVUY3emtzclhuc2htSGpSY0VBRE56U1BxcFZoMHBETHROT2QyeUJmeTZ1WmxYNHVFWDRseG9Nd1FUN1MydTA2QW9FVzVtSmVmS29GOVZzZGctcHpmU0ZQLU45SVdDRUViTV9IS0tiSWFMRkdNVW9PSXluYlF0bElmWnlEYUFka01VSHVVNEZGNDdzaDVCaTFqV1JWcHJzQW5ILTlvNi13QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F6TzRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD13dzNkVmdCS3NHTSZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb0dxaUtlV0NWdE5OaUNjR295STkwaHcmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzQ1NDk2NzA2NTQyODg0NjYxMTUiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAXTiL7k9vH7vUPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB6m-A9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=28f91dee091adfe0bd3c5e4912e005d35e19d6f9
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
15af944a-f2f4-4b9c-b6e5-16624e6a64ed
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E306 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAlGfAEKpQVYYMpy5D-PmzMzcHgwI7cOA1coQM33xLelH0-7jkqgKWfIs0NejVrbx3N2nJcdxNango6owO8VYi0GSafWlaE2CSKdk2yz5gH_-A79g
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
script.js
acdn.adnxs-simple.com/strikeforce/ Frame 3568 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
45306671a9b3d4d1a3a96aecc974d4df0ad542531ee13be0d5a402f88a154430

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
21335
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
40446
X-Served-By
cache-lga21963-LGA, cache-hhn4052-HHN
Access-Control-Allow-Origin
*
Last-Modified
Wed, 27 Apr 2022 16:09:57 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1652802320.309782,VS0,VE0
ETag
W/"62696ad5-1c6ab"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Mon, 16 May 2022 09:49:42 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 24556
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3568 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AwV1tTC_DHsTZoRew0mxKod3jkvcFRuO1xzP8bjNNKt147dGpgHBWUAiIsbKOwgt7rpBRRf-kMM0oGFNatPrpPYt8fXOyUIoXvFQ_GrvGObcvwMJ8
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 3568 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4082-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802320.288171,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 5030853
it
ams1-ib.adnxs.com/ Frame 3568 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiQho-UBhD3wtWAhYHR6j8Y0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF48JsDgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q2RENnlFTU9EWW9DMEJOS0Q5dThQeGUtejJBTDYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RVDdTZFE3SEtpQlQ5Z2ttYWJ3YlVzYlh1eHJGRlJMRGtvR0x4OExnVDRjUXBqWEVrVmp4YzVIQW8yTUp1eUdURW5nY2xkSzBEVFhHLURSbC1OMzY5MjlIck9MWDJBVURKQU4xbDhSOEN6RUl2VHRHTlZfay1QXzV3V2xNazBINDlJTjJqNm1tUXprVmN0b2VrQW9WRy1nSXp1QVlocWpMTEpwMUJ1ZU9peXhHWVdodWxlOEo2M19mYXNkZDdfWVEzdVN0RklocTBhdVo1M2lTM09ZTFM4NGlHRHFQRzJjRGJNNnpuSmIyTWhBWkdLNTlhN0FUYmtnNWNCdHo3UjNfMDIyMUFKS19wc0VpN0h2aFNkSWRwWHROVWN6LU5uMFRjTTJPOWR4UXl3UzdoY2JVaHU5aDJ6dEJ3VzRNb0xlMUNfanI5RHlqRFBDN3lTeGdoR2hIYkxCT2FyZXViM0szbC13S2RwVjktVW42UVlGQ2tHY0FFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9WmlkMDRfMVpQUWsmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um9XQXlEbk5ZdmJhRkluRUtyeUJTS3RnJnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM0NTk5NjU3Mzk2OTIyODM1MzE5IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFtbj6rvLlpvQGwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAfwmwPSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=d2a57a8f5f666d43ac6c97252da02263361489aa
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e0117261-1859-47cf-9284-d9f2a792fef7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F4BC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:20 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8F5E 		445 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNUB9_cj440aQolY8R8vkO3RHwbBbCmLj_CyL5m84-RwK9ShdwzSfBvYNzVpqePPeC395xgSzisNzNCRo_c078FxXPs9SGkcYmq_1TyBfNG4wuED7EKxShK6ierY5sWqY-8P5iqJs1hoB_feT9prrLAXFcUK0XMbjUmGDRTD7A76ZjuHe31MdEre6OIhLPpolN6ex7-S_6t99uI0tQj6c7CPagxytsAv9dfxHuLsOPTReJm45Fg
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c05cadb863d5152927200bcd5662b6a717ccd398cc0f079f76c2c93048de1a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
221
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 1518 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgzRhgxzFszMsMkiB2GtgvHY9h-3RdDvc525mkb6lpwZTLvpNOf-wPTH5ttXrry_sxb74bDa3iFY0V6Mfr0u988FNsHVc89kBvfRGVHPhA59jw8cbL5EUYFGB_ZonX40pOXJPgGLDaWxKeC_CKDcCwVADi1w&cry=1&dbm_d=AKAmf-Dc04W6mkgHMXv73qgcUvfqxAMXcP1DgEK9OgOh9JZKPtEJJmY-35WFtqIR6RmFjBVDp4H7yX7mhbOvt1LDIMaZJq8le62PUzK6oo1AnJPkW5FvDnQqaRVetZVg_Thuobfa4KlWqk6IL1f7GdsDtMmIBRCYXDXSl_CDIrhWXhV7G2mhaVXejKfTpN9RXQqJZBAlikgrrIhpvwQ9QiqsR0C1vHaE3M65_whwyxq5PlD3PPw52ZCbQrG8GzjjnINIQ9vNxKc9B0yzFyp0JDGs2FUL3bBWfijJKcpVOOihI6RRlc73QDPC_sKLLMa-iZ_QZkGyiVwAMX0yK7PdQCP1hi44REGLMs_xZHepj5mZ6Z_A9dfNbuaBOv0lVtndJaBkUcDrlTowmI9X_8PNctaXryvWSzx8-wPfoQkiHuFihv6C_-VRYyOnGi7_k3nDzdPCPqBAlurwIiTZTeL5xd8iTZRZ6sOavDOURtiN-9NhVkSyxrKSg8SPJvCMsrMzaPYF_mvwgixv0epFCy9FhJUyoimZaMKfWBqCRsvExr_hkXFGw3-idsQSzpD-DYzbUDkzZcYX0p7-BkX9o018YWIUHYieVQ5Rtbp6K1W6VkiH0c-Hc5eawtyD7147ezs_xcFczr5UlBVNKk7PEAtMBFJerEJbSNSdocJ4d5-p8oiqszwyirlrTGaXmyPiL55RnvHex5NbcvCa_V703E4sGMuftcBuSI3eWRyFl6GNvEQraCuqpWH9IabZowOt53lY6zx5JpwgQCD-1lKAe_yxtyRNSjwrWtEAD96-i7lNDUu66AswVWbSF522aFKe9AFNeG5rLFSdZYellScHLQhHvY-WVvFBeCCsZJH_v9nRR7kdXeocWiEDVzHmr2lyoCf9tmpJr5uBbgiGf5rCiXHSeACWc2fXJbDHOZnhdqu3aG2lLkPmg0qrL17slN9AFBmPqg3OR6BDoHaAiX4J_DyNle8lQACKYHwJdWzliaehzEqMooC6sVXV_OT-zKhNiuDrUTPKTp1CjLYPqFjdP1zYdLppD9t-CHvOWe3wGY7aDTTD5Is_G6mTrXImpfNj-l3n1M01Hwe3Wy-KMzHznrXdj7GRrI7zah72G3DCYcQh8t2bnCqz89xUDgfpZ61kJxyAVAksJPYKTtWw8Q8pUOh3JvM10bvixgK7nwMkmr-inwjlax-QTiO0adR6v3KGg4oBZ7oNoahlfncsUPtseB3rLFBF-12jAgK2C_VSehKCjQPCB3sT7ZwvgmyoXssDaEWSf1muSTVewSuU3pMbdGmo6rEpPXH1crS0flCXtgqzu0NmswUrHNbT2iTZapni9I0ejrrp74RiIKgGN21erIompf12oiMXqQ0CGLbO_r3fW_sOOa3EERa83ojvSDACY30JCGy7zg5zyS0POIDWf3rhtWoaVdFBBUTBtf1UqEMth3-V3lKtmpbfQlrCpalqRjCNSWyaf5xcsrZga2sMborADt2zJ98QcLxI9AIHD4zGnL49VS9tcKW0xgR7BNZEwlxJY4bJMw5D2KSxjJxXci0lsWQ0TJqujc9GgV6Ku3KQwpPVbDG_r6i_eK0w1_j8FfIE-YLrSA3JewNDHIhLSnQJoFT2ypCPTbn05O7Z5thPFnI2LK_P0bOiHjvL-4FsMg6-VYdSiokG-Ij6FD1ObWjpy9K-6f2_2jvz-pYc8MtTxjebsDSFlB7QBqvML4mlyUuhOYT2pI1DAtSg1oOGKjcnKb27rz44h17aDB2k4CTWrGA4Fw4GdN3XoSgR7qJyhfOD1sLYEdB88UBXZFnOw1UCdywOCgHZH_Y18kQQfIDI9ZROOkvRwDTlvcwu5yUB-D5uiYIpRB1WQBlJvqALSh6mREXzkqDE45i23KBmIv5dGz9PgxHh2evK5KSlK7qPrx0dwMV9bGTozkNzLbjpSTAJLos4UgX3sectlqIhA7H9JfLuCymh81QqyXJIO1v_kbnfBkwPeAbCbR_yGfPGeaEdsT1vOJh8TVhENr28OA-NvOil8sgRsYteE5UgbVjQZ-XtwagWt3S8TCF07J9x3USvuB8p_ZETRMpXzHk8vjMEh5N2QXJwxL1MJEM7ILkxyMFnXcTqLX4HCeqpouZM9x1z1xgKPwXM5wGnhQbwR7SMhKRIlqZSKXnHnbBrjShO3H26icYRmhl6COdjz7WZTXTZL2GlX-ecjAIkyG2OBjq1hB3hXTeNsmFBD-5H4JbQGSK5Jg7yJ6U6z7oNX2UkpxiQj-5p2Gl4Q4829Cnub486apA_eT1JcG2BoX-3_JtelezEzmddVgGv9c9a3Rs5w2saPR8jwrGn6Vu1Xb2fqgZ5yldW9KOmsiIy9DsoXdnwfPurziCz7m8uo792IHRbt5n9Sa9QXaqgezPhpizDH5RsDdsgfLt9b4_59wuqNM1urt2vR8WCc4S1-iaCJoGk98vpBdt-sCJn8ovU-hlPvUR4tRNF8Yj3hct6ryIY5sSv2ZW8s1nCgucFy09MAlI9OXKHvzvCvfUT6b6l48SBdwbmlKNVVctqY-DFCMAagsiclyEqDjV57asxcyWSr9ZFKcjx-uV3_8_IcDN2uOBeYnlApLRCVIXtxaTKs50Gz80P5EcFO9xDsXDnj9GmGCHVQXIMro9B7ncHzKEypycBO4NQKuTc7PT2at5JaIDvuBCc7Ii02m3fRk2b3ggQvjWwTlgm6fWXLdqshJ9fLM1o0GVoDjI8pD_fZ5dBWafG61WiogL5g0xKU4Ea1sGRqUy9AkGunOOLtesPT4HQVSnNnhKCbUD4q4YVlR5MWkf6Jdt4CIJ9dNpPyopCU9HG06XtMM-odg4Kt_LJBf_7uf0BZEZc-Uc6z6MNr1JsItIHOn26q9_FtlCGnQumGe_0zkxaQ2BE939x6CEs-kTL6L22OIXsHP6ALDCgrENrejKfWA28KnaU2tmhzkCR6quw9Q2KDvOXjxfyoDTie9bdYl3JX_MvnOYj6E-DJ1tzpF-9gVYikRbcZlQvp1rgLJ-jsbfq68ACiDev4Js1mu_RcldvlHFWghF0tUomR0zvDX2FPsN3Z_OYaEsmSv7uiTqGQcfh8WbcqGjmm28XGQzGJtkoF3Nm4ak0rR1vmniLifs3apn7OFIrwwSNZjQLUrGPF8vHDItsAC-1jWBaKbm10vvcKjFP5UUfHXn2QTs42GWo30Prk02j4r4bH271JAXqPPlP5BhgPPeez-rNIc-98vng5V22_m6isJG3L06a81yK3yfDS772S9fO0Mgm7sDPH32HHJaANh5nwQnBqdzPbtC0IvEd1gzJtU5NfIbeGnA-YhvguV4R6kvCzsOoj1UXScERUaJI522bpkMOEMPV9qFR7pjF-I5RKgkeahQCj5NmtNWNzbpe-VyEZXpvfGclOflVV-A4hL9gMdkN_AXehq9bL8f9FSLrWJDZnRE0zvekw-QHvSzwE0X88R0GZeS8X2W0jAh9NTy_kl0Fjhb-xzg897SeSy8BhhYeVFxGlICzuXoQQlaiJKJAHDagqnULqgrSKi7PXEgHMEz13V6zhS6zU0FdP77LTZvhHMoH3-3p0nbRjSXIAhC0qJpBgigSLd-9WS8DNfTWkXtDXaNLeA&cid=CAASEuRo-9F38PhU8jcB44w0KjElbA&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82921adeca16b1bdd69e7ff5a188b9b7f27193029b0f5505c5d1cac693222e97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32373
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 1518 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4082-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802320.330417,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 5030854
it
ams1-ib.adnxs.com/ Frame 1518 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiQho-UBhCEmfDLyfnxn3MY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4oesDgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q29IbjlFTU9EWW9qN0JaQ2Y3X1VQdF8tOG9BMzYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RMVhRMGtqbldHOUlQOWNIS2hnUTZzdkYzN0F2S2FDcUIwZnFQV1gyd2VIdjk1OGU3ZC1CaW9UXzZVaEh3WV80Z1UyWmNqTVVHSTVFaV8zREg1NVZMU2l6N1lzelZGMURoSWZ0TW9hSnpWNlF3WWlRWjN4bmRrOHJmdlNHejJqQ3VlOVpKS1ZxajZvRU82cVo5ZEFNV1ZMX3dZRmM0eHpZaHdzbS1YWnRlbGEwdFMxUUxhM3FwQkU1RWZ2Y2VSa0RibTY0bnVDVWtOLV95alQ2aHdRRjlWMjJlUXZWVXE1Rmc5Uk9XQVoxVlFKZktpNEIzU0pYaERWbl9zQVZydDl5aVlURXltVEN2a3RmWWVWR1JqdlhDQUZZZVJRcm1fTXRQVmhhR1ZmbnA4bjZJMmt5bUtUMmtOXzZITHhlRFhvbUdRSnRvX2YtUFlpV0FHMU1NaEg0WjJOdkk1VFJ3MDR6WTdlY2txNHh4dTZBeUJuYXpnOEFFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9UW92dmJLdEM2NEUmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um8tOUYzOFBoVThqY0I0NHcwS2pFbGJBJnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM4MzA0NTc1OTE5NDU2NzgzNDkyIgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFqe2BspCc3r5QwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAeh6wPSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=125d25293252dbe7207ce812a96658d63c9b831b
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b3197749-53f4-4e05-bfe7-90f2faaeff0e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1518 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B9kOLXhBMHZJhiQb1DTRSqZSt5iwNg3gcpVIspPbXhEUXguB41G1Aq9zus6rPeRAz6r8rXh00OFld9l61nXwksrTTYbZjtbnnPVs8WcUIrlmhFkSM
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3725 		509 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNVImkWz83Mabegy1SR06g2uUPRCRjvLugWF911QaOTKQwPIvVHHbxc022diAGML8eVp76LtxqNXNHqaGiINhgsS3-Nnn7EA6KnFsdgt-oyLUN9M7pn70jCmoFj_rw3sJwkAJoNf_fryDn4i5M5R-fbqjIUzPWVoIRqiuCWlHCAfYKuGSc8337z03FsXNg4etAADS_ZQ1e_tM_TPA_F38-UOXy9SaIyKq0EkqcAZV-_xB9MSTfY
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b06b1213594a49cf6e6ce42a2ce34831f1c0f769492b13a05060906513f6ca0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
258
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C9CB 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkMIuJFJRgpHLm-vpd5ic3EaI92JbhmBoIPck2J9tf0yY0g68RARDZpVOZ5ISEXoiS86HXUuh_952252q4TxK5NH-miFu1R5P95GnezJHUnasrTbmTNXEQXLKbdPaEex4dCZY4rfiJXFt8fGjEeYynutgtzg&cry=1&dbm_d=AKAmf-AtAL1NcMi8VoGjCLCpfIcjkhYi8Tm59fv1lr2BHZq9FgI2phFa4Z9QzeqIPueaiSaP4Lhd1MM2Ojrjc4IXYiSsyIBz583BTJa29j-qeCCGjJOFisopZFILtKJ0qNs2vi4A-NrcE3wRKqSSeMJAG9DD9NMX5PKnAnY8QD2C8ews559swX2-SkBDYXHDXZ_w8KdSemmgVF9pZ3osPsjVLQW8IqkbPXxQn60O98V3QUBUyMLwMfxvikKXRbv8zTHAblipMVJIBiKroL6DlX1Apk8FsUKURpdYpePDsg1zThZX6spa31UApFmqsL_6ds8CD_mgMi5JRFa3i2g9Oo3mPmFH6pvonX05FdMAdnc6q5WpWokebWG9qsEKC1bUw13NxKGmM-_LJUoxheeCmX3_uPBWcsGLrto-WAU1iPBTAomdOrOZOt__F7su6imgYtF-5I2ledcknD3-kbrmET3vzSTX4Zf6IRh8d4OlUXqwUT6CCjBUeCUPbchFuJdXyasDIFbNr-h-z7J1bxHW0W7xWX7cDpTivqEQtwv3zfQIrRhowkURGcAeKMZBkzrH7m1EOFLMM2jlLeKmCCNzMeEeOQJJ4TP_yMMi4-mdmbfmLedPubBHNV4N38lWwx8D4Cmw1rDtxC5HFW-jFzajj9tiH2QrLsPwabFWG2MPYuqNmgtfpHRIfKQ0MTQfauSOHfPCIi5SWFa189AEH0-klvMYxqaO2tm4SFGmEkVdvPiuplTo0fn-R6p0VMeLy5xmJiIFiqM9eXm0nfP66uZvxhzmsm95PzsiiqpoU0QLwJTwGHGHWjWUS2c6kwro_H0Md7eQGN5vFlXYOQZt34LEb8Y1JjERQXL-ALoVL0iSpkDZzx_wMqEeSahttRWR33il6ySrqL6vTkl_AE_N61q2UZJlm43X6kTYLV5xK56YiBNI_RtU9JHRGfrRbc6hOUmH7kZoA4M4xlaZ-2WDL76rOI1nJEgezO7jOXbvJ8P8z-GdbsMdpeNd6T-5nSdHwt0DTKWTdZTj5fISk1lTVwQNuENnih3NYASObGm2UgRhmtgoQf6N72Xc8_NRU5RuoGGgJPBCBAspRqdwrySFuBZ3jofRMNaOzPhVwFxIT3TF5QztXsg6anwdQLipBHFEZVrMTGJKVtWqtkuQfiEeLhHm-dWr__2a0UnPwmKJdFuC4ShJ6srNyCdNQVZSD4DXIesGOfWW_TNrH03U-mAIMhNU3I_GrP225Ds7nKM64UZhOh33gsP8a3qJp-NdraELgWBcC9kxRXDx9qCnFCad4P9Qv0PTBVUkcfSgFPcFTSF3vnIW2rjrILSZdFGv5sztXYLAjM63lsogGesfPezFB3T9-R7Mj7OdHM5anWGiCRzAKrkyoXSne3YLFfXwi3YZvunbGI5iEQSfDaNiTt0VYejj_ZPaSmSHu_sGArf7-cpbfDc4FtZzOL1POo_iwogoa_x_3yhABQARSO6X0MQ2qW2VL3GEgR_VF21gZLEzHZN7S2SpAyK9VNoRuKAedPwkPIaL_b-BJV3lQ-F3NlIDZAYC3Y0vzpC70N22hqdevSVYSz5gIAs-oXMUqUI5SrHiOE6xgV6IBmogJuQMZsFda5tJpVCmErPybHJ-Q0XTieEMfdF0iWp9VVH8mr8Id3Abhry5hx-U9jPu7ysrS42IHt45-e2s6d12qtq8Q0rSWbRhG8pAiJCX5DdtqqHH_wubpVUyEpELJdwnIw0yb3a7Ppt9FqyTeO0lq8gHtqW8oV3uPem0GflnQc76kBlSoUKR5mnDNrWn2U4eXeJay3TENjZORP7JO8a0p3VIHQF6mX7E4LAi1u7uinaf3xMdXCO8RhZuffKEGSZ_pwG02PVottjM9R02NwGT3tkhcCniRluosAx9BDOyoJeqyvAY7yum0oqi6oErTOqK0B-OGvyOgEZRv-EuauC7SWM0TbnhD_8gp2MOPLFOOf4Bm8-ZGxGDQ8fZsncQCkMnmsmBjePtI9qA0NHosUTzj6vW0HccbZEqysKiDmsXa9fAO8yqLVH-g0h0FJ1zkhVEdOs67BNsszzuGBfxuxzjeiTrv52SIwTy6HBsQhlfd3GiZTYJiepKKVd97iUO7KvhBnwJ7RCojb2spp36ZX1nPmqaICv4744i9nDh_gO58CMcX41aPTD_2YmCy1bmttz3klFqV2CL2i873VcfWqTy0rjid9aIxwa356QeRmZ_SnO3sW9cLq9cwvTJHy-lUQC1Eo8zJOzUeRQSPdlE2Bt61AdlF68Mu_ksB2CuP9jHjijrX9o7z5iQcwLGXbUq8_EYEMrZLtK5dYm-Oa-0DR25dIN5vyThQrcc-eTbyr9yRdDfL0yzf-ySVHihhqnGoPmz5mq9SJSst34IDx1Y-EDP8at1_myc8cKXG6k5z5N9OgI-qFAXgqGEAOg7y7lVHHuxjndvS4H8XFu-nepxv7jMeE8MM0U4ZoAnyVZI6vTTyV4us0k1FzXg2pg06v1SkTvaISqCOTH2Ygniydw3QDD-KJVhT20GoDnEDp_LZZDSi95EQY5DFwx5Rzb72vxuR6waGElyON6CvzGSKvgjY8PS34RrQAYlzUhpvifJ0-zXgBm4vwsYKByZ6m9xYhquaJ9iPrrHzs_k45LDHHiRXeqd9wNGCyPvKcX8uFSDtGm7uNyzaJHc-HHPgtaBwaj9FONCLk2xjKjdj3OD5Jw2lULGV64pSrC2iRprILPRfaCveodAeZccTAAen0VDXR9lrU3D65-NIgdk-F_q7Eq2xW7kah6uQfG1W1_06Xh7TUWdUzOiM5mLR806T5h_LXSv7Xb9iJOc-CwfCik3sUhGYBqdzsGF7MFgmXpLks-dhogtGeTucA3EK2HAxPREsTC6DFmrip8m6o3iMD-MApnun1g5zWR1SpAIXawdeHjYIYBqMsdPzKKNyFd5ds6w3ORgZjFeS01z2PBv85EEmQpGQgfKawM2-aBj14tfpBO9scIvCJOuwtY4ii6hxyTlz9D4SZ7AGgYmbVy4MrUft2E84pT_b3ZrKkgvYDKxF3koP36gyWV-bTTdRyO86bddKxSEl8lAn8yDMsX_L4RUpeAu7e9iGi6Yp1jTXu5Ijf7VB6F6vzJeZUpbWVTNglz_j9I0rZFUr3De1JbpD_HEoGyAzuNAVlMO4H4qhFJqoUzw_1GT5MIVigWTPXuNtVC9VPKGbvrLIsm9ILHjZ11AQGiAuBPr4PTrkA7Fbk7-5CEuhEyPab4rgy1ci7gk44gMDEVVudSXXTOeZV4szYeXJAmmsIn2owPnB6rSLzkbI3TstDIPRj9nGgGzfJBZ9dNGzIGFBZUrxeHv8-hDTYPzYs345kZWIPRqaLtOYoqTGx18RYuNBTXh__Y9aRonvguvxlINlZK9kSLec1o1RJyqeUeVpb2aiuTV1qu3bEXkZBeB4l9z9O1EMDZ7rEJW_VVy1mJp4DpllzhLMNJ0Pm8fJfYOFl3dJRM2wVBtHdfP7xy1PvoCaV71rY3j03PUqAY9YSKfkNoBLDiR7qIHuwDzY0LtkRMVoic3ukviPqYpqALQiqf_hxE_sgTN6xsTz1BfcpJm1pL24Iy7&cid=CAASEuRoBwdt0czy51Nst5255Pxu5Q&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
188d7650f2e55ca05d93025ca708c8c1dfc19fa283c5d8f61a66808040ea0f9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32350
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame C9CB 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4082-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802320.351629,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 5030855
it
ams1-ib.adnxs.com/ Frame C9CB 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiQho-UBhDyh9Kgl_GdjToY0sWY0qrvobloKjYJQl4PJsXH0z8RWZ74Szoz0D8ZAAAAIK5H0T8hWZ74Szoz0D8pQl4JJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF48b4DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q3FxUGZFTU9EWW9YcEJZaUJnUWVpXzd2WUNmclN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDeWRLSUxiU1RzVDZvQXdHcUJKY0NUOUNxTjV0V1lYeERjaXlhUVZRekFxRTkxVkxvSF9FRndlekhaYXVROUpXRVI4LU1jWnEwSVVwV3o2LWg2VTJ3V3FuSHIxdmp0VV9rOFdPZXZWVVFxLWpCYUJUd3B0RDMyaGY5THVXV0ZGblUwbUpzRVB2NHRKclBJNHpNQ1N4aVNteUprQldpUzdEcjNMTm54SDV5Ui1mcElpQi0xWjJLU0lwTk9FVUJPZ3FxRWx4dXAtNkl3VGM0VG40ck1wWTRmZTBwVTJQckpDcjViVUV3dXFvQlpGZTRJQldDcFBrNFZYSVN6aDdGQno5ZWVLN2JpdU9SelBUWDBYbVVyOVItZjZIam9TeUxuZ1BZRl8tXzdIMkxrNjQ2aTVTZk9xaEp2YzF4SEtnREFmT3F5S3JRdEpMTFc4QzRMc2dzdEx6YlhTQ2NtWDFvemg4OUV5eFFfYW11MGRQYzMwcGdLc1RNalFpRGpvQmNQbUVJajRsMXd1STZ3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F6TzRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD1sMmNzNFFPNW15ayZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb0J3ZHQwY3p5NTFOc3Q1MjU1UHh1NVEmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzQxODY3OTAyMzU4MzYwMjM3OTQiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAXatJTh9fT_zlrABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB_G-A9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=2d96844df3bfc109aac0afe09477baa9b9b8a2fd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
503a4e77-3ea5-44b7-8cd5-1c981f8d3e3f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9CB 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bm_QdfWDaGHleAlIXWD-K6lysVme_pR_kpSAtMs-wQDLuzy7FI-vctVG0_xJevV8FTY4JJiEiNL5PUZFc_3XavjO4gkAtnsONJfAjvl4LjvsP5vLc
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A972 		502 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNVWmgG9wUSxU9H8gfDFnDLMMW4B6k5y7-1Fk3PYgvJZ8HWMfAXdCcy7YCie9a0TfdghZssf8uVjDKsfE7UHHSmu1d85S2YfYjjc7mtRMO1MBV8XuJftAsO59g-ekxTzsWKdQVWlhy8VISv5ISbwAFDpMQEYBfnid5QyzQnwaYXnGNr7s-hPPNDqJR5YxzPz2nQxwlIvseVgwUySkArQ7hIvd6pOLMkeR8x66UdElyVJFVbLMqk
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bc6fef827aa7f88d62e98cfd829fb47732fad974b68bfc79716d492fe1bb4c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
275
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 7EC3 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS9iBuzVrbzfokEjMif4kS0ZqpO3bZtQyh1Oysx8qGBTDo7l6AH9Z3mx2mqnbCYaXvMNngTQpN5-33-h79QRDy8YV7NEN68CYpSzMXDJXG4lwUVbHpx5DqaHDunToczxt9YYmIsftoamJNBX9Xm-CKx2ukjQ&cry=1&dbm_d=AKAmf-DoN4VqraAL6nfkdU9NFM733p4qaqO3upT_vVeGamMb2HmWdpZEzm5mGm2Riv17Fs1yLZq2CNXeXay0uNEcNQxA7R3_vXlQ65nnpix90JmL441u40oLBScjGBesKAyWOToI0x8Un1X0AVmGgCSlMxpNe5qgB0Z-EcXjLw_wiXLh31aivyL42GqA573IA6b7vo_3llsJ7s5ldq2627TaZNKP-9FiYzkWqVAF_II6VzjYZwaAdRIISc1AbZchb06upLG7uld8t5_sYJCinUlAuCMj45Kx1Pu2W7H8Ep0S2DYNpiX2w9Erm8ZGWMR51_ffz-W-FGIT8z7avSXtgoqUQ3EyHjwn8ZlyvztJ1CjSAH3rcUgc3yOe_9aeagmt5QlVb3chmY8E-EC1lkneGxHMhNuVudQHagafoYSGTSTnhdyZkt-PdxMLoNK4hMjSbswFLg9__W_Zh76OZoZLoLhQ_m4PISGy-eObQeCEiGpqOq7zN1SAr7dYobLITyW0SL281zA60sh4ZnFpZedr3XsYZtS6pEWPwLZbao5rei8Wcval2HVcyW7Mtw8bLhapYuRHOY3SeuQ_ifi1HZU394abJ8MOy-hweEU71WP_NSp96HjHC_7OrdET90mlvbWwy7vEe0ehfzQlWDJOShI4ruIYMLuixPUxoqom9HRczyK00CU1XT0GBfwn3C3s4HBuIRjYDpufptdJGrCcamWl27jGZ3F8ybdWMUlZjqt0HAiHSOhjO2-BgIhArPFnIvj8E5a4wNXr0MMyrxbq9gASD4D12r9517mjWO5ltUvJVip61ecRK_Upn2hSK7ArsNbbSN0k2KxqyTrcwAI1gFcxtyavLHYkAWCPvDNq2o2ivSYRW17d9sacsWxvYqB_0ILynkmLcKKOuuxlpmFpql-FFDyocOjLvkAP0jocAMLStZlWlgZ1nmKm2uyujgBSKWkW8w47QfU0X7F8Tfj105jrymFBg-aPtuDu_hi0KqylDyVrvalFFAnqco3H9vsEi6MeOEGFFPRCbCxziBUDgKQpK7n4aA9UgMhVu75eDVoQvzE_Eu5Uo9XAaDQ7N-dWn6TXczTPFMH1faCYVFbROcPwzTvgECJSZaBm1bPca8kIsvHdHO_0xSWXiIBUZUwXZ2ScUYnDlHGnyhEEmiukL1wj64SfT7RE49k17A8uqdiqYifxeLAOYnQpiO0hZ2xpxMdx9cKDesHrFLVw9bRIEhd2IIo7IQGrqiUjKqHpI4xJLMypZ18D7Ra9yT4tM0VeWay03ershxeLXv__ns66EUry2HhetvrYXHxBrG7kBtx-6mZ923Sq1E3Dz7rS-NDiRrWXTGd5Kzul6MnmuffbFvdXu-CEFaM2z2lsV26h8FgVoAADmRnGYujbQiAk4d_-I2t22og06aCZtR127QTM_yM1MP-n3bg59YzR2XrF-lgsnyb608h6RhyJWtUNpOcj9RDEYTN0Z33gCvAicxQm6nvweJt8CYLFTU26dm4YA1M3mj6H30fFLOWzXYi2MG7BwEAyqwl7CHA9hTZB02CstJze7M9ITitNHrTT2HAJvfYNYHBSr5jXHzFDKVuABlBCCKfi3lfOkYoKgxRnfDxH9dTkdussXcxDYX9vbVAmUjdRd0uIe3AfPN59sX1A0O0EOxaPsBwm8_E2xOUSmXbfuk7dGK1z1foRYD9RPTBHnQHP_279jdehlTXpBPNJ-sUZRtS5zQTlduDmsgadz7x1GGp2a-6IaTeqd-f2Bmiv6zgsbEmKjxfgDcAyg7og0X0ZrVZSqFLbbS_KaltmkaHxH0dK-94vBfpnUaNquT5Qph1G7-duh5-fV9Sv30nrUKr_zCjbxmf_jOWXIo_vItsn9y1LJBVkgaYmBAK25P0zT0ZTs2Si8MFgW8rSc9rITcBweiM0cd6jrbFOYsx9npHI-nSYc4Rtl5CFF70oYAKKqxqozmQyvsE3stpBHqrGMOq19XDmnLKssCJAEKTdfqbeSVuFKBaJraC5deA4HQ8eOZvTXuHGUBjn3y65y2ucy2VmlHFEmGXzbeOx35E4qJFY9rJfcR-8Eye7AO2fa6elcC-8J2Qsg_bBFhiahQs4vJLdew11AI1tqxzHiKzAVNo-SMBCUCBcsMLxNor1OX-S_r2Id-hu1DsJG-Ms1-Jj3NB1ZD1gwHqLYQwBivISxG0acUReMixOvqhuBCtybHf816oy0mm4oqKjlpdEO5DzBOWzDRyn25fB6OIzncV2UXTynRfhsZcsRch713bM2x5BktCIaKuwRbKDpJD6_cjjRXQfsS0nIjOMF2TWpNfDewzFMIsc7Gtr93SFaa_8QO_s0g7F54rs3zTGuj1uYwSK1Lrg8r5UQU5WGMTkc7QXRavw4_S8E5_nX5wolxNBZi-zKHNXvmytPv328wHDCffTRu9CfZXlmbWs0dTIVSkJCHWTkqZwWxBnW2Vpig9N_15uTU2bcmuYJvyZLVbEPPe7Kklt3M-xJilLV1wcXn7cjKeig485NFkAm58QyhVEMt5YBvl0IR0iKYwA0V4mWddza2cE5Qmo5uwUU7lwNV7PkQSsZat4Ynmhwdr__luUoEdqQdKeQ-CAx8uo6PpB1wtrKVB9MGPnOP-9Ycn2-wK0OhJxVpDYqManBAbBpZxbDn-FQkfmMJL8IO-q-IoN-J01SJcnt4MEKMT2si_F4nF5-w-YjeKzFeB6jzA55MNOy6fwl2RpURSC4BdT68533U9Zdy5oAhi_OnnYvz3nw5qjJeSaYqi6aNTodn65xo2lyxk41vBqCxgasewTMKiShBB6-5AuX8YJ_5LTzVFtxaN5uds3BCRFhRC43wjJlu4i6l0JpHR0oLJXUV9oAd1a1iEYRqk3RxROB3QoB9R2pyEnxba0Q51oTyYf79GV568l4CUSuJs9N0QuVI8gO8v3StoTVJvSWuNqmygExv4EcC07hs6CzN_vaeGmBZrFo-ytmuuKnZLb_GiXfM1xxLKJFFPIbSdKay_oYNSKyV39ZL26Lw1KtBOJ9os8_MqNeaPclmdRxa5WjPSu_9G2sAuEoHDUTNFGsRZ-kdrwsh11LUAjh_iu_Cc4EEsWu0zCGqFLZ2VhfrUrtzNkvxxjE74fYWIDIELrkXuLxrLTb0OV6Z_zIC0v7yoJTgFY6tx7BDZLPb68Ywh9qFJNfods_KJWgsTLUgAQDSjon90dptYWt_Ntktn_1_jDrevo1kg9MSLI_sCqArthuwQBijrWywASKb_Froe1tJ5i9jEYpPgiGc2k89272pPGi45iIIFnzkTs9Wq5whiEF8aE0zp5AlP9AYPdYXP9-3WPqPWILuzZnT74vBJ_2IRUQdIhHIzOK2sKuxfrEUcIm5TQxvbizq6ttPDVBrGH6BW0bb_Oo6cozCq24HUjXp-1o3L_OkXdWmU87jLg0TcW4gFwsiD8qbF5C5GqHkEBvkKyowoLHGzp9OphxZNFsyFz351VSnh6dzxDvoazP_b9MS2wzYxyYHEEjii_Ku7R5bYNnnqiU7D6ZW04S_xtbKqUXcFY9l6pFJrdpfpJSQcknOYbfqj2YS95oDGBJUFXKTa4CJfOQiU7WcUU&cid=CAASEuRoozhViTK_406WaVTpfQBoxw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4b0ca2e36432abb08eee18706726531563e168b0bbf469f1e67c078a618d2d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32372
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 7EC3 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4082-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802320.363746,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 5030856
it
ams1-ib.adnxs.com/ Frame 7EC3 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiQho-UBhC__qrU4rr10xQY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF46-gFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q0NuMldFTU9EWXZuWENkZUI3Z1B5cElDSURQclN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDYTFyZFZrS3VzVDZvQXdHcUJKY0NUOUFYZjdFZTFqOGV6Slg2d09saC1hZTR3cnNjb2hHX0s4Zl9ZYVFuLVBTNHcydmJ0aTZjWUNIYW5KOEpjQ3VnM2J2RjFDeDN5ZGdlVUxINlhwcTNKaFhreWNUTEhxSGNkczlGMWRZUHA5VXdMdXVkNUVrYTFSbHdpT1JFSXphc2ZCNEFXSmYtTXhra2x1Yk9randpckwtblktcHpOTlg1dnFCQnNaMFpkWXROR19YTFZFVlcwWXFCdG9TbTlNUDRkYy1XMnZuSTFTRXBFMWJ3bGR2UVpWY3Z3WkZkWW1lYzhJMVV0YXNaQ2g2RkVlTDU2SlN1YUFTZWhrZVN0bXFPNXZMOWZPMFloNG5qLXlQQkFqcldzWFpfMXk3OWJna2tSTTRQU09GRzB3dXpfLVhmem1HemkwOHdBd2ZKaFJoRTZKQV9oODluNFh5RnFrWmdYaXpPUzJpRGJRdjJaMGxXUy0wQ3paYWlnMzJsRERIYkJUbEF3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F5LTRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD1LR3lCNm5Ed3dsSSZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb296aFZpVEtfNDA2V2FWVHBmUUJveHcmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzE0ODgzOTMzMTc2ODI2OTE5MDMiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAXnq6rDgdbLhHbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB-voBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=e1d41df59ceb8be5487040956474513502b142b3
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6406e15e-b112-4263-a0ab-e8670ead882a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EC3 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AVEoc1wl84MycE5j7yfFKmRcmB_hTb7xWfwRRFuB0KkOm1JxmrLZ-aEolTkOCH50MLr7NJfiBZupZIIniBCGjKoyLg0xJK3ZEyU_mXifXixPkHjfE
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220509&jk=2444593629601941&bg=!urmluf3NAAZX5TVhd-U7ACkAdvg8Wl1FVBzxxeRHXPbqRPxDxaGRgFKR9X-PcrSMJ-8bwkrHdK3F3AIAAAGJUgAAAAloAQeZArpBX7lAMYXdsm9mxDS1d8zcWbogmU9W5L5HdpvtvYirK5V2h5R16iUtEgxy9mX4L4MySOMhRc13WI9QjcTPw4Hv9ilQ60-4B3fedZOW8HndysUaOc_3VHLSpyZYDpCHiwR68oWiOfDG1iLpaDce_PFOuPeDAEfECDIA7xSNq8-NcenGFKBVkSH5wpp1MxDMb64fn_CtK5FDHW0hyPVsL9Iy7eaumh8b1Xb52nau9ri_L7eDHp_1ymx4qvWG6EhYRkB1djn_e_ibl9gJSECNio676FB-YMv5nKq-fku3ljX67n6xJ07Ke2emJiZLiReEubgI3iGP1fLgynCpHBIcM_0bHB8zC6F3Rv0OfGhTmf2PBuWMALpN6LKb6etSUZIewSqjntM4gGmWEf3tFI2Z42bC999ZJyPiVtpZJJ2rKQka5-J92Yje6h41wjS3iOrddYveFCVMcMYxGYXJiNLjUr_aqQ4i2wI3fxFYjJ3oXEsA0OgiHWRxdNK_YZA2z1uU9XCqYLAoJxSMloDxtrVioZ0_2-XhPuekFz_s_KrSORCD2agi7BpFJrxDNZ4D6OoPsnw4HIbRuln7iQIJygf2ZKqhwP2TaNA6H-OJR7Sbc-ea3Kkj4x6rsM-hbKIY36yi6-LdJNqFXyF1B2yrlg5CCzpE2vp6pDBHUyZ_MkKRvAFaPb4Ho6XezDMdXNeW9JM681rE9ehEQxuEGw1DbttGT3_N4UDNT4jEynb5YVtK6LMtRYQEh1WuGkYmNI0HNTe1roEk_uWwJXSu946XmbCRqy9mtIJi11GU9k_nfV7wZ4Iz6uyM4GX2MTIt9CnjBGq_HkqkqW55UpKI0clxM7GBbzhWuMlt3lbQBlbYjLoPOSNBHfy7tEYZn6BANsilecX9TlbxGFjLLU6tkPHnlVMZv3sJZqvJBLDRX0l4Iw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 368E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEK9tWx54JQb8K9SzhxFAZf0&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEK9tWx54JQb8K9SzhxFAZf0&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=89fdb0afdb09333069244c7a665ea9ef&uid=89fdb0afdb09333069244c7a665ea...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNW5lFf09Ni6AVYrVI6BziCKymFtlmZrx1-Uuawg3IMyrbTjQjuY7Ea1eb0WEC8-H93cmovAz_d0f6b886PnR63PUmE-OhlvAHUCV1lHHkf6Ye93jJxiXlk6XKkf7ys9e3Xjo3hX4d_idkMf3dN1chmaZhWXykSDYE6H2fx1ttaPRJrGF6i4x9V5Ik57-C2thkhv7VWrN733HKhlGCIbvV2nA6FnRcRoxE6T2UXHmLPIpzRZ7nk
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Last-Modified
Tue, 17 May 2022 15:45:20 GMT
Server
nginx
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
sync
ad.sxp.smartclip.net/ Frame 368E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOmQ3t_9DQGwNr9C0EwHADY&google_cver=1
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOmQ3t_9DQGwNr9C0EwHADY&google_cver=1&ang_testid=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOmQ3t_9DQGwNr9C0EwHADY&google_cver=1&ang_testid=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNW5lFf09Ni6AVYrVI6BziCKymFtlmZrx1-Uuawg3IMyrbTjQjuY7Ea1eb0WEC8-H93cmovAz_d0f6b886PnR63PUmE-OhlvAHUCV1lHHkf6Ye93jJxiXlk6XKkf7ys9e3Xjo3hX4d_idkMf3dN1chmaZhWXykSDYE6H2fx1ttaPRJrGF6i4x9V5Ik57-C2thkhv7VWrN733HKhlGCIbvV2nA6FnRcRoxE6T2UXHmLPIpzRZ7nk
Protocol
H3
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 17 May 2022 15:45:20 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOmQ3t_9DQGwNr9C0EwHADY&google_cver=1&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
m
ad.yieldlab.net/ Frame 2F24
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFngFn_8u_4VeruQeLUJri8&google_cver=1
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFngFn_8u_4VeruQeLUJri8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNUiHLNTO9k-L2oM7-WkvpwzQd2HK45xlMveSWW3vNlkQX3ArwAcZdptzJdY_LG3TFuK4Vegb7QL8F9L54ajbGtk10RO8WyenBoX7USXWDSyIwWQ1KvnMYDPuyZdjQ0acRsYzB02ae-FaCdZnJZD3C73YvsKZDPNzLhP2s10TsF2TGJa27uZzgMkmOQkY0qmIjhrIA_qpd5Io1nq4pPpG4cx4m7j__FXiYATtp1yTINmJ4BjXiY
Protocol
HTTP/1.1
Server
96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-132-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Mon, 16 May 2022 15:45:20 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFngFn_8u_4VeruQeLUJri8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 2F24
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEC3Hx1GwGREmAC22iUGTEoE&google_cver=1&adform_v=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEC3Hx1GwGREmAC22iUGTEoE&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNUiHLNTO9k-L2oM7-WkvpwzQd2HK45xlMveSWW3vNlkQX3ArwAcZdptzJdY_LG3TFuK4Vegb7QL8F9L54ajbGtk10RO8WyenBoX7USXWDSyIwWQ1KvnMYDPuyZdjQ0acRsYzB02ae-FaCdZnJZD3C73YvsKZDPNzLhP2s10TsF2TGJa27uZzgMkmOQkY0qmIjhrIA_qpd5Io1nq4pPpG4cx4m7j__FXiYATtp1yTINmJ4BjXiY
Protocol
H2
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
last-modified
Wed, 17 Apr 2019 14:00:27 GMT
server
nginx
accept-ranges
bytes
etag
"5cb7317b-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEC3Hx1GwGREmAC22iUGTEoE&google_cver=1&adform_v=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame ED9E 		243 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNV9Q7TN-Is6GkKSbbziWKYXV0TSzkk1i5fml6DLE9NZylOzS78cE5sptxrz3aLiRFtkVhGDaELwHLk-fdssyIfImoKEfpgfVaN8R1A4CaB0cotSnQx5tzwTqNx3uPmX3AZQPOFFMdvgNWxvxyuM9NQ693tzb4xbUiKiB8Yt4S0hYjzzmCMztNHlqRi1ZkYDzN4N1_LVFxd4fyMvG56olx2Kypy2MNm4w8TbomPq4-FC6NgSxUw
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfe5e005c857bd2f9eac3278e18483a9e663c41c250c05e64d527b83f8f84ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 1E5C 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJcd1y8FdSnkRIqKLOCKIGAOAxUeQGWfKlFi5qt951zSpALZFuvxmASw_153LEE6aBhd1bEJ3QkS9GeSfGdy5mcZcOevbOEagE-VuI-Drw0Nlde28ubLjee8M4wY6fmXeUSsU5eLzaQGKyQL1ZgqlpI3epBA&cry=1&dbm_d=AKAmf-AukYCwGG7jFwY90_NwAlDIYdpBEga2YbY29U3jbuFkdmGuq7vu2F1LNBdxxiVTVgSz5HouEQpLjev_kHBUuOcblKpRPkkB5OPi_FTSIL1Q5sLtWkN8nYgUwKjskNDNzYhJaLX1XrwN1MZQyeDynxuUtVYLoeAWn7EclSEw0pbaiNpK5dMRuaMNERvqvoN5KWYCsmMngaRFv-_RfM_GBaFx5yNIDwJM7WCfjRhFL5z29Xh8wsiWfZENCdNSoQefudxIm-P8AqAEPULAbrLGg9lLOfFbJ5AM_rJ2YRVrObRTlnn-8yeiQ7CjpO_hRmgRFxPuneact7SiUfwniTBIh0lZVG0_df_WIb0Gikp1KkU4PZcYMd01AC0y_D8PT_63qv4Fgd1gBCzXNGgkHYG1mu8mKIprMC675Ka-blxDrbJMO1WJlY7CwRt_opZK5nvgfRQk1nle9haY8KllY0jDNDolhUM3D0Joe1wKT-W4NTCagj8rz4LG2nXRDOMZ4SwpgNO_O8B4pq-DYiefQn9sXeX2jJ5ne5nW3R4XfTHZHDpLwzsrr4zrtPcJJpb2YBUOS4C6BiGCI3O8ij0mfcb18MJN6F5zJmUpq0ToXR0yY_3REiL085cp8HI1RMm1Ci4cX77I5mY8NKREvxrrRKWNIkPPhrSbiAgvj4jIoyZM0Q3OSQ5TpK-yPMlS_vUPSItZjFkgPYkh9vNMSX8hBFbzq81ilIolNIZt16eAHnIBHwu-TY9nr1ljjEgdLpdnnk6XHJ6UzjLgksyqDJYlzGAQUN1g6zuxE5Ms8PHC6clJQfa3TvlXUaw-7Uc_e2CWcD6kUjF1ck1cEjamLKKd5aFrkMJSIWx9TVR8jrq7fgvo2zIhlg3nuV_5pB-BikcTZc_6g2315T5NlX-yo0LYJKD2LRHc2wFDmTzDdnBJBmZzYQoaIi7MuBpxQIGJzE_Eevlp53s6Rzq3pWQWtsWxrW0mxLjUXvst6s8v-KU3LVJIFpx2y5YQtapwx-wJ5BMLkg306Ojj2Z6pf4q8xVM2uhqR0mgQOIdpQ_Y5YGHlHyo-QblS4PlEh6OoRiQ8l4Nqcy31DGJlLEv9TmNe5m9HyEH5xnwSH83JHqoD61yfGgX9LbvtT8wymqwtaFvJJe4FC6AeKD4GsjNMBn79zsYmL-vgDHsBqHHQ2IrxLZHYSKlVqKzrgQArfrcsWlL0uELZ0frHwL-8UnbNPfdugUHqMV6GATSfh_-P-WQ-FS1E8IWH0QJy0xpfldMFb7rxIVkcv4VHydEAS19ueMPcS7GvmHIoQLOkIiGt1gPl9p1HpvvpR71JHyHFmNcXshelHBDtHPh7uKqebCqxYz9hH18COjZsI2JRjnCJ0vvhc_4msXVmYxNTI4SUis12zO95IoYXJ_U7d3GRrUU-zf6OZ1wpJPJS8cO25VJCnJwNsC8pg_mb7OBnwiyq5Oo4B5z3bL9U3DmfoHksBeW8fKfuYGGPUKkTcXTNfQzX4FxQ-xQGTn7Kti1795H6UxDBYOXi6AbFVUts-lZ8JS2sJitlDII9qi71xw2SKK11lrhVfGMUmzORJftp4yvgIopdyu0eaTq-CME6jPmJx1Xa69adZ8Dy9930qiYNQ4GVRhEm9xKHgxF5pjwP4YwoLLNahhPGYrVlSoodlb_QPj73JCXfCA9U2NFBHNiwHLWH-KAQrX7bH3gVtwImqpi6X6aoAECPAgCoWKKWJE76B9nXmQceX5n7I2v4JjvW5pn7MxpIfdEEJXSBa-o3skwJt54oHXV7cr75rduhhppRUknPMn66gvy_FWjntM9CgEPIxqjspGGBHbuziJT2uH4kd5yWWwTwERS7nVXJUkwBWsG0zcfLu1BnAe58RYNDJ8gXRct_4H3ppG8h95_zhksQBayVkJ4q7hj0-S7HmIsl9yT00mOtJQrdACr_T6RVIKh72ksbmX_GuYPE2GXsiBD_q0hKgdkauChG1IJ2Nj8Bn-Tlr4mWqwyrFn0qrq13Eat3W59Fq3SU-SvgnAPq5jzSQhyWsxJrDptHzaOZMLRixUXJXUYLgLnsUo09XML-foLQrZ8mGXPrdOJ6dDMlR5_ncimUEtB2L4EWUACyEjtsxkRziYfRK8KoLegQ0P346Tc4Tai9M2Gry1otPxIymKauwK_SAPPK1ZbhQttOyxv6GtKCF1zSkOt1fhtVv0ry3vl1u01tf14GMGq8ujPlWQfNZ3FhRIkmbUemP3wOPBNR_xkMiYWvB6jNQwctHIAvkzAqLuPyqfC5Iy7PLO1eAlqh2ltIKzM5O9lHrD_sWp4xDhMH9gBpaRsQrLXD6646qCxhaXJ2m9ULAsdJ5Jc_93jvzWgiL8y_hkpimoLsUQDdFrvdEx1H7lCOSuHVHsoIfMVmWNQTr_IEgzpmCfO2rKmPN6UqM0QNpDhkzas4bgvWt-Fda2o8WLoP2dFUC04AzsnpDGhi7tuA7AUwhVez91vOFS2wrs-rEQm3eMNN4ksn2hjK046G04QCQwN9TP9Ejflf65tTibUm58AqMEoaXvkiRukxxZsmDoeLw-Sj0DUob3BSh_BJ0gijGA9ZFoxfPeoJOjMdoEaPrb2rt1HanrCpPUVDzLoyB9Y_JaO6jJD195fkUaJiE90nusMd1uC5LH-j_HGVaTC1_7Jb66rOZPC13wiooIoWn5MskK3bW-bpwZnTw-lKADO8wUpftPIZyVcXkeYqRSPeMiZOKwliBJbU4OFkXOf_KyfyPefOypF6tO-FSMsBiq4ejkk1BfYmgrd2A9soWq9XoYnnY_WHztEg3zVioQyKB4QD2rvHAtdxLp8BQv43PDLhNDhsU3oABLH_l6OpbGpezkx5Hsl_6Hxe-dZIuv_mLMiFx7ZWUH3grEC7fTKWMkBKloaxcfz4gbCeZis6sAkIbsV8saLGRVbadFeuw5zmx3V_pmGZJi47211yGmR4Q2OYwFln5jp47Q9nazE-L7ezADL7uTamdD1kkzcwTw_u2jCyJuQjRqzbbjqnty9aT7aOnKTyBTW2A-5G_N3cn_Ct14gWG2oUkghRoJqWjrHAf-agRyFtJAmbbhE-hRfvw3nROihL8f0D0S7fACl5xuX4H7W-DDKK8QNWnGZDbR-oC8KGFxJTiM-Hz5sE2OmiMFQr6TY5Ntqa2DTe5rAk6rcgaI2UJBRowhFK27qKjNa_g16Psofg_CAMJCYSq1if3vxazvTxS7I2BVDK_W5ruY6kT_1S5nucQJn8rZAG-Xnpj2BqeBrfMPLi72QcJJRSXfYJCzSL1q9mWvBaCk2OfQIZ8RpOaHhISTSIM6V2f-FRZRRoXmduDrOleDYaStfWnfDcHk_ViR6zSqvQHaoBBGZcLqwx3ZJa8LU7MssnGHZsclxsg9dJVNEgQAjeVVWj8o4oMA68_ihp5H5dupkehJz1POCcuqHGpBpyjUJUr1H2pKw3ZDGInwD1plT6kvf35RRXMZWH1lpLQkhiZOnZ_badLMTQcKuBsutNfcYb4ngTHqBHZjkQuwFTK733V5bws7Y5ZIVTUBqyhpR4F3VMvMYbO1xvYjjFKXqUfo1gw1e5KScCBLMgIecAwaZ5&cid=CAASEuRorwi5tWrtfHuFPId9bt8Ydw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce4df91778184d3e16d8ac96ec54f2224975e2356e11f6a724eccd088d26dc0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32430
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 1E5C 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4082-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802320.437599,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 5030857
it
ams1-ib.adnxs.com/ Frame 1E5C 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiQho-UBhDp5vXb3pSLoBkY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF45doEgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q3NxMjhFTU9EWXZtOUR0SFBnQWV1MzZIZ0J2clN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDYTFyZFZrS3VzVDZvQXdHcUJKY0NUOUM0cnRPU0djUjA4RmJwenlPaHhxRjVTbFhRR0twdlBicjB0UVJpNG56aTZ5Ym1FZTg2eHFhX1ExZzFjSGtic19zMEFTdGtQbUluRlpMcW5BT0IxTklVOGR4ZFQyblMxSUdhZGRyeDNSMjN2d0tKZmtOVElJcEF2TVVHd0pRdjFtOXo2a0hmWTlNR294NEtSR3FhQTlXU0xhQlE5LVFDcEVZbGNLVjNCTHJ4QVpCZlBacjNIUmJSdDZ1VnlkUGNqeG1LdUJxV3MwcWtwdERfRE02bUV4d3ZwQk1DcDZjTTFmbzZwTUlLWFo3dXlReWltb3I0VXJfVG9tUkZQS0M1anRIN0tLOTRzWDhobTQyOFh2emZYREdfV0duWm5FVTltcXIwX0F0akV2TXI2LUcyQ3l3bk1pcVVBZDQwRXpheFNOOFkxMzczT25nOVNxa3lRN3NDWGdZczFGRkhyR3V6V0tZV2RSRWRUZjJYTFI0cGI2TFh3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F5LTRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD03eFJEaWtmeHQ5RSZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb3J3aTV0V3J0Zkh1RlBJZDlidDhZZHcmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzE4MTk1MDMzNDA1ODk3NzM2NzMiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAW2lsjG5aGm7nnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB-XaBNIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=a6316d278a5790c61bd437dbf1996e77f8e200fa
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7228fc8e-ddbc-4b81-a004-eb277f63e65a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E5C 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CSw2dsQXhAWd4CaAU5cyPmnsBljM4bF9cpMODWyGejatBjOJQ5_qWVBHZiEEcRmD_9UxnsnCUKNkKFl8VaaGTKmhXi7v1KDztZY0cX7GHbwi6OzaE
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BBE6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
expires
Wed, 17 May 2023 15:45:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame A3DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFdmPhT0ejj9MUFZWc2yJi4&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFdmPhT0ejj9MUFZWc2yJi4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNX0v6DkUR33x267Hgt5dcEnM7G8UPMbqsNVZWUGXAy3-e_KEQLRgp0UPSbO7mOtQbCVW_pVjIP_zQu0FtUg9wiBAmyC0lXIO3DjOw66vT7ELHzqi39R0T4s8qbX77pQr7ZYiI1kB6E54klAdIBqizujtJYDDvLzCd_mn42HIc-xLH825IQQWq0YIFb2-xku7fq9n7EVaC7wjDwIRz03bxu_JYr3sluqQCxxa644KEHv6d_eM9g
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFdmPhT0ejj9MUFZWc2yJi4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A3DF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2ZmZjczOGRmNTI4MTQ3OTIzYTY4NjViYzBhMzM5YTM3NDgyMGVkMw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2ZmZjczOGRmNTI4MTQ3OTIzYTY4NjViYzBhMzM5YTM3NDgyMGVkMw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNX0v6DkUR33x267Hgt5dcEnM7G8UPMbqsNVZWUGXAy3-e_KEQLRgp0UPSbO7mOtQbCVW_pVjIP_zQu0FtUg9wiBAmyC0lXIO3DjOw66vT7ELHzqi39R0T4s8qbX77pQr7ZYiI1kB6E54klAdIBqizujtJYDDvLzCd_mn42HIc-xLH825IQQWq0YIFb2-xku7fq9n7EVaC7wjDwIRz03bxu_JYr3sluqQCxxa644KEHv6d_eM9g
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2ZmZjczOGRmNTI4MTQ3OTIzYTY4NjViYzBhMzM5YTM3NDgyMGVkMw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pug
image2.pubmatic.com/AdServer/ Frame A3DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEGiizcAg4IasV3_AgUBao2I&google_cver=1
42 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEGiizcAg4IasV3_AgUBao2I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNX0v6DkUR33x267Hgt5dcEnM7G8UPMbqsNVZWUGXAy3-e_KEQLRgp0UPSbO7mOtQbCVW_pVjIP_zQu0FtUg9wiBAmyC0lXIO3DjOw66vT7ELHzqi39R0T4s8qbX77pQr7ZYiI1kB6E54klAdIBqizujtJYDDvLzCd_mn42HIc-xLH825IQQWq0YIFb2-xku7fq9n7EVaC7wjDwIRz03bxu_JYr3sluqQCxxa644KEHv6d_eM9g
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEGiizcAg4IasV3_AgUBao2I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
350
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A3DF
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkFDODk4ODAtNUVGQS00RTA3LUI3NTItQjhGMzU0RDBFRjY3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNX0v6DkUR33x267Hgt5dcEnM7G8UPMbqsNVZWUGXAy3-e_KEQLRgp0UPSbO7mOtQbCVW_pVjIP_zQu0FtUg9wiBAmyC0lXIO3DjOw66vT7ELHzqi39R0T4s8qbX77pQr7ZYiI1kB6E54klAdIBqizujtJYDDvLzCd_mn42HIc-xLH825IQQWq0YIFb2-xku7fq9n7EVaC7wjDwIRz03bxu_JYr3sluqQCxxa644KEHv6d_eM9g
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug022:0:376
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 5640 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Origin
https://mediawoot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 5640 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Drw9EdWzEwPni6fZ8wIZTWREQofTlUFzUpHnxq81ALN7nsLIz3M14FMuVdflzgyVNedEIt-DC6iTi5_cndywfVzdNxZrBWkKFaQuI25TY8B-QiKmsevanF1cRJYYuErJBuDR8jlkkWMo_c0BbrbDls0kv7Kw&cry=1&dbm_d=AKAmf-Cj3AWInNLaBiUsJF-6fT8JXGdwU6UfnWGXKwkcCW9CBgjK2uqUtTBCFHmuCDITC4NZvB9fZxUSJmXBd4_2Wf4noNPFUtgR-IrIcAUjk7lfNeST5hII9NZw_eu4sDhobjYJPWlC6TtI09P8_LGSZKrRjpHowyr40-pox9VnX-fJclEevV5Ckd5mNRJsni_LLvJL-vvhCzVbRJVBKbheeEH63s-6DsIQ4Zi8AY-6Ixrp2knVZee4hry4ijmNNOj5d4q95cFl6gjFxtqFuYNvxut1MWimxiFOKwXCd3h8bUmevBEKXb4FsGJ77bf6GLesqbULg2CVSJbkuEhFtMIOfIjQIbdj9ywGT46tM6ctHlBTCW82GvnVZNrtpqZvfWZCuRFM4Q2vzLaHNbxuD07VCX339XjPBWc4b4EtgRMOkCl6IfI4lnB6HklmqWYBlW6P5nBo7JE5lnN5rEQuiFeCCT4LL4tEMhQ5SamzldV1SE_J4JiIb8V6A3yl5fF2TWfT76xqr3rXztEjIUQVyQ5qmzjECbWcPhrb5WKE0N6tikK7kXKVbCu6K-amzx0sZw5JtRlflcYQWcqp_Jfr7qch7Vq82bvD28y3CKVsezz3Z_f5GICEXtDv14ECGjkj0xCvOeLCBBw_Qm9gf6EYYZe4xGxV1NTuAS3z1h-FGk5fn1C9EMEih5_u6DlRiejVQipKPVHMbtGz1-wogrhw4L1FVeXw8mzIk-lqpist_vvnRXJyvYqTwuuwroc2vTFGt2CyAMU4nOwvURSfNvAmQtsDFv_-WDNkw_BAUnVXgT52qcBlpqcWtfdj58CrdCif1ZDTKCI7BLrKmEhaPpQBfvWq0JwRC1Q8U2qOsThWusRTTBT-v2VGzesWkf57R2BZ6yk0UV4z_b1DV263nsNB7zBVASVvF3gEOaE6Q_UnjIvnyRRlBrsrmZuCOhG20sT14tMQUF8plevNFYVw66uBpS-RjbOcKjPTUp0MByAPX5aBF5MXfvWPL9G5wugieQ8VHsWGFmUvksb6IKDsrVLLnU3uyiwNdVKMCw6VtCK5zZJulnLSBc8tiojjkCYErUBinOhYZjNAycE_4eDH4rVIqtDmGn2_RRMCgJJvOZtx8G6KR-1e6IGXtZG0ysGHY0vBbkolOcsHkom6l4ck6MhLVDma0pzl05VaTcTSznfqIcJDHBQlS73ZQ0XI6O8nwec_xL-PPxgkmweXVbJgJdZhWsODXRBAPidiX_oRrVOC0TLYYlwFLGt7cNfGkRr5s6BobreIcu5VCYYHbTS1L4DaNrItGYiBR0Giy4yG2bnaYBz8xSfX_4V_ZIt-J83qaUsQj7Q23zj3h8iV4g4WsWiNITiFvN_KyuNi7eVNCTSckwsRvNJe_xuujL7fkUuYjv8wUctmh-Lz-XhttKxGO9Tt0E10IY55ai57D0-D_-Q7JlBQAyWb2FML7GVwKBnEW2VTlyQzY8HiSfnkD8AC_urR_4ymwWQrtXgnx3_3GYJ2R81nzfc7oiuqj1IkRRSf9ssGOn5wi8YU0o_Kyl_IEbM0v__aZ6sD-ciPeMDvry7r-DlRJVOo7vCm6ISJHUaqVsON2pxrqXFmoTtDdyo9xbHobmPXWSgfq3SwMOfwlKHAQXG0mNEXH2teHHEt5Szdf1SIz64TEUkZ1T_LgV-npmYUCcpqxkeDngwbb2xJb8VT1t2HIlGOV2YqwM_icMe4EyvIiFzhlraH9CzrPzqmFab2gZCh4E66IkcJDcxeIDWlHEbnnAWsAb_59YNCtfF361_8w4MeZCRKmVXMo4pRwhyr9JFttz7MYI66ernZEx4Hwu1Hcz4fiJr2OxHyo8P3K0ErhZ7Ac-VYgKd1drcYkkgMXAgx5ClBOPYPF3tv8TgOgTR8KPwVTJj6tk-YTVNsOOWzfv9dimktSNu0KrC_BTGuvwSwMmle1Lc-PIAOLeoa4na9lTRueoglgMwOJuSclvKQKqEH5RV2KnGEeOk17R46hcx-wSR9qrYggvwBCrOHxTZJtGtcQhi2We0rlkQyCUGXnGR4unI0VFCkTI6HfJllotmEMC9niu4Z0fzGYmFXyfoY2i5Ri4sSsBiTE-vSPV_BiH9NrpafpMolrI3o9hisvmpw4NRe1Jls89gBLB8gTRpQLtNAENSVgheHitXiRPOHnevTfGFExJn6ZXgWjnvcbO9SmMut0rK0_D-DUbhXxr816CkKmubOp9adGGuNUTtcLtEC4lbbjmm0zde-8SXK6e_zT1odC0cWvlZhAmJqNRv3AX_3YQRXN6AkWnZyNEmvbxNbEJIAKFXiiSgL2KF2SOKkVtFslOUi74ulD1MxQYTahfEaCDpVdjYlNLAm6Qyz611_afeoI5txCkxTIeKuotQQECNURBsrIJAq4fWFsub1iOdOiv25gdqkCsAS4FfaHlHLculGkd9oUgmwvCRk_BRwyUOVmw2yj3aKuI0cQjVdvz6TNlTvUdYxrzSyByB1tG4MvFS_1-xS88AOamFlcN94mjZ4ZWo7RvTCIJsduF8xpYLAxHBUtTzTiiTSH_k_0sMKtwg4oA8e4z4VgiRMaXTO_HIzbrhrQk56bMy0Gx1sWtlGBPxu0yIfd8l4ZrEnBJiCQTNEDPTSt9hMb3z9sWgCpxnot7KrOGqyOHLFiunD9zvD98BjrSkhRHiFamhcLKjb6sJzeCRkE3uqFMlMEiU16nQMG-rw0G8yy39xMGOhUst2rQr1nqza_KqoDiBn9Wy-TTWP6VxzthviQDJQaMO0e2rORbAoHd8Y3VnOX4EhLVsGaTRDYkkEw57OXIyDfHO38zzmS3qHw2rab8Uzw0gWXFM1gAAqQIQIEXXsPykvJQoRPKQCUt9Fy4kiOFpzWNh8C9CFHvA3lqtPdl_igzL5kKLGhoarpaHashUlsally3Z-tsL3N-OsbMcLKDEcYvqYCX7k0BpKAYC5mWWYab-jR09rGE5wPDcCF3W5bZnk7BftSuDZkqoPnOHQPY6cCsbfK_JKRNqjbRPKarVxGSRqVG3_v8CvC3A_UZZlt5nqCXbccX9CxxhWGqUBUpGXi6Q1fzde-LXC18pd1P8F9vgPB-EYad8lUd1KKtGKVj7iw_S8eQr8aUY1PAyueMAwoTJpDuSgJ11IMWpTzWlcsYUSoz08ByefbUK-E0-2pR4o1aiQJs705SUMckffMmbcSNjz1fmmLCAJNB-j8u3Y_EGordWXxBlvDWXmtYd_JzKIcIZb2r18xHJEqBWRYfLUdGsDFO4szJBRSmZD3TaAtY_Z0uHxzp70uKpf1G7K5etlazdWFQS68MajmPgtFW5LcEmuj8Dc4FsJTXjBdf-W8lqCv68eb_1mmNyYvEOudcwchObUx4j5c_wIe9EkC6l0wO8iVx6eX_hSTLxSns5DEpuDwWJTnIw5UhlblpP6xmPL_-Oeifpvigdf0dUiNsw_SjBg1V_Y4jshMLvqXPOnfxceREDwg6JLvQ8wj8m8jeqym04h4_XGVQVEL7pkhDcKbVWjSEJ-_pVIzAuNXBnTUArnMMtDg6J87PsOukdg4Jxg7IGxWXyQyy77WDIIOexOyguCri4ZEwIx&cid=CAASEuRoYDoCgVgBtDVimK1bHU7TtQ&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:42:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 5640 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Drw9EdWzEwPni6fZ8wIZTWREQofTlUFzUpHnxq81ALN7nsLIz3M14FMuVdflzgyVNedEIt-DC6iTi5_cndywfVzdNxZrBWkKFaQuI25TY8B-QiKmsevanF1cRJYYuErJBuDR8jlkkWMo_c0BbrbDls0kv7Kw&cry=1&dbm_d=AKAmf-Cj3AWInNLaBiUsJF-6fT8JXGdwU6UfnWGXKwkcCW9CBgjK2uqUtTBCFHmuCDITC4NZvB9fZxUSJmXBd4_2Wf4noNPFUtgR-IrIcAUjk7lfNeST5hII9NZw_eu4sDhobjYJPWlC6TtI09P8_LGSZKrRjpHowyr40-pox9VnX-fJclEevV5Ckd5mNRJsni_LLvJL-vvhCzVbRJVBKbheeEH63s-6DsIQ4Zi8AY-6Ixrp2knVZee4hry4ijmNNOj5d4q95cFl6gjFxtqFuYNvxut1MWimxiFOKwXCd3h8bUmevBEKXb4FsGJ77bf6GLesqbULg2CVSJbkuEhFtMIOfIjQIbdj9ywGT46tM6ctHlBTCW82GvnVZNrtpqZvfWZCuRFM4Q2vzLaHNbxuD07VCX339XjPBWc4b4EtgRMOkCl6IfI4lnB6HklmqWYBlW6P5nBo7JE5lnN5rEQuiFeCCT4LL4tEMhQ5SamzldV1SE_J4JiIb8V6A3yl5fF2TWfT76xqr3rXztEjIUQVyQ5qmzjECbWcPhrb5WKE0N6tikK7kXKVbCu6K-amzx0sZw5JtRlflcYQWcqp_Jfr7qch7Vq82bvD28y3CKVsezz3Z_f5GICEXtDv14ECGjkj0xCvOeLCBBw_Qm9gf6EYYZe4xGxV1NTuAS3z1h-FGk5fn1C9EMEih5_u6DlRiejVQipKPVHMbtGz1-wogrhw4L1FVeXw8mzIk-lqpist_vvnRXJyvYqTwuuwroc2vTFGt2CyAMU4nOwvURSfNvAmQtsDFv_-WDNkw_BAUnVXgT52qcBlpqcWtfdj58CrdCif1ZDTKCI7BLrKmEhaPpQBfvWq0JwRC1Q8U2qOsThWusRTTBT-v2VGzesWkf57R2BZ6yk0UV4z_b1DV263nsNB7zBVASVvF3gEOaE6Q_UnjIvnyRRlBrsrmZuCOhG20sT14tMQUF8plevNFYVw66uBpS-RjbOcKjPTUp0MByAPX5aBF5MXfvWPL9G5wugieQ8VHsWGFmUvksb6IKDsrVLLnU3uyiwNdVKMCw6VtCK5zZJulnLSBc8tiojjkCYErUBinOhYZjNAycE_4eDH4rVIqtDmGn2_RRMCgJJvOZtx8G6KR-1e6IGXtZG0ysGHY0vBbkolOcsHkom6l4ck6MhLVDma0pzl05VaTcTSznfqIcJDHBQlS73ZQ0XI6O8nwec_xL-PPxgkmweXVbJgJdZhWsODXRBAPidiX_oRrVOC0TLYYlwFLGt7cNfGkRr5s6BobreIcu5VCYYHbTS1L4DaNrItGYiBR0Giy4yG2bnaYBz8xSfX_4V_ZIt-J83qaUsQj7Q23zj3h8iV4g4WsWiNITiFvN_KyuNi7eVNCTSckwsRvNJe_xuujL7fkUuYjv8wUctmh-Lz-XhttKxGO9Tt0E10IY55ai57D0-D_-Q7JlBQAyWb2FML7GVwKBnEW2VTlyQzY8HiSfnkD8AC_urR_4ymwWQrtXgnx3_3GYJ2R81nzfc7oiuqj1IkRRSf9ssGOn5wi8YU0o_Kyl_IEbM0v__aZ6sD-ciPeMDvry7r-DlRJVOo7vCm6ISJHUaqVsON2pxrqXFmoTtDdyo9xbHobmPXWSgfq3SwMOfwlKHAQXG0mNEXH2teHHEt5Szdf1SIz64TEUkZ1T_LgV-npmYUCcpqxkeDngwbb2xJb8VT1t2HIlGOV2YqwM_icMe4EyvIiFzhlraH9CzrPzqmFab2gZCh4E66IkcJDcxeIDWlHEbnnAWsAb_59YNCtfF361_8w4MeZCRKmVXMo4pRwhyr9JFttz7MYI66ernZEx4Hwu1Hcz4fiJr2OxHyo8P3K0ErhZ7Ac-VYgKd1drcYkkgMXAgx5ClBOPYPF3tv8TgOgTR8KPwVTJj6tk-YTVNsOOWzfv9dimktSNu0KrC_BTGuvwSwMmle1Lc-PIAOLeoa4na9lTRueoglgMwOJuSclvKQKqEH5RV2KnGEeOk17R46hcx-wSR9qrYggvwBCrOHxTZJtGtcQhi2We0rlkQyCUGXnGR4unI0VFCkTI6HfJllotmEMC9niu4Z0fzGYmFXyfoY2i5Ri4sSsBiTE-vSPV_BiH9NrpafpMolrI3o9hisvmpw4NRe1Jls89gBLB8gTRpQLtNAENSVgheHitXiRPOHnevTfGFExJn6ZXgWjnvcbO9SmMut0rK0_D-DUbhXxr816CkKmubOp9adGGuNUTtcLtEC4lbbjmm0zde-8SXK6e_zT1odC0cWvlZhAmJqNRv3AX_3YQRXN6AkWnZyNEmvbxNbEJIAKFXiiSgL2KF2SOKkVtFslOUi74ulD1MxQYTahfEaCDpVdjYlNLAm6Qyz611_afeoI5txCkxTIeKuotQQECNURBsrIJAq4fWFsub1iOdOiv25gdqkCsAS4FfaHlHLculGkd9oUgmwvCRk_BRwyUOVmw2yj3aKuI0cQjVdvz6TNlTvUdYxrzSyByB1tG4MvFS_1-xS88AOamFlcN94mjZ4ZWo7RvTCIJsduF8xpYLAxHBUtTzTiiTSH_k_0sMKtwg4oA8e4z4VgiRMaXTO_HIzbrhrQk56bMy0Gx1sWtlGBPxu0yIfd8l4ZrEnBJiCQTNEDPTSt9hMb3z9sWgCpxnot7KrOGqyOHLFiunD9zvD98BjrSkhRHiFamhcLKjb6sJzeCRkE3uqFMlMEiU16nQMG-rw0G8yy39xMGOhUst2rQr1nqza_KqoDiBn9Wy-TTWP6VxzthviQDJQaMO0e2rORbAoHd8Y3VnOX4EhLVsGaTRDYkkEw57OXIyDfHO38zzmS3qHw2rab8Uzw0gWXFM1gAAqQIQIEXXsPykvJQoRPKQCUt9Fy4kiOFpzWNh8C9CFHvA3lqtPdl_igzL5kKLGhoarpaHashUlsally3Z-tsL3N-OsbMcLKDEcYvqYCX7k0BpKAYC5mWWYab-jR09rGE5wPDcCF3W5bZnk7BftSuDZkqoPnOHQPY6cCsbfK_JKRNqjbRPKarVxGSRqVG3_v8CvC3A_UZZlt5nqCXbccX9CxxhWGqUBUpGXi6Q1fzde-LXC18pd1P8F9vgPB-EYad8lUd1KKtGKVj7iw_S8eQr8aUY1PAyueMAwoTJpDuSgJ11IMWpTzWlcsYUSoz08ByefbUK-E0-2pR4o1aiQJs705SUMckffMmbcSNjz1fmmLCAJNB-j8u3Y_EGordWXxBlvDWXmtYd_JzKIcIZb2r18xHJEqBWRYfLUdGsDFO4szJBRSmZD3TaAtY_Z0uHxzp70uKpf1G7K5etlazdWFQS68MajmPgtFW5LcEmuj8Dc4FsJTXjBdf-W8lqCv68eb_1mmNyYvEOudcwchObUx4j5c_wIe9EkC6l0wO8iVx6eX_hSTLxSns5DEpuDwWJTnIw5UhlblpP6xmPL_-Oeifpvigdf0dUiNsw_SjBg1V_Y4jshMLvqXPOnfxceREDwg6JLvQ8wj8m8jeqym04h4_XGVQVEL7pkhDcKbVWjSEJ-_pVIzAuNXBnTUArnMMtDg6J87PsOukdg4Jxg7IGxWXyQyy77WDIIOexOyguCri4ZEwIx&cid=CAASEuRoYDoCgVgBtDVimK1bHU7TtQ&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:46 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 1026 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Origin
https://mediawoot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 1026 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdHGQvRXsb-429yQleklrK4nk2fRCrWHj0fZtMsof5CjXomcEPSj31CxuA7vwtMNR4cJBwPy7K1EyxtL2tOjuuA_uQseZBjZds1espKR4LGK0ifNScnyRDyAKb12rOWxHQ7_qo5GJ5EIrG0EPaw6QMDJb-Dw&cry=1&dbm_d=AKAmf-Cv6PQTbKj_hJSY5sCf2rMJHNGKJcoHs4Da3lsEq7bvn3hO0yOmoaSpj_hSFPssX43nG9UnU85OOjXmo4kOLslu6_JmrfI-5wGuYRG8IykImX-c6K8BSFNOPZEe8pF_t3j1Ybm4No1l08UhD6hKnpl9o4oJ-8cLqvMdLqNrysTSw40tI8W_Ffkh3uhFZKIx4gtvyHLS-buwJHfYYv-fDp7TXxywIk8bJ9hrXzY6P0YzaVp7WBWSr99rpWTWLvJF7lXuG7i8BDrRzhi-eXqNbXi8CNyPL8nc4ceZ2vvi7fj7Nb3iXA4ikLtTyyFj_fid58VoSmZ8Mvrwl2AjztIM8TBxqmhO7j33G307l6KjC3YQ4gMnr8pnr5pC4b-Nk-WBwjCth0BQePI0wSbMcRLdBJ1Os1P6temGuXqkGHVK4QxeJ1OWf0Gmtz8c-bzmYgMgnBU5RCItWUvltdbKJbTk54T7QH2jlusk7f1pyrSCwO3HZqhE3AcNo5PHC29EKu3W-OLdPGiZmZhpfuMT15hcMH_zVVATsdCuZ3j0rGo52x7edXHMvlC0kYcYp3NFIriR7H5es1fMh1QxgQ7oTmQUL4OpjfHefsk510Ld38fE3hzu95e0b1ki6rQbTHbfA38QtXcK8MBcEeF97Eiq4gCI5_nDrkhYoQjngUFouJFnUNAb1VhJmUPAL5IUG1BReAk1MLOecAYViw1JnWOTc-U05hM9-0VV6ZQFv6p5lTOk_IRjhJOOc1R3tJ00VPS_DEE8juBQnlQpUWOoRMNmOkkrRjOSp4ppELS6yBqfZc1nyZXL_jwAncgIgnzceAZzJ_tQM9rg9pn65jZWxovIIIR1paem7Em58VoB6emYrNkaoEAKPJqMD-ivFcNL0XUikW1iiJ6VVsR60-TzLJ-eCZLuxbr95zsYdmW_F4psT9kcIC-oykhV_StuyeGj8sH2sUR2whXXr9EcgfgnFKHUOCIRKfvv1cZW7rGn4stGNYt3FbSEBJp_dVP1GscJxxZc5MqbovGJAZ_k2_9Dc6pC5qlXugsuw-TvVuxAOXekIq7KQdssPTXwQxslB1LZKjVGPloy2PvwhylWdcMn3CKVBc1geAfMJvIHHgmjQoAJ0oxV4lrD7L64neiKvBH2os3XW0F6lbcT-ED9Pje2w88U9ccB2-9IfvjnNntMotZHpV4o1-jfgMfXTScqFcdDt340RvsGbCTC-MGrHTkerPawNfNBrnRHFrKIpKDvAx0lCoIpxnj3hLHj10SluVcREUTHWrQA3Z4bmXXHCpqM54tLF9zRNB-BmduUOb2do4Eyw5MuSKbEepMVxlzq330TjDhj6fH4JA9wez0OyPmr7M2eXyYti8Q-wBfOCKAi5UwjdphTfRmuq5TDCIaqxTmGzKPNVMVeb7WAy4442etfgwChCqQfUdZz0lJnIeN6Gzs1kFicreTLMz10poixHnK7LwAZb7tDVky3KaBm1ox-l6P8mlvOyM3j9a76z0myGvT9zbKLCSjZjwdQOWe7n_kjaXtxqwZQ9yE1bu0ryWD_XGjPzUQddgNbZTmMFc7zPnAe4dWztAs7jV65S_enrm8e6PVp3tc6BCQmwc6FU-kjJCjOxosWJIvneXXMTeyzHj5pkG5rikV76-rZmLb1MRAashUYhr8bRNf7ygpN0gbaeFNvC0YKAZmcgy7oKIs2dCrpptAWf0OBwzHCfBBLvIjKW1FGmbjE3DjGfFBdawWcsNIjGZlo6nS5-fpqRgAgUM00hjKaQaesM14nY0q4e6VfDJvhW3Q6XmjzTP9uDMHn5D_0JoOun0R_eLY6QCtcTwErDzptLLwbZgy631RXRaGaMglQLaKQbyV_wF5TsN8GR5UpsMN0UdlnN-kpg3g-4PXQ5WfFIRNAIbaCJuRiWpUhSLr7Bc4qj9exTkV6xgB3emqezKU8jtdIA-BcZEt9ff909cuvYPBB5wuMFlCWRu2rYz-rTQ_VKDm4LvkJ15lneaKg5G-jUe5b0lf84E12D1z3P6-0bzvnttyKAdx6_rYJc-ylXf_i_DXK-egXR6H-EkIQgV_oRprLk-mtXcedpb9jt0Ymm3LouPJjivXRiWibv64N6wfvBqFcSC6oHwrOmTrbP_h7_HKtm_Ismnty456NGL3C--BqsuZw_rGBPHECLYCnVQWx1J0dXYmgrq_Q33QiHXeIDt-EDMvlqym0sk2i054RWR4uEyzEeRHPvqYmsrmpWE11zixG_DmPE-B6o_SxVb5UdMjxq9zsnP5N9rmvTqo8EOQu8iB_x5dz50270iublHOefcOymZtPkJZumkP_ZMEv5BIkxOZAgS9sa7B-Edzi4Q_zfte5XbYbfaRNi7VEC2-3pE9FOyyLKLcDi2fJ9-ixB2_jL7GmXqLnt3T1ybZtTfB1aT0DXAS-FqLTuMvmody15uCyl00Ou5abPh32hBXLv-mVz6igmZqnGrur_UjmIO7FsyIeq53r6QLe_R1K7hH-dhzG11GkealxEvYNMkRakP5sAfeExIfzgBzGW2mbjPiFqLCgJJiLLYchrQdQa7CPO350CJOIzq4ZfTHVyl6c_MZ4F0iBuMS-dqhJcSPY0WcuwNC5nVbMesm7UcDvExag5jBlb5Q16-AVTIDRtllyb6N2oE0joneAueFoicDNKwC721zBeKO-pdhSSXJLVCbRkXhUWKWg3uuXIp8Oi9FZPy0Ix7__jMQfR0zwDp46NA1-dw1LYVyAlkx37H35RnmYtG3KHOfasRvoHNmqImHBTx35-Fcdg-QqmaqWioFOmhho87Eizd8Sn2R_AHXe2P68q_nKYsYUqNMJmXnTcirIdw4egUVYt83slJO47u8tV4uzr-nGqZ74RA3727qq65_NHyYtCnCoX0GHBcRpir0z-7-PeAD6-e99MaZivzSyzK8WXzPRez46u-XV13ttus6npCWJKIDvT-_BAoyKiySYj1cr_RcbesjGCZZbmBslIwYXlFi6WdiFUbVc1K1Pj-dgnHgzZk4qVvE11aNWlYq9uBfFxzJfRZD22hsFzAur2fu295qqQdoI_NI-CGCNp9rIduagNpHEGBylEcfkspottQVsKuFLlOjZdUutA8XxxH8qVKPE8FuEjRflmWDZx2ixFU9gd-X0ziDJ9RBuXl2O3ExllcvJR2ZMh1G8DfuktdFaxUgYwD9_GPnEvFCvbopb1Yr8OPonoESp6nSxKkQxeXizUpGc0-ZvO3KGmfa0ZUw4GxmFeBoyEn0CA546A600gSIgbnFXbSIqu-IU05kEFLo6xKIQVQfufMpsAX-JtE5SZ2RVnx9nR-YOhSZQe4KIiAXRgkJvhVWcNPlXs4iZ1nNdKp4lW1uamt3f4L0yl5E52e1PeoVflEE3fzruk8ZbV1AhXhDxkRwr4k-yLYniVW9qt9YnH2xM8fdOKSkk3piOx_xrVlfBpPNRwuOxrftdNe3mwWpg1qiiRbcYHd0gEZFiFyOmbjNdrXRcXz6CPVb4-ZDBhuDuyoDyor4lToYRZyULV1ddm-975PEor_37pewK3zrgHFHW3u9HjgprKmQyZ6EnuTZuMPTP8ruiuYua5quDqhY-&cid=CAASEuRo6UAjP6MyDoQLQlQ7vvhUQA&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:42:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 1026 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdHGQvRXsb-429yQleklrK4nk2fRCrWHj0fZtMsof5CjXomcEPSj31CxuA7vwtMNR4cJBwPy7K1EyxtL2tOjuuA_uQseZBjZds1espKR4LGK0ifNScnyRDyAKb12rOWxHQ7_qo5GJ5EIrG0EPaw6QMDJb-Dw&cry=1&dbm_d=AKAmf-Cv6PQTbKj_hJSY5sCf2rMJHNGKJcoHs4Da3lsEq7bvn3hO0yOmoaSpj_hSFPssX43nG9UnU85OOjXmo4kOLslu6_JmrfI-5wGuYRG8IykImX-c6K8BSFNOPZEe8pF_t3j1Ybm4No1l08UhD6hKnpl9o4oJ-8cLqvMdLqNrysTSw40tI8W_Ffkh3uhFZKIx4gtvyHLS-buwJHfYYv-fDp7TXxywIk8bJ9hrXzY6P0YzaVp7WBWSr99rpWTWLvJF7lXuG7i8BDrRzhi-eXqNbXi8CNyPL8nc4ceZ2vvi7fj7Nb3iXA4ikLtTyyFj_fid58VoSmZ8Mvrwl2AjztIM8TBxqmhO7j33G307l6KjC3YQ4gMnr8pnr5pC4b-Nk-WBwjCth0BQePI0wSbMcRLdBJ1Os1P6temGuXqkGHVK4QxeJ1OWf0Gmtz8c-bzmYgMgnBU5RCItWUvltdbKJbTk54T7QH2jlusk7f1pyrSCwO3HZqhE3AcNo5PHC29EKu3W-OLdPGiZmZhpfuMT15hcMH_zVVATsdCuZ3j0rGo52x7edXHMvlC0kYcYp3NFIriR7H5es1fMh1QxgQ7oTmQUL4OpjfHefsk510Ld38fE3hzu95e0b1ki6rQbTHbfA38QtXcK8MBcEeF97Eiq4gCI5_nDrkhYoQjngUFouJFnUNAb1VhJmUPAL5IUG1BReAk1MLOecAYViw1JnWOTc-U05hM9-0VV6ZQFv6p5lTOk_IRjhJOOc1R3tJ00VPS_DEE8juBQnlQpUWOoRMNmOkkrRjOSp4ppELS6yBqfZc1nyZXL_jwAncgIgnzceAZzJ_tQM9rg9pn65jZWxovIIIR1paem7Em58VoB6emYrNkaoEAKPJqMD-ivFcNL0XUikW1iiJ6VVsR60-TzLJ-eCZLuxbr95zsYdmW_F4psT9kcIC-oykhV_StuyeGj8sH2sUR2whXXr9EcgfgnFKHUOCIRKfvv1cZW7rGn4stGNYt3FbSEBJp_dVP1GscJxxZc5MqbovGJAZ_k2_9Dc6pC5qlXugsuw-TvVuxAOXekIq7KQdssPTXwQxslB1LZKjVGPloy2PvwhylWdcMn3CKVBc1geAfMJvIHHgmjQoAJ0oxV4lrD7L64neiKvBH2os3XW0F6lbcT-ED9Pje2w88U9ccB2-9IfvjnNntMotZHpV4o1-jfgMfXTScqFcdDt340RvsGbCTC-MGrHTkerPawNfNBrnRHFrKIpKDvAx0lCoIpxnj3hLHj10SluVcREUTHWrQA3Z4bmXXHCpqM54tLF9zRNB-BmduUOb2do4Eyw5MuSKbEepMVxlzq330TjDhj6fH4JA9wez0OyPmr7M2eXyYti8Q-wBfOCKAi5UwjdphTfRmuq5TDCIaqxTmGzKPNVMVeb7WAy4442etfgwChCqQfUdZz0lJnIeN6Gzs1kFicreTLMz10poixHnK7LwAZb7tDVky3KaBm1ox-l6P8mlvOyM3j9a76z0myGvT9zbKLCSjZjwdQOWe7n_kjaXtxqwZQ9yE1bu0ryWD_XGjPzUQddgNbZTmMFc7zPnAe4dWztAs7jV65S_enrm8e6PVp3tc6BCQmwc6FU-kjJCjOxosWJIvneXXMTeyzHj5pkG5rikV76-rZmLb1MRAashUYhr8bRNf7ygpN0gbaeFNvC0YKAZmcgy7oKIs2dCrpptAWf0OBwzHCfBBLvIjKW1FGmbjE3DjGfFBdawWcsNIjGZlo6nS5-fpqRgAgUM00hjKaQaesM14nY0q4e6VfDJvhW3Q6XmjzTP9uDMHn5D_0JoOun0R_eLY6QCtcTwErDzptLLwbZgy631RXRaGaMglQLaKQbyV_wF5TsN8GR5UpsMN0UdlnN-kpg3g-4PXQ5WfFIRNAIbaCJuRiWpUhSLr7Bc4qj9exTkV6xgB3emqezKU8jtdIA-BcZEt9ff909cuvYPBB5wuMFlCWRu2rYz-rTQ_VKDm4LvkJ15lneaKg5G-jUe5b0lf84E12D1z3P6-0bzvnttyKAdx6_rYJc-ylXf_i_DXK-egXR6H-EkIQgV_oRprLk-mtXcedpb9jt0Ymm3LouPJjivXRiWibv64N6wfvBqFcSC6oHwrOmTrbP_h7_HKtm_Ismnty456NGL3C--BqsuZw_rGBPHECLYCnVQWx1J0dXYmgrq_Q33QiHXeIDt-EDMvlqym0sk2i054RWR4uEyzEeRHPvqYmsrmpWE11zixG_DmPE-B6o_SxVb5UdMjxq9zsnP5N9rmvTqo8EOQu8iB_x5dz50270iublHOefcOymZtPkJZumkP_ZMEv5BIkxOZAgS9sa7B-Edzi4Q_zfte5XbYbfaRNi7VEC2-3pE9FOyyLKLcDi2fJ9-ixB2_jL7GmXqLnt3T1ybZtTfB1aT0DXAS-FqLTuMvmody15uCyl00Ou5abPh32hBXLv-mVz6igmZqnGrur_UjmIO7FsyIeq53r6QLe_R1K7hH-dhzG11GkealxEvYNMkRakP5sAfeExIfzgBzGW2mbjPiFqLCgJJiLLYchrQdQa7CPO350CJOIzq4ZfTHVyl6c_MZ4F0iBuMS-dqhJcSPY0WcuwNC5nVbMesm7UcDvExag5jBlb5Q16-AVTIDRtllyb6N2oE0joneAueFoicDNKwC721zBeKO-pdhSSXJLVCbRkXhUWKWg3uuXIp8Oi9FZPy0Ix7__jMQfR0zwDp46NA1-dw1LYVyAlkx37H35RnmYtG3KHOfasRvoHNmqImHBTx35-Fcdg-QqmaqWioFOmhho87Eizd8Sn2R_AHXe2P68q_nKYsYUqNMJmXnTcirIdw4egUVYt83slJO47u8tV4uzr-nGqZ74RA3727qq65_NHyYtCnCoX0GHBcRpir0z-7-PeAD6-e99MaZivzSyzK8WXzPRez46u-XV13ttus6npCWJKIDvT-_BAoyKiySYj1cr_RcbesjGCZZbmBslIwYXlFi6WdiFUbVc1K1Pj-dgnHgzZk4qVvE11aNWlYq9uBfFxzJfRZD22hsFzAur2fu295qqQdoI_NI-CGCNp9rIduagNpHEGBylEcfkspottQVsKuFLlOjZdUutA8XxxH8qVKPE8FuEjRflmWDZx2ixFU9gd-X0ziDJ9RBuXl2O3ExllcvJR2ZMh1G8DfuktdFaxUgYwD9_GPnEvFCvbopb1Yr8OPonoESp6nSxKkQxeXizUpGc0-ZvO3KGmfa0ZUw4GxmFeBoyEn0CA546A600gSIgbnFXbSIqu-IU05kEFLo6xKIQVQfufMpsAX-JtE5SZ2RVnx9nR-YOhSZQe4KIiAXRgkJvhVWcNPlXs4iZ1nNdKp4lW1uamt3f4L0yl5E52e1PeoVflEE3fzruk8ZbV1AhXhDxkRwr4k-yLYniVW9qt9YnH2xM8fdOKSkk3piOx_xrVlfBpPNRwuOxrftdNe3mwWpg1qiiRbcYHd0gEZFiFyOmbjNdrXRcXz6CPVb4-ZDBhuDuyoDyor4lToYRZyULV1ddm-975PEor_37pewK3zrgHFHW3u9HjgprKmQyZ6EnuTZuMPTP8ruiuYua5quDqhY-&cid=CAASEuRo6UAjP6MyDoQLQlQ7vvhUQA&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:46 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A37C 		338 B
207 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNXPNtqKpw9KlM9G-oapKF48Wq3II3AvuDGeXFQPrMWV2jutnr_2GPP4-PZQWOePkSS19rZm7HefZDxER8ydWLj9QtRrQ84VOTFaRgOVG1837-Bc-bZg0447Q4NtyCx9mfnrDu30svDYsECnGz_Y9O_MVSfq89AQqm3nGKYW5dQNoZZIu_WF68S3qW7JsULTsiqf5mEYYP57LgfqKKLYdRYKSLbyh6cbrX6RsIhxwcwtIiV1mbY
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22f49eb7330f44c8d55ed33655173c93957287695fe70ad5fa91709959b42c0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
186
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 0622 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BigT5iFZGsa9g7LSwmlIlijJZsgbpsphIyXc5StjMuJeRqh5hvu4cI429VXMIy8SoYK5p8Ko1u8akOPzwq-dkkq9oIhnEfVB8pav_addqNcv_DxWPrUX8TPeeSyZXupjVG0pxOwG8LUpN8XKzQc8HCqUlxfw&cry=1&dbm_d=AKAmf-AsmF72j41H_swg9y36ef_xwudh950mdd3uTePPogN2oHVzjNd7zITaxiOSDwKYga-yKj3XoQw5njvpb7NfCmSKsgzk0Z6kB4pybPrGo_r2WTgK6cqSoEvB14Ed93nnLDhrSwgBBpO2mpxJNGmMQrH-c2hzNf4cFNK7FPOr06jhFt538986f6XAQ5CuGQqLadzD6TqPY70Bzi9Be3AiKw0oPS3O4ResNRCAGF1ZbsU8Pr-nsDBe98rL36w35RibagG6M9zk0jCsaBzFitCqQIsk-p67_kSlXtM_Zv3YLxz5j1M5Jt4dTJ1LuYGE4pYdSEV2EhiC_8sqc_inwyWGwB9bGf5MUyw2JwwNrI9dGZ7ToKNgZj62G50Bq0Tp9T12IaTNQirLoi7bul7jpoHFQ15q67IEwDa5xz7_5cNCc0ZKUNti0tomAKKtvkUG83L6njuzbLJAAaTAWIjeSvPjJCLcTZNLX462tTCW-4zkQMz81iS-GP7fvgkC3qbOpVbXNhcyyldKFtyqAFwuKgeoku7uW5OKlR2ibzLH_Zn3C8vj5iVAv9XQf2t_B8nRg2lASGYIQ0iY3PIFLC9IMQwfdKXfStjdqYX0cvIpnilEOKymEDC1L9_M-79ORzpI9QRU_nvRAgotFvhvK51goLJJFu9V6oHubexvBajIrY6O3LETOTKhC4zMxtkELNedsWzx8Hq0wxhbfVOZyiXgeXcZTMKj4niijY8bTizSo8k0roWyUJuShJEQYhhsgpfsuPZSBXHV12j-SDlZggKb66wAlOZNKaC1LnXMdTPxY8K8G9D8NGFGHrFP062lcuLX8pRnVJIHkD1mKLjMZSOngoh9l7C1B_VKgdDe8BB3YCe5rCp6upJ-5Cd_wUedfQ0aJICDt53lf7cZY6W7Ba57MHt9IfjEfRVAlvAgFUSG44F6m4Bk9sfRga091pXK0FbXDr4wYWbOB3sdsg1g8xPLfV-sUYlJhcOy3V1HdPH4DwzaBTgzqDzmiokLBLGdqk9APnFwQ-_pQOIl3fCXAA2KFsSK_IwEP94S26vMXjTsZF0KLX-hgVh81T4wtYCNBATRm0vkDZSDxResTnlaEoSxzyDHvwU0HVybKochPnf7y3IfqcjWVrTKdTBRZL_xqKiW4-1eMUvdJFtie3XxvnUJ27RsZw4-uzmIko4d4WD0YCvRyQn4wMgLaIrlCxFBZOO41Gy0Jzt8QK_GarmIH239ps_JE8qtunUruu-IsL6BuxmMaiS0xzgV6k_nSsNJicuIBclGDWjxid8AjksYxkeDNVO-7r_W1_rINStm_rE1GUQOmYkLUkXONjk1uto2C8-XxJWP75FJxm6QNwVWXgdWeoqjv43GGqQ16LFa7tVwP-QE79ioQCjmuGs3ApX0PTvN0EJBn2Ic39JZcd1374mkoTpxE7ampQzeZcK7Y-ZM_d6rk5RAZ0npemZUJlQwmONJjF028e_fP49uMwu8QSv-fUuaSHpq7VWkuuIVelpE00ItN1QlMj116dOO19to7rREZFIwKeFhNn_zivSywhASwPTdvEQbxiSjiXxI_CAgxyozC3Z_CQR-QqTp6BmvlPJARCS6bSbhD90dRminrf9krJteb4nYvKfR_7cag-g2WZKWiJUqkoRxVxOKwMH0Zl9rL9jNNrJlMXzKu-SF59LDtr4qGRouJCFcZcC-61OVf-XIoAHU5qKlGW7FJO-lUV9BylYftP4drlIBK-IC7JgxYi_pH3LZp4mtzSkHu0zEMA6owRK53T5Go_X3RQiQRWrTYThO6K6ZzO9Q0Ynx89r99Qq4TA36Lx9s2prCdob6HB3Fac4UhdcInghFBzLzpPMirodqi4-zby-w8e-ugiRjRCpw4o7ds4GEmYSV58XAstc-mHCqmSJ6ZW85X-u4iaM-J9y1U7coqHjW8Yuy4HJ3rxDdIUpzfx0j1CjOPowbbt4lTbsVmyu-HMQIi4KskAX1sMHr0VTkL4vZ01oyHr55a6AbEXmPqm0SzAfSEajrWWekMxiWe9xohznhEFVE_B-W488VwwWghVc0DtiITmGnhdo6KURdbUUJeAATeRuJAl7zJyNEU7mhjUBkJUY0tmS94R6NtGq3q-cGwMT4B2u0RriHaSFToWShCPeF2Dq3AecCeTG72atg2tpVwSzOnxe6oezua4ZC6FV8W7_NVtb6QtDM2JgiyEVxxZPcjV8ixZN1S-zBAMl8aPVXcWGrEJvkxfFDuKkmNsHLoSqnch9bsiCNCQnkwt2-u-67SgIAsZnLcY8DBabVSZlS6-CdIiMALleQNZoxHp8mpbWafY8q7AgKQuA3BIAUX8OwLWfng4aOQpF1AdRjOagvKuWMPCxWSAgIfWw3jy27lW98NogusShfjeNLzii6IiE_Q4tjCom8FeBkKPa-S06XQ4hPc56C1cN-r9hLkwjFQxuapMtjzsYWjTYIfXJy1NHcEldRPE26deHYZeYKPnop2-Uar5fEhgpS2nGp5hPBnNPmoRNnxizod1ID92uSnywYt522xKMIG5synBqzpLQZVNLB387rSvAP5GuJFjxEn79YMiIuBUqLu5tOvnIW8Z8XJo3TVGhyhxZ6Gt_KzrKPc4RX4_uhUUYEPL3h0wWV7KvIVMGf7Cb2EeocacKjeSW9ZIK9K7oLRxbbqwD2ZEZ-XfIsu02pHkx_BVM-dgUFCE2cNtLAKmWfXfxwP1x-v0p3DAWppI5HnijPECrlSfow8NG0LwnVFZ8zpPrOAN7BJ4JRshOtpKZ1_wVw8UKXy5xiHcOHXPuRDOn-2gR3jm0Py6_P9Z_IgOwySSRVSEnpL46gcnmf2HNvqIIsHDZDteIy1jEvX6Jcp-uMfJctVicInpCyFLm86cRwtgF8fzmmhEoM_WqAMbCYP2xS93JVXRwaZQ-L6DT1BN0wMVUsqd4zZFFM7Q5pgam5OzgLYoh0cMG1qTRFmI7WI2ctrD2K3B_dfz4RxF6-gcPMTw4MlCNpZfUBCYjomSJ27d1qIuxonxVyHaBXNUTXPBIG700Nel6QHjsWQC1_b6LlGB6TYkeWusvIfUuF8tafIouZTrh1T7oBwFEj3HJ6c8bUE627OmFl7_Aq4iFZwua1u9dD8Qv3E0u4QeSy3CdmSP-RIQbBQ6WbFh9Ur4-1rnd1mESNuXA9NTd4JEXZafdrQl_qv7DDQWl4d7m-v58d_aXB3awPsmWBpuwBWNie_9juWEACjwZ2sZZJyQxNvlqf_D9_iMhEDbubpYeIiqBd_y4haNhhalbYLvXiz87kc9c7-95K_3t73ffQmizZZrx81d5HO83lUt__bTcGBNccEckz1Gq5A9eo3SOvosZzdM58L7QMPmFOgGelOD-g9ss1Mc1nNQVttlikJW6l5TfciFcD4sJs9Uuw5kKqXwE6Fvciopy6_h1X-RnyOEL03b9pLJAbpKC4byMilzLQk1XIj5JXVmHA0zo8-JyS9V-8SQBGcErO5qQ76r-6YY0bKZIEr7ok47DssR4uZLI4zt56gXAi98lhXO308RhJmRjh-s3In7NcNMsglJVrDzNH7oLMgraKnm2V22JGfwDMwLaTk9_EtbuUYP08XhXfX3Kckd8WIf_7mw&cid=CAASEuRovBn0sQFodZ9IPj2XvDeLIw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac449f75ab7336c99ac2e2212656968ba4d0424992b1100bb178f86114b7ed58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 0622 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4082-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802320.494551,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 5030859
it
ams1-ib.adnxs.com/ Frame 0622 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiQho-UBhCiitvB8qvosEEY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4mL4DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q1FkbDVFTU9EWW9xLUVNbWk3X1VQXzhHQndBMzYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW9PWnRtLUFwTEUtcUFNQnFnU1hBa19Rdk03VS1RV09zZEhlYnlNS2hOeVFMdFhjMFQ5UV9IX2toZGN6YVZYOEUwQXZxVXhlbmNCUFhJWEs4SGR2U044ZGV5dVZweDFSQ2NWcVRBYkp1emtOcVdKWk9JWFdoZ1d1WVdNbHJhVWRHLWlFdFJqOW9rQjhMRUMxM3AtNm8yeHZFZUlJaVhoR1lqcHhtZ0RlMGcyWFh0a0dzX0VvNUxWbUstajBBR05GX2JlNU9DcVc3YlBGQXNEUFRwWklLbjhUZnpqMEF0QmFMSGd1dVpJOE0xVFVKc2hVY2ZMSkNteTNJejl0X3BwWF9TSWx1UWdNc21Rc083QU1sdGdWbVNFdzNIYVliVTJvUmlueFVnS3IwUGNwNVZmbExYQThLUXJTODFlRTBkeDM4VFFmN2tSR1JXV01pZVN5RUlJdVdXdnY5akFjclZ4U2VTTHJra1FTemo4VGI1enQzV2VDbDExUlpSdzRsWUFhTjV0bDYxS0xRTUFFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9QUU1MFNtQ3MwLWMmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um92Qm4wc1FGb2RaOUlQajJYdkRlTEl3JnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM0NzExMjI0MTE1Mjc0ODkyNTc4IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFz5qsiIS22LMIwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAeYvgPSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=5e9d9152ccf949de4170bb90e08d264047b1bca0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0f294a63-47cf-4069-97b3-78f9e19026a8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0622 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BhzkdFowPhBELqFauz5I4E0G7Dei_scUzg-kr7zQsCGs7kE_A4bUuEtfYeg3SL3mm3zxXfT4Gf6tM0OVSkk5JpXQWXKsBFQF1tkbntuk5yuJi0fxs
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
partners.tremorhub.com/ Frame 69C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEKcb2ac75xwOU5JjnDrSqKU&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEKcb2ac75xwOU5JjnDrSqKU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNV_D1GsXsC4nFFO_w29wzYDt6v3ktC3A8KmBVkVtjyExqP-0q2W7vm6uWDTnJ3s2rCpsCIEDIl97Fag3AAc_DQU1yOPFdneusZ7HVUz4NmGu9Ce3kPbQR9PWl-KuHXfUstZxQl0e3H2qqCZgDm2jJDVBJsbagTaMmuErpXTZrmwpwqwwcrxzD3BPgqGNJHCJNIqaz0tYYSPPH10N_ZxvH_ql0ysH0m2rw6bhWvXUYFRIaZKSgY
Protocol
H2
Server
2600:1f18:612b:4232:40ff:2de3:a398:119a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEKcb2ac75xwOU5JjnDrSqKU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 69C1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1wemk4R3J0RTJ1R2xYUTdnd29ybEQ0eDdQdG1aUWYxTX5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1wemk4R3J0RTJ1R2xYUTdnd29ybEQ0eDdQdG1aUWYxTX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNV_D1GsXsC4nFFO_w29wzYDt6v3ktC3A8KmBVkVtjyExqP-0q2W7vm6uWDTnJ3s2rCpsCIEDIl97Fag3AAc_DQU1yOPFdneusZ7HVUz4NmGu9Ce3kPbQR9PWl-KuHXfUstZxQl0e3H2qqCZgDm2jJDVBJsbagTaMmuErpXTZrmwpwqwwcrxzD3BPgqGNJHCJNIqaz0tYYSPPH10N_ZxvH_ql0ysH0m2rw6bhWvXUYFRIaZKSgY
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1wemk4R3J0RTJ1R2xYUTdnd29ybEQ0eDdQdG1aUWYxTX5B
date
Tue, 17 May 2022 15:45:20 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0.000659
pr.ybp.yahoo.com/ab/secure/true/crid/2MuZrH47BBFZFv0MfqY8Gnyy6FJPvY58/imp/fDYgHlzGVVgrrSGJjto0EN4ZpStYmvbjHoRNRzKIyQgJ5n4x0G80dQnaxJqwIbnfdkX9doZXbnARg6eW7Gjm7WxluQx69WmLd0qRbhnMEay3Mt7mPXAN3GQbefU... Frame 2A33 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pr.ybp.yahoo.com/ab/secure/true/crid/2MuZrH47BBFZFv0MfqY8Gnyy6FJPvY58/imp/fDYgHlzGVVgrrSGJjto0EN4ZpStYmvbjHoRNRzKIyQgJ5n4x0G80dQnaxJqwIbnfdkX9doZXbnARg6eW7Gjm7WxluQx69WmLd0qRbhnMEay3Mt7mPXAN3GQbefU-KaXIL0TDSRPfoRpjFneTkDuaWeOQxWwsbrIXAktJf9ZFaFkMOIA-f86kTKJf4uD7Q4GVb7IC8BAPbANnJKBYbZi1brfZm_nmSEAuqKhBDuZDaReQmRDCFrRMDLUT7VGGJIS2e1SEqyK_NpmxF6zyrTXnWlrtwDX_-3wsOP7S2FWxb2Y9pOjCvNGJ4SPurzwzM3v1Xywjz9y6RbKGXHKM0eG30YRSGxWdLfCEaGGuMlK5haHvJd4ieCKqTfEDd2_m56VGrgeyY724NHm8tC6vIgDJj3J4GyBfwiC1e355iguXWQPRAgYYEPjM077P66QToHBP3Gn9oIf98vSrT-C9ZMjg9qnuSOdhbexEfGTd0FNHMkcM9CeXsctFuxub8iTnOMMOpcEIlubYVUpsDiWPCiSg0M8fJyAs_4YAWg1V797AYXePvEw2HvBaiDmXgQsT2ndPSvdBtRoCDI45YFIKr7WPVTJrTNLyARhHE06dUH5fF4vMwnWOmAg-9iK84loHBYh6x15Lu09wik9zxilXiEuSTuh9kpLh3q8WEIwIXo8XQgN5V7hbLDLjJ4oaIcPOo41u7IofNPh960buCFe4Mf0HbsQagwytNMhDTZN_5gycJBA_f9j8UoN720YA_17ofnl4tLlfeE_vklbkZtT0Uw_dZ5WVBzdhCMYeJfsYVLaS41AmXxi34jd4mzEMeJY8IPE-QfitmK8okqw7cXrXfiTRyXwfmaASJpQTgI4Ke9esmDNK2GrS8dmYycxNNwopFd-wf_wpIroIE1i_oI4WU1rMVIBit2xtgZ_NojYT2ZsCPXIj1ccWbKlHxpt6e93_QBU86HZLMkkCOat09an7ucv6qic58Sh9UdYCA4xGB31uj4zjJRHNpX0y_c5s7NuwyY1HJhnDfA2rnOYDxpzuTFk3A425GpwcP0tsfvmbsfTQz9zB8A_r4U9Nt-PlVIj_Jl7VpnwoS_XKrOnAptUJZCp4LMuf6cqqAw4_bJoP02Lz8V5knh5_Sj_tKhFT0tzrIVvUMNjA922vhcWI9dD_PcQXM6i4G4tqwDswMXeILLnQN270-WoSqsvRFbFm8eo6BFNu18l45f7w4S-ZQcMs4te8la0aSreLur0UwtjZb_V3E2BfmaDR3crrugEeUFsvFCIYeGqBB1mippsinEi6xzKp06X7Xz_2Si7ZV7WccUK384W2jBTu-rbdidL6JlriUDXT__VZ3HV9Ai3N-u0YTBKxOuwWOU1AFcxO9eJVQU_wX_5HkfsJD7YeH-O2SDqOTMeYFvcY7TTJQyDhUaTF0jrLjD_ZLaz6YtGvzlSVOJJsTWms63ohVHL2ag/wp/0.000659
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
3c7520cb45201586cd8dbf12a8c6af22bbe549e2a6a2e8d6725fa6de5fa7ea46
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
age
0
expiry
Thu, 01 Jan 1970 00:00:00 GMT
content-length
2903
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
ATS
x-frame-options
DENY
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
text/javascript
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
expires
Thu, 01 Jan 1970 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 2A33 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4066-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802321.515086,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 4982855
it
ams1-ib.adnxs.com/ Frame 2A33 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLsBPBMbAIAAAMA1gAFAQiQho-UBhDk5KbxjPOeq2IY0sWY0qrvobloKjYJEGQ2qh6cRT8Rxt_PXM6yQT8ZAAAAIK5H0T8hxt_PXM6yQT8pEGQJJPTyATEAAADgUbiePzDLiKkKOJhQQJ8XSLcBUIbJ1qoBWJPCiwFgAGi02LABeMD6AoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAh1odHRwczovL3VhLmtvcnJlc3BvbmRlbnQubmV0L4ADAIgDAZADAJgDF6ADAaoDTRITMTE1ODQxNTIyMjQxMDY4NzE0NRoTNzA4NTk4Njk1OTkzODEzODcyNCIJMzU3OTM0MjE0Kg1PQVRIMTAzMjcwMDAwOgc0NzQ1ODg5wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIbJ1qoBiAUBmAUAoAWRtsyxyKa_-ArABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXPoE76BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG6JYD2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcHMjA3NjczNLoHDwgAEAAYACAAMAA4vQZAAMgHwPoC0gcNCQANShwQABgA2gcGCAUJROAHAOoHAggA8AeJ4wKKCAIQAA..&s=a024d89b13e24a4190cc28e7fb6e465a75b368ef
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
65cede77-8134-49c7-8982-f9c7271a32bb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
script.js
acdn.adnxs-simple.com/strikeforce/ Frame 2D81 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
45306671a9b3d4d1a3a96aecc974d4df0ad542531ee13be0d5a402f88a154430

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
21335
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
40446
X-Served-By
cache-lga21963-LGA, cache-hhn4052-HHN
Access-Control-Allow-Origin
*
Last-Modified
Wed, 27 Apr 2022 16:09:57 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1652802321.517092,VS0,VE0
ETag
W/"62696ad5-1c6ab"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Mon, 16 May 2022 09:49:42 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 24558
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D81 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DzyEa5k9xHxnnIY8bbGwoDvEHm_Z732tjxWWJxmuPhubi9LYV9jsyfLlw27TGfl-2_mpjTDt6qSfML7sU_GNZgafbFy2OSBaBfLeTpDfePuYE8eI0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 2D81 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Age
7109209
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4082-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1652802321.519003,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 5030860
it
ams1-ib.adnxs.com/ Frame 2D81 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiQho-UBhD6o9Tt3OOGpjoY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4kucFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q0J2ZFJFTU9EWXJLQ0VNbkg3X1VQbnFlRzRBYjYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RaExxUXl3eVpSMFJvalFfMUl1ZlNJdFZqN3J4MnE3UmZ6MzJiN3E0cFpUb193UjdIMm5pZUVpdmpBU0t2N1F3VFVzZFl0dk84WUtrN1FpdnMxbFJkRUZwZVdiUDc2RjRTNFZwYzlFMmJZSE5Kbk5OSTV4MmhUTlVvcHJCSjhmMmF6QW5aMUpSV1d2TlJ5dWFScUU5MzhJeU9YM05tcVo3X053SFRnZElMMC1uNzU2YUNsNEM1QzRXNmZvRmRXdFZYS21pLXpzWTZucThneDJUZEEyZEF3WXR0dzdfT3MxWDU2T2ZBZzB3cHlPZW15M3NCNGNRQXdzb1FTSlpRREpqcjVYVWtzOENRR2NOZkQ2bmYwc0N3TjIyMXVhakFxelM5R1ZnSXI2NzFtTHpfSVFoSGx3XzdpVWtmVl9zbVlySFB5OXczTUxFWEsxYVVMY2kwSXI4eGhHM0ZKZE1ORjM5MUtscWloVHBCWW05dHZvR3EwOEFFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9akNSUlNJeVhvRFEmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um9RZHNyYnFRWW5RSUNaNURSaTYxVmF3JnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM0MjAwNzYyMzY3MjQ5MDI3NTc4IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFvar_7N6cw8wDwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAeS5wXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=18a20c3090d8d58744a0519c5025a0cf15e922d9
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e0c5c50e-be37-4e31-81e3-f5f1df1c3fd5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame FDD8 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Origin
https://mediawoot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame FDD8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DG3MseeAwHTtae3TXOubYlIlTzhTGLxI0MX4bW7qbfrX5Fr5r-BOUKQ3GKAWfInKBnwrvysKAr5Kx3fNBY8Fw7p8M7qK7o6nvwMycWSjxMrhp7nzy2B_T4fb73Zq1XjuNdU_JD6anV-ueTCwyil0z9gYJ5Pg&cry=1&dbm_d=AKAmf-AL3JbWIYuFESj-yltRTSFFy-oFGu9EVN41l4DeIOrpmKc5ZQ0WyKzwgDv8kznE8AHvEFDjvmLKfmW15eVX5WJrMu0YD-lAxpJcdMky5OWf3TwgVD5KfXniOzm-eTb8DKdglbQPFUZ_TiHAj-28ijBmpz2Gtq-JUCZBHB1Ons02oKSXlHxVKOHjRGNCmBjMoMoDPajlyySGnNibjiptKXZfcF-EJu2XGGcXNWpo46eq0i5-y_O86ExvvjTbsPZjEyyuCNnfkyUcx5KROmFU5VV5-ZtflOntoMXdrORRJYCSG_GYwhiRM9LEPADcFdFolFNzm-WM7ntuNfkVyvJnWedpZX6zHLFvquPRTA27x8r2xl9IZkwJ_uI2odFkjWgqPbDZ1Zo1Hz0YMvim6FkerRNyYetNARfXFwS6_g-CbUiy5GIKOW5DbIvl0GQecim276RTAoezXTGaUeDy8nLI0pbbEVDn4r1GsD5qKxaEhau3IutDMu7vuVMzQEtHHlSucPzB_22VI8xf4j2fypo2OYMBmMy-xzK2SHEgL4-Vw04NkGjH_BqSga9ycbdfbGqpXBtdVZFclseQKb-YvBVI9GP-rpiEt8GakF7g72CtxQaFa7n3TrmBNfylA_huAXO3JU9wxOxsO1CDV11JNzwfIZD55EHJ5rhTb1XcE69T9RkZCRhNTxpaDIQTNqh0hHATzuAG6xv3eGGXA8FonNi1cCh6TCXDf53IrRZy32L1SvyJJklvcXHlsRios-Fd3RlDRbAOSVmRoNO0FgX6mIhrIexoXrhPbVohuyd802ALRSCk7zj8zc4TSD5j5-YxODla24nS_D9bL0CgZs825hhBKx8iCiqNtggl_Cx2X5P0prgP5_iGdIhsE3CPg9nemSaDBt14OcurbNorh9Po5cEtJ6U6Zkpol5fkPPj_PSKTuVhLMx2GLxfKMbDn1J1yh0J7mz4REMT4PZ5GR7_sF1tSWXRM9pezn4wk1kjSKvnjyrNOujccDEHlIHD6W5l5pjOGgMuVGL7uSv5soFAie0PLLG_z8zhjPIZxIOVCUFlUb6P0WlJVMY40ySewm013x9D0sd5RwUoTZFcy-9W8kV6uZlF078T81fY3iyCynrCFxhUs761oX3eqWXuK1bfNMPsua6ePUIFydidjqI5bYjkpuOiI6yP8rxn2Fys6j0V1o6hLzk2cJPvVGgn4I-noY_LGXGR-F_6yYuEUMj782Astb5lmNB8Cwil-Y25e5f0aDhDGYrUJ-skfGO0gByxX-6SDLUo0YEWvoLPXH4JY92SeSckIL_Zz-PbNVe27rFuIDb2h2-RfGr5bPetEJ62ZsQQeq5wuw25xt8aLlEoVRaCzmpaS0bmFno61L59Sp2hsJVFomxmp3mAO46CjlZx1-4VN9BAl1EHBls1TMtbWcuLRL_REUX98HC11UV3hJv3ki23_pf1jL4A13pnEOjt15YqBlphcX4RM97h5Nyyh3ln01tCoVmqm3juR4MBC0338ni0zN38ZzlSaObqPYddrN2vTLKgyvkgzNWjjWDPzf2IT78Hs4Tcx5obmQ_gWOGhHYD_b7RTI0k4AheRqCM__OSkswwoRmgbZfL5xEjcXhMTlt7ttCzrOx0ZXdjJliejRYyjvBfPXBmHiLtAzPv6NcFoAZo8o3o_gKiWn4bpIyjZ1vCBUtgNlgEgsPlShOmZWXSr5zMTug77YZi6KpIpnk__UuRwFJClVSbmD1Gl4SZujkFvVPU2-Jy5CtL39X9buEdjfmp7_y3RKr_XvpjXkaVHGVL76hOhEKLotTXyVWW0yYMXRtmJmggly75y5JfSw5CRKbFgK4aSGI5XqiOmNJyjfyM0zF3iHB-qKDLiQE4OwGtA8voV-MfZu1_Vc2_DWcYyYnwrELG3XVOjQU9iYTpo3voaADkf2dcumZHr4-aNnzM_nhw5gmCoDqwaYSY51VuB93cNx67hZ_3xTQkc62TWIDnTF1vAyIeG3VLIn3wDsaoYbh6pjYjWkU5pMeEMw-9435WpD-1UFR_2-75o8LE8jXO8swkbIcucJzPcBr7z-UIb4pfqA0emxAgv1Ckc8xo0mcghjgOeisELgCXkF3HBlWHU01URKd7LAw0IMpagwwE3Xc3LbF57KQ75Xoz8cwuWA5EgInNoTiD9VSlGXH7Q6evW0jul40ea8HI7LGwwGplS7Xk1sUHYQuHGOXt5Wvb9wskC2-61fuhyDkOlQHorhkI4_AuPt4Jdow6n_8kVKLODA2xbrj9Y7_U5GQ8WQFyfDUyvpAywuRhG8iQ-NKpbyTtJgRfpoU9QtuwhO713Urrkt0PxU8Ye78UVOyP-i9MOiEZ7e4xauo5rbQMRJexhVOaSrfEeZR1vMDUMKZkQUNx3FF_YEyd-b-DM7ypj9lQNdHSzv0wUB6hxM7VkNVbQvAz96GXs83n-DxBQwltTjzTeUR0R2b9bQDqziwTgSzqXp29Ftc2VRkJLljLFwaLAeGr7inRpH5KzD_kJ6-wtyGrOATHkwXp2YCMPzOR64FT_lnQILuI1cE3DPXtbWzk3dzcnVhIsT-HU3V92Pj4Qasg-OPGpqs_AKpKhTHdrFN8bxJ-XIH3ksBfEbvdoFUCWp4X4jTqM_CQLpTas7YsTA2kuUoKoHYty-HY3Tfxfum59f8jMZKAG6cJHSQ96_fcx1jxJvXiBFDsup_Z5rcVDiK1u92st7cC62C9rgelg1cPVxad8ICntGOO0w82L0ODa1aFRejZFPAWXK6oyI0g-ms2sjmiJHqjkH3lS1YAZGNxmH4vceT_05nfuERx8hIntwQURjj_4a0rf9_MiENFgZxwUkKO6qOyEcz_TNMTBrWruAK5xCizgVUy9wgG1gpa2qrMjxZxQFmEFHGyiyvbjNnJ_9KGiWXGgo4SyREkzWMsdm0jsXStfSGHNvmj-le41eWGamMNaEQNUrNBpW9g5EprKFEDCRvIrzauihy_0fGp216GlzHAkqxngDwT6Urf9vnUfbjz6mabsd5rzidIbeXnTFoOOrwPaSDv0Xc9id87iwD3klA0QwkEnUN_Y_KYBZiVlT4jkQK57AUuwmigLvwajTN6Hhw3FwbTN5STQ6-TW2DVjeRaetN9WmRYQ6gpGYOQCtSA1UhsieO2j_CEWvZaj9dLr-eHd6z_Wa9meEH-cHX3waenjRJfdcKCHaDJQX-1LmaRUuAogIRQcq9eitWAuzQ8X7SNJELagl5jb7jMXRrWTmKvSEbL57QYby4wQAoVKREd4PcJzAnRWCgMxc6TkpZbzaYUlbQTtiIdLA_OeyIiSwnJAZPlH_6gaxsblDXCyNkBORy6Ubg_AKX8DRkWUjSjtrhfPJnKE0pjPkurk16xfNd36ji21cUzpV6iUYbDOmpitboYtsXzSg7j8E_PNDxqU9wuWFzSd998di2QfavRvZqM8kIM4yy2QFbfUEQf7bzrawjVdoyXa-iWstZUSK54j9zCN20uHmumAl6LIk7JqbjJySKq-3_7fUpQCKpZyuMNc4MWvxcoL-LLSH-whUA2AuDOJ4qTaacePUx6D0hxtg4mGhgERej5p7ktOc-7FPZx63w0sdE7OaJjAIgiHn1Px9jw&cid=CAASEuRoWAZk9qx9f1c7uP-GGYGLvw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:42:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame FDD8 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DG3MseeAwHTtae3TXOubYlIlTzhTGLxI0MX4bW7qbfrX5Fr5r-BOUKQ3GKAWfInKBnwrvysKAr5Kx3fNBY8Fw7p8M7qK7o6nvwMycWSjxMrhp7nzy2B_T4fb73Zq1XjuNdU_JD6anV-ueTCwyil0z9gYJ5Pg&cry=1&dbm_d=AKAmf-AL3JbWIYuFESj-yltRTSFFy-oFGu9EVN41l4DeIOrpmKc5ZQ0WyKzwgDv8kznE8AHvEFDjvmLKfmW15eVX5WJrMu0YD-lAxpJcdMky5OWf3TwgVD5KfXniOzm-eTb8DKdglbQPFUZ_TiHAj-28ijBmpz2Gtq-JUCZBHB1Ons02oKSXlHxVKOHjRGNCmBjMoMoDPajlyySGnNibjiptKXZfcF-EJu2XGGcXNWpo46eq0i5-y_O86ExvvjTbsPZjEyyuCNnfkyUcx5KROmFU5VV5-ZtflOntoMXdrORRJYCSG_GYwhiRM9LEPADcFdFolFNzm-WM7ntuNfkVyvJnWedpZX6zHLFvquPRTA27x8r2xl9IZkwJ_uI2odFkjWgqPbDZ1Zo1Hz0YMvim6FkerRNyYetNARfXFwS6_g-CbUiy5GIKOW5DbIvl0GQecim276RTAoezXTGaUeDy8nLI0pbbEVDn4r1GsD5qKxaEhau3IutDMu7vuVMzQEtHHlSucPzB_22VI8xf4j2fypo2OYMBmMy-xzK2SHEgL4-Vw04NkGjH_BqSga9ycbdfbGqpXBtdVZFclseQKb-YvBVI9GP-rpiEt8GakF7g72CtxQaFa7n3TrmBNfylA_huAXO3JU9wxOxsO1CDV11JNzwfIZD55EHJ5rhTb1XcE69T9RkZCRhNTxpaDIQTNqh0hHATzuAG6xv3eGGXA8FonNi1cCh6TCXDf53IrRZy32L1SvyJJklvcXHlsRios-Fd3RlDRbAOSVmRoNO0FgX6mIhrIexoXrhPbVohuyd802ALRSCk7zj8zc4TSD5j5-YxODla24nS_D9bL0CgZs825hhBKx8iCiqNtggl_Cx2X5P0prgP5_iGdIhsE3CPg9nemSaDBt14OcurbNorh9Po5cEtJ6U6Zkpol5fkPPj_PSKTuVhLMx2GLxfKMbDn1J1yh0J7mz4REMT4PZ5GR7_sF1tSWXRM9pezn4wk1kjSKvnjyrNOujccDEHlIHD6W5l5pjOGgMuVGL7uSv5soFAie0PLLG_z8zhjPIZxIOVCUFlUb6P0WlJVMY40ySewm013x9D0sd5RwUoTZFcy-9W8kV6uZlF078T81fY3iyCynrCFxhUs761oX3eqWXuK1bfNMPsua6ePUIFydidjqI5bYjkpuOiI6yP8rxn2Fys6j0V1o6hLzk2cJPvVGgn4I-noY_LGXGR-F_6yYuEUMj782Astb5lmNB8Cwil-Y25e5f0aDhDGYrUJ-skfGO0gByxX-6SDLUo0YEWvoLPXH4JY92SeSckIL_Zz-PbNVe27rFuIDb2h2-RfGr5bPetEJ62ZsQQeq5wuw25xt8aLlEoVRaCzmpaS0bmFno61L59Sp2hsJVFomxmp3mAO46CjlZx1-4VN9BAl1EHBls1TMtbWcuLRL_REUX98HC11UV3hJv3ki23_pf1jL4A13pnEOjt15YqBlphcX4RM97h5Nyyh3ln01tCoVmqm3juR4MBC0338ni0zN38ZzlSaObqPYddrN2vTLKgyvkgzNWjjWDPzf2IT78Hs4Tcx5obmQ_gWOGhHYD_b7RTI0k4AheRqCM__OSkswwoRmgbZfL5xEjcXhMTlt7ttCzrOx0ZXdjJliejRYyjvBfPXBmHiLtAzPv6NcFoAZo8o3o_gKiWn4bpIyjZ1vCBUtgNlgEgsPlShOmZWXSr5zMTug77YZi6KpIpnk__UuRwFJClVSbmD1Gl4SZujkFvVPU2-Jy5CtL39X9buEdjfmp7_y3RKr_XvpjXkaVHGVL76hOhEKLotTXyVWW0yYMXRtmJmggly75y5JfSw5CRKbFgK4aSGI5XqiOmNJyjfyM0zF3iHB-qKDLiQE4OwGtA8voV-MfZu1_Vc2_DWcYyYnwrELG3XVOjQU9iYTpo3voaADkf2dcumZHr4-aNnzM_nhw5gmCoDqwaYSY51VuB93cNx67hZ_3xTQkc62TWIDnTF1vAyIeG3VLIn3wDsaoYbh6pjYjWkU5pMeEMw-9435WpD-1UFR_2-75o8LE8jXO8swkbIcucJzPcBr7z-UIb4pfqA0emxAgv1Ckc8xo0mcghjgOeisELgCXkF3HBlWHU01URKd7LAw0IMpagwwE3Xc3LbF57KQ75Xoz8cwuWA5EgInNoTiD9VSlGXH7Q6evW0jul40ea8HI7LGwwGplS7Xk1sUHYQuHGOXt5Wvb9wskC2-61fuhyDkOlQHorhkI4_AuPt4Jdow6n_8kVKLODA2xbrj9Y7_U5GQ8WQFyfDUyvpAywuRhG8iQ-NKpbyTtJgRfpoU9QtuwhO713Urrkt0PxU8Ye78UVOyP-i9MOiEZ7e4xauo5rbQMRJexhVOaSrfEeZR1vMDUMKZkQUNx3FF_YEyd-b-DM7ypj9lQNdHSzv0wUB6hxM7VkNVbQvAz96GXs83n-DxBQwltTjzTeUR0R2b9bQDqziwTgSzqXp29Ftc2VRkJLljLFwaLAeGr7inRpH5KzD_kJ6-wtyGrOATHkwXp2YCMPzOR64FT_lnQILuI1cE3DPXtbWzk3dzcnVhIsT-HU3V92Pj4Qasg-OPGpqs_AKpKhTHdrFN8bxJ-XIH3ksBfEbvdoFUCWp4X4jTqM_CQLpTas7YsTA2kuUoKoHYty-HY3Tfxfum59f8jMZKAG6cJHSQ96_fcx1jxJvXiBFDsup_Z5rcVDiK1u92st7cC62C9rgelg1cPVxad8ICntGOO0w82L0ODa1aFRejZFPAWXK6oyI0g-ms2sjmiJHqjkH3lS1YAZGNxmH4vceT_05nfuERx8hIntwQURjj_4a0rf9_MiENFgZxwUkKO6qOyEcz_TNMTBrWruAK5xCizgVUy9wgG1gpa2qrMjxZxQFmEFHGyiyvbjNnJ_9KGiWXGgo4SyREkzWMsdm0jsXStfSGHNvmj-le41eWGamMNaEQNUrNBpW9g5EprKFEDCRvIrzauihy_0fGp216GlzHAkqxngDwT6Urf9vnUfbjz6mabsd5rzidIbeXnTFoOOrwPaSDv0Xc9id87iwD3klA0QwkEnUN_Y_KYBZiVlT4jkQK57AUuwmigLvwajTN6Hhw3FwbTN5STQ6-TW2DVjeRaetN9WmRYQ6gpGYOQCtSA1UhsieO2j_CEWvZaj9dLr-eHd6z_Wa9meEH-cHX3waenjRJfdcKCHaDJQX-1LmaRUuAogIRQcq9eitWAuzQ8X7SNJELagl5jb7jMXRrWTmKvSEbL57QYby4wQAoVKREd4PcJzAnRWCgMxc6TkpZbzaYUlbQTtiIdLA_OeyIiSwnJAZPlH_6gaxsblDXCyNkBORy6Ubg_AKX8DRkWUjSjtrhfPJnKE0pjPkurk16xfNd36ji21cUzpV6iUYbDOmpitboYtsXzSg7j8E_PNDxqU9wuWFzSd998di2QfavRvZqM8kIM4yy2QFbfUEQf7bzrawjVdoyXa-iWstZUSK54j9zCN20uHmumAl6LIk7JqbjJySKq-3_7fUpQCKpZyuMNc4MWvxcoL-LLSH-whUA2AuDOJ4qTaacePUx6D0hxtg4mGhgERej5p7ktOc-7FPZx63w0sdE7OaJjAIgiHn1Px9jw&cid=CAASEuRoWAZk9qx9f1c7uP-GGYGLvw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:46 GMT
demconf.jpg
dpm.demdex.net/ Frame 9508
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMSm5k1HrinWb-MP9unC4xE&google_cver=1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEMSm5k1HrinWb-MP9unC4xE&google_cver=1
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEMSm5k1HrinWb-MP9unC4xE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNV2wslm9CuO6YE3cfnaGDk8q2xiYHasPm34UuyoDJwThWcWih7XKdGhJQTvdoYEOBbRaBHSi30ouWkp-ahc9NiIa-fCGg3fjjKeIRRU0UF4jVbp70fDD0Ub19SSSUCeepw2gINoafno_pubW8Wc1LvY2ieFjANrIyKc-lV0tJ5eLUN_y53F3rteu0_UJDydBQLQh5OVLV9SXcgJGkqWmLpuB7FqEPKr4LnJVuEMY65lrMccjbQ
Protocol
HTTP/1.1
Server
79.125.102.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-102-158.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v031-015441dd7.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
MKVY/EvPRBE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v031-0c619e68c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
G7Nq31C4QKo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEMSm5k1HrinWb-MP9unC4xE&google_cver=1
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
tp=GDDP
bcp.crwdcntrl.net/map/ct=y/tpid=CAESEE30BEL5shaHtuZxFqApdps&cver=1/c=899/ Frame 9508
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_cm
  • https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEE30BEL5shaHtuZxFqApdps&google_cver=1
  • https://bcp.crwdcntrl.net/map/ct=y/tpid=CAESEE30BEL5shaHtuZxFqApdps&cver=1/c=899/tp=GDDP
49 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/tpid=CAESEE30BEL5shaHtuZxFqApdps&cver=1/c=899/tp=GDDP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNV2wslm9CuO6YE3cfnaGDk8q2xiYHasPm34UuyoDJwThWcWih7XKdGhJQTvdoYEOBbRaBHSi30ouWkp-ahc9NiIa-fCGg3fjjKeIRRU0UF4jVbp70fDD0Ub19SSSUCeepw2gINoafno_pubW8Wc1LvY2ieFjANrIyKc-lV0tJ5eLUN_y53F3rteu0_UJDydBQLQh5OVLV9SXcgJGkqWmLpuB7FqEPKr4LnJVuEMY65lrMccjbQ
Protocol
H2
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
expires
0
cache-control
no-cache
x-server
10.45.8.234
content-type
image/gif
content-length
49
x-consent
absent

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/tpid=CAESEE30BEL5shaHtuZxFqApdps&cver=1/c=899/tp=GDDP
cache-control
no-cache
x-server
10.45.3.147
content-length
0
expires
0
request.php
hal90008.redintelligence.net/ Frame 1306
Redirect Chain
  • https://hal90008.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=27aca006f5&subid=&uid=14eb604d9e6345c5&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90008.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=27aca006f5&subid=&uid=14eb604d9e6345c5&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
612 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=27aca006f5&subid=&uid=14eb604d9e6345c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6288863528235289568%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Divawnoge%26e%3D1068016250166&ancestorOrigins=https%3A%2F%2Fmediawoot.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=466975696246&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ivawnoge&e=1068016250166
Protocol
HTTP/1.1
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
06d7c1d12483d4ac9708512167d58e302584f5ccaa39cfeb72777b62ac56c729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
67452400152568000951425011962008
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
330
Expires
Tue, 17 May 2022 16:45:20 +0200

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=27aca006f5&subid=&uid=14eb604d9e6345c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6288863528235289568%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Divawnoge%26e%3D1068016250166&ancestorOrigins=https%3A%2F%2Fmediawoot.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=466975696246&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Tue, 17 May 2022 16:45:20 +0200
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D062 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Origin
https://mediawoot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame D062 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BEX4XlBnjhGUPUpGumxExUc2So0XtLP3PY2h-DvQWIVzdjIRQmMs-hXQszojWyqaTxVEFWV6c4WO92ye7B2tg2uHtkXPkT3ZWS4lXOwVrkd_i79AR9zJDhq2Lpt66r5tTyLuNlNnbJyd856qm-lKDKm4p5Gw&cry=1&dbm_d=AKAmf-AxokYf_WKdinvNnbmY0-EwbdBnVWjTgATCl5hVKcJsp2VRLtD_DRk-qOTxqTGcSPgtBtMrQQKRzN9q5Pak9N-hk2I9kRMKnkTCi1masFJJ75pC09VvNFKkeNZ9-DiXiOpRz-eZePB7-XDYkfMt_G8_IoY0mH7AduFG7T_rm_6ZmOItc9sGVPMbfkYZHUTIvWdGy5bhMOdOxLO91dvqMmiqsZbR0yvKFRpN_7PNEuVj7ACvVX9Gs144WtntJVREARM66Zm_2Jy1iBiiCnQR-n6FOAfYPyw_5rwrHV9BfnKs6lLRq2Y3kbxEmTmjKYkk6ZpcrpYa3-cesyv7wlOPbo5wpEt2mOcEPmf1BhdUX001eDfWIu5jfoBRBVdbaLiRhcVOMqQ1Ut4L1hc7CcIvt3l3_pxmifK5xE0Yq7T1FcN1Ku9NjQ06S5KzBhUOUuJkNL9QhObsP_lnp_pp9vYsmbtu1dfm5p1z4yua_fBjdNvPz7H6gQh52CWalfx5bHsifQKfn-TDKv9vvavDqQk7mKYn9cMyyYO67ej9wMUnflEVJ5llUUbToJKxvoy5eBQVHyav9y2SepTPFs84SeWoIO0WkJT-5IUUgL6Idu4uUaiVdXY94LdDWnZ6trsbGSEK-GYIRW5EE-RL0YYtqrm41VRXEKrWBLnfbzq6UnL9bi3moQ9Z8YbjJsHNCb5CFv0M8Jmqq2_-M_6h50eFjWKDb8Fofd1wbU9lqfjAwZxtn39mOuIIArHpWO7sIvr5KOJvkY9FNSeNNBq0wc9GiCqrb72E-7Hvfho-ilrnQNwlwqVPcIhoieJY0bxHip_bs_w2UDN7BiEFQNKTHC_VJ2x_O8d8VAsxVWd8kKbTJzVi1E0zDWYUst9VB3KTd035zZAESfEYLzWdGlJw5nEsejyTqLvBZpiy1X48EzNmTkms0e1Yhhs97jXlFAQ9kFGErKOCBu6b_2nvIWgvQwqNS25NblHhnxjm-tEsMBXiWwu6VqCVH9AQmeEcn8zwRKfq0TuN043Wdieg8G7CHc4V6juFy6WRiU6fKXbMq8xGg83RW50KQVcN8lqF45kWcsyiS5g3PWsgXBRCaS8d8_n5q346G6d9sIuIxh7imUSL48v-SOBiEK-5Ipgi7Rawvj5HWnqDZSB9nljKKXXAnOasrRa0HYhEa_l2zISnE7pWEuTL95ELPnp-ycptkp9T3WtP4QdTtz8I64ysC5n_Wz6wdqqoLFbX7zqMG9TuLUwF7kTnBt9BX9S0U_Ms1rWbKSTO-O5uhlZks5-e1xE40jaa-20e02kPUqtSdjIArxH2AGOFaPcIlvfpcGuO77FO-bM9OeLtNFlvUt1c89EwMaBmZc4dkXkoY06orBRCXwxiGbkYrfg68XoQKWKNWmOi4vNSTR1DCcHV6-84UVVfjBEHSUUAL6OBAHWHINUyKv3M2ldOPaUQy-BCKgmSFQpfDz4l5gCQbX2CAU7ML-WR19IRur8R-tFdbRHa7E0IjTeDU8QAhAjy2zWQapseneOCO3J5waRXbA5TiDvsz4ab4grzCMUlZduVO2JdH_ybCB9OVgUg-Zdc4MR77WqNGgTLlSmk014AehKHiuPP2Xkfb_8FEsfAHvU9ddjelXlqJhasB7owrgv3j-yUsZ0jzbK5WnCqcZPMtGiF7tvicYCVlc3Oro4wgOGL5JllUdAEeEv2wJaKa5FtSDyoaoMo_JEXesUcnyAYTdJgPqZj8IjnmIgsNOaLtr2HmEkBVDf3-AQgYq5SZ1X_cwU1OiKypJxZ3ijM_IPoUpXfpeZleR-8Zk6GszBjKinAQ4jRAt1ok5bdBEBWwTQ2yYNMURr0jVqaM8ebRy4meak8njHllpVnIdnfuueiNobqjzwWR08AJCylbHHs_WZkOiZv6pEWaDjbsiIa3cTdVGuRR8SqBc4S8k9u18zRIurELoblypiq3ISRZZ9xFSPHWDTOr-HiM7SSBJZhkdSChdNMasbGu-6hJTn4vldtdKuWBsAlEfC9adnmSEaJ-TOr-krSUYNvmqp9Bcyopiq7YhlcnMskqMIr8Eq1rjOYvKz5dk2b-A8XCfxLugr6XaEgkBbDkCpimmE-mNWGCea75DgPQ8heFAO9Q-VBS4UPuib8Vx53iDXkQkZWGjegJrQ1-BS6v_rNOHdgzLJsqtBZuCsfUFTMRzrGk2a8FTqImiM8Ya6tMIZ3pso4VtBXN0fW-3iZUkAfk4X4G2OUhSnXX0TopqsntctRgJo6LEY6xUo89Fi3rlshP5dHo7on1ODKt5w9Wec_m57ZHwrfTfacPUbuWInzF8_Q2I_I56aqiFBwqz-_JDehoN3-hPaZxelYUlDzcbbPaA1E4VYFBuNSWeoT8CZIoILe2j1elJmrbmdWWdoo8LJFNu7tarPmNa3KdkDkEpcJyaBnG6azDxqt8S-msqtvL5GhKn-Y5tg0_d1ZpJJY7d0D-_jXIS64d7FVaWmhRPf9AmdjcQOVFsPR7mwtH7PEWZM8u2DLUXV5N649tqiXz9U17H-Me7lD0tda7WtkA9GQakbr6vtHkdtERhfA7_WT0Fsp3BW8mgtOVQIC2AIY-votawkwRStO1wEdo_MqQXvf9j3eH9C_yHFanizIb2QksI3dD-ctS0tnPl4dHWnkIHuGj6JBVzYnWYK6VoErdhF4U7xkGFZvbP3EI0vJXpJ28n_xO6FwGuXkCJe_4O_P0J7p1I897V6STrolx3Z2AWtkUSwL4FPr7tqa5mre3J0qMgzl8kPLMCz0atdHD8XpVKQZugpTIApGjkvpNLga7qxDW3YWezcqgki_oYbwhSqwUlM5TFEbvW8_q7_G4nHkJwstLWpM44q203yXBdgL7tnAglerByzsoGWem-2jDSY7TNKXC89h6T4YOU38WnxvlYxouH3akrwstGgo6Sha6haYZxGaPleywFBFS1ZMmtTUH8SubAsU4VYh5t2CxTcyuAWr0t2CS5IiDyJPGjfBGfX3VKENcuj7QhedkwdemP70HcAaJPEfH-YJI_c48KdIVhWLg9g3Tzy7pLvj5gOWCF_TIjcwtzg__1sBLd0uApzQC7rLWV3FFQSChWzabN389VbjHdXzZV6O-e5FKEAPCtIEl5nh1on6i10d9qZrijwSDNzv1_YUIHpqrDaBXLt1C_kUCh_pUAJuSrMOuMAuXxcv1q4b2GL7d0vg18dc2BHRklIBBz-nm-1_Vch3AGcam02Mv6BOzDco9czTSZvST_PQmbbjEGr2GBzaZveDPOx2dQURxldkeshVQDjjFw4jLx4OlXKPOjWyutOLSFfKgs_49YKaqyG6hTPLY-DW5FJYgMuDlcCXVe4rg9PhKz0fVVorSmGvfp8XKUxa6XPOykG4gv3zYGw04qRSPgJdW-UAbr-FYhVVn-9c8ABw_6ALPpNJj3IAIPx3t3zbnLY4hz42T9luIgJsW9EtX3xbbezRMv608YgjNx_lAEWR1fAVIwcQz-JkWocs-PVpoirsNilj_9fNgzCfnkS5kkEmu_MeldcpLt1Im-fG4OXxIy0qTwrlD7j-TwS4zx12KdYtihEaxfaZ6w6IusLu11AbJ_W_&cid=CAASEuRorBC-pY5AKf7_6cuMVVeKTw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:42:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame D062 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BEX4XlBnjhGUPUpGumxExUc2So0XtLP3PY2h-DvQWIVzdjIRQmMs-hXQszojWyqaTxVEFWV6c4WO92ye7B2tg2uHtkXPkT3ZWS4lXOwVrkd_i79AR9zJDhq2Lpt66r5tTyLuNlNnbJyd856qm-lKDKm4p5Gw&cry=1&dbm_d=AKAmf-AxokYf_WKdinvNnbmY0-EwbdBnVWjTgATCl5hVKcJsp2VRLtD_DRk-qOTxqTGcSPgtBtMrQQKRzN9q5Pak9N-hk2I9kRMKnkTCi1masFJJ75pC09VvNFKkeNZ9-DiXiOpRz-eZePB7-XDYkfMt_G8_IoY0mH7AduFG7T_rm_6ZmOItc9sGVPMbfkYZHUTIvWdGy5bhMOdOxLO91dvqMmiqsZbR0yvKFRpN_7PNEuVj7ACvVX9Gs144WtntJVREARM66Zm_2Jy1iBiiCnQR-n6FOAfYPyw_5rwrHV9BfnKs6lLRq2Y3kbxEmTmjKYkk6ZpcrpYa3-cesyv7wlOPbo5wpEt2mOcEPmf1BhdUX001eDfWIu5jfoBRBVdbaLiRhcVOMqQ1Ut4L1hc7CcIvt3l3_pxmifK5xE0Yq7T1FcN1Ku9NjQ06S5KzBhUOUuJkNL9QhObsP_lnp_pp9vYsmbtu1dfm5p1z4yua_fBjdNvPz7H6gQh52CWalfx5bHsifQKfn-TDKv9vvavDqQk7mKYn9cMyyYO67ej9wMUnflEVJ5llUUbToJKxvoy5eBQVHyav9y2SepTPFs84SeWoIO0WkJT-5IUUgL6Idu4uUaiVdXY94LdDWnZ6trsbGSEK-GYIRW5EE-RL0YYtqrm41VRXEKrWBLnfbzq6UnL9bi3moQ9Z8YbjJsHNCb5CFv0M8Jmqq2_-M_6h50eFjWKDb8Fofd1wbU9lqfjAwZxtn39mOuIIArHpWO7sIvr5KOJvkY9FNSeNNBq0wc9GiCqrb72E-7Hvfho-ilrnQNwlwqVPcIhoieJY0bxHip_bs_w2UDN7BiEFQNKTHC_VJ2x_O8d8VAsxVWd8kKbTJzVi1E0zDWYUst9VB3KTd035zZAESfEYLzWdGlJw5nEsejyTqLvBZpiy1X48EzNmTkms0e1Yhhs97jXlFAQ9kFGErKOCBu6b_2nvIWgvQwqNS25NblHhnxjm-tEsMBXiWwu6VqCVH9AQmeEcn8zwRKfq0TuN043Wdieg8G7CHc4V6juFy6WRiU6fKXbMq8xGg83RW50KQVcN8lqF45kWcsyiS5g3PWsgXBRCaS8d8_n5q346G6d9sIuIxh7imUSL48v-SOBiEK-5Ipgi7Rawvj5HWnqDZSB9nljKKXXAnOasrRa0HYhEa_l2zISnE7pWEuTL95ELPnp-ycptkp9T3WtP4QdTtz8I64ysC5n_Wz6wdqqoLFbX7zqMG9TuLUwF7kTnBt9BX9S0U_Ms1rWbKSTO-O5uhlZks5-e1xE40jaa-20e02kPUqtSdjIArxH2AGOFaPcIlvfpcGuO77FO-bM9OeLtNFlvUt1c89EwMaBmZc4dkXkoY06orBRCXwxiGbkYrfg68XoQKWKNWmOi4vNSTR1DCcHV6-84UVVfjBEHSUUAL6OBAHWHINUyKv3M2ldOPaUQy-BCKgmSFQpfDz4l5gCQbX2CAU7ML-WR19IRur8R-tFdbRHa7E0IjTeDU8QAhAjy2zWQapseneOCO3J5waRXbA5TiDvsz4ab4grzCMUlZduVO2JdH_ybCB9OVgUg-Zdc4MR77WqNGgTLlSmk014AehKHiuPP2Xkfb_8FEsfAHvU9ddjelXlqJhasB7owrgv3j-yUsZ0jzbK5WnCqcZPMtGiF7tvicYCVlc3Oro4wgOGL5JllUdAEeEv2wJaKa5FtSDyoaoMo_JEXesUcnyAYTdJgPqZj8IjnmIgsNOaLtr2HmEkBVDf3-AQgYq5SZ1X_cwU1OiKypJxZ3ijM_IPoUpXfpeZleR-8Zk6GszBjKinAQ4jRAt1ok5bdBEBWwTQ2yYNMURr0jVqaM8ebRy4meak8njHllpVnIdnfuueiNobqjzwWR08AJCylbHHs_WZkOiZv6pEWaDjbsiIa3cTdVGuRR8SqBc4S8k9u18zRIurELoblypiq3ISRZZ9xFSPHWDTOr-HiM7SSBJZhkdSChdNMasbGu-6hJTn4vldtdKuWBsAlEfC9adnmSEaJ-TOr-krSUYNvmqp9Bcyopiq7YhlcnMskqMIr8Eq1rjOYvKz5dk2b-A8XCfxLugr6XaEgkBbDkCpimmE-mNWGCea75DgPQ8heFAO9Q-VBS4UPuib8Vx53iDXkQkZWGjegJrQ1-BS6v_rNOHdgzLJsqtBZuCsfUFTMRzrGk2a8FTqImiM8Ya6tMIZ3pso4VtBXN0fW-3iZUkAfk4X4G2OUhSnXX0TopqsntctRgJo6LEY6xUo89Fi3rlshP5dHo7on1ODKt5w9Wec_m57ZHwrfTfacPUbuWInzF8_Q2I_I56aqiFBwqz-_JDehoN3-hPaZxelYUlDzcbbPaA1E4VYFBuNSWeoT8CZIoILe2j1elJmrbmdWWdoo8LJFNu7tarPmNa3KdkDkEpcJyaBnG6azDxqt8S-msqtvL5GhKn-Y5tg0_d1ZpJJY7d0D-_jXIS64d7FVaWmhRPf9AmdjcQOVFsPR7mwtH7PEWZM8u2DLUXV5N649tqiXz9U17H-Me7lD0tda7WtkA9GQakbr6vtHkdtERhfA7_WT0Fsp3BW8mgtOVQIC2AIY-votawkwRStO1wEdo_MqQXvf9j3eH9C_yHFanizIb2QksI3dD-ctS0tnPl4dHWnkIHuGj6JBVzYnWYK6VoErdhF4U7xkGFZvbP3EI0vJXpJ28n_xO6FwGuXkCJe_4O_P0J7p1I897V6STrolx3Z2AWtkUSwL4FPr7tqa5mre3J0qMgzl8kPLMCz0atdHD8XpVKQZugpTIApGjkvpNLga7qxDW3YWezcqgki_oYbwhSqwUlM5TFEbvW8_q7_G4nHkJwstLWpM44q203yXBdgL7tnAglerByzsoGWem-2jDSY7TNKXC89h6T4YOU38WnxvlYxouH3akrwstGgo6Sha6haYZxGaPleywFBFS1ZMmtTUH8SubAsU4VYh5t2CxTcyuAWr0t2CS5IiDyJPGjfBGfX3VKENcuj7QhedkwdemP70HcAaJPEfH-YJI_c48KdIVhWLg9g3Tzy7pLvj5gOWCF_TIjcwtzg__1sBLd0uApzQC7rLWV3FFQSChWzabN389VbjHdXzZV6O-e5FKEAPCtIEl5nh1on6i10d9qZrijwSDNzv1_YUIHpqrDaBXLt1C_kUCh_pUAJuSrMOuMAuXxcv1q4b2GL7d0vg18dc2BHRklIBBz-nm-1_Vch3AGcam02Mv6BOzDco9czTSZvST_PQmbbjEGr2GBzaZveDPOx2dQURxldkeshVQDjjFw4jLx4OlXKPOjWyutOLSFfKgs_49YKaqyG6hTPLY-DW5FJYgMuDlcCXVe4rg9PhKz0fVVorSmGvfp8XKUxa6XPOykG4gv3zYGw04qRSPgJdW-UAbr-FYhVVn-9c8ABw_6ALPpNJj3IAIPx3t3zbnLY4hz42T9luIgJsW9EtX3xbbezRMv608YgjNx_lAEWR1fAVIwcQz-JkWocs-PVpoirsNilj_9fNgzCfnkS5kkEmu_MeldcpLt1Im-fG4OXxIy0qTwrlD7j-TwS4zx12KdYtihEaxfaZ6w6IusLu11AbJ_W_&cid=CAASEuRorBC-pY5AKf7_6cuMVVeKTw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0A51 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220509&jk=361822275069798&bg=!29il2JzNAAZX5TVhd-U7ACkAdvg8Wi0pkPPDHfIB7Xg3SGnP7e7uiOBSIW64remIQL2EY0F4mvh1VgIAAAG6UgAAAAJoAQeZAuBcrmw0HkN9WrEDB_tfYEt-e-xKBivR-ZJuAYzca4PMxfvPxR_c3gXnPhFGtlX6ZxumwGlwFvYzGjZd4Dl69oui1O92nERnviUy0XT6VYmA3MXewlMFMGj1IpLtC1SOvcS5TK8ahCdIs7tH7dX146x_AOP9p6dBoxy1I5mfmp2OPEkumj_k6Qt-NSxG0sbhB1PN9YFoWzkHPC7qOdNoKmQ2WuWc0j9ByGpfKOfhzrRn_lEzJ8nIRi69aSECA8lAN1wIrjQjBC3BqiqIxJDljqhgSFuN_WpsRNz-HDnYv0UIjU3ld60lsdAzBBeO6S57YW9HolPSoTf4GrcheqQcg0o0xbV2VIcUArtScLHL2zicJ5cfW5aiOCokGB1zNvs7hQVrIHuYV0v0yjjSkoq5rC_zKVNxUqElqB_1ozKayMGc-CoBOInMZC6l4KG8-Xcmp-oejwbJrbbu9TYTuOcqZU11NU-U0sBINf0IY30HVVqWAIYW8NTOpDoAC7M-Rrn9vX4xN6g0f9bx2jCiNia7KI-zaiZz4a8HmT3KynT8XFqeA_2tbtm1Y5AleuZ0VIAvZWQEzlrnQI0r36LrKSKc6jG0RaXnJKRknrIIVNp0p2ZpjlWPj-3zwTlXCNuGq5KuSonHQGWZ2bpUa-OB2OElBBbOCDopxxovHJWClr_zyEEc2lUDNwkz7uYMR-c7DqM5cf0Nua46kBRTyVxHJ4YKVCbzs8-TUUpvxCGwYTM378AuK-Qr5AF7PzpRiSORGplmi1dQzipzgdWI7Y_M4_ZJ1oVRkaIcLbSblxsCFlXVd3npqNviACzJfcdkEDz5UA7BzpXu1tY6p7C-WYwu10FP0_vZouFJ8QkhaweXd1LWIwSdTPyCvtk-PwGU8v7sDj5D8tFe6FBdml2nqi38-6P1PYouxrLWTbUsYSWj122uQwYdZRg7yzLQwYsvIzQRctnPcrvLYPujGx5G2AxLtApTcCIo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 17 May 2022 15:45:20 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ Frame 3568 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8948 		418 B
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNViFhXkfWOTXJKkDt2-taQZX-1c5OZ3rG5Pzn7cJEzly_HmkfFOP0nvkdvgJImbiZFTL1cLaReokjjU9nBMhbevRStUSZ1wR5tHUNerSVqJzUHMF_sByUKAS1glSsKmq5mrlTJw7q5TK5rOxK8bXuNpxXCek0x1amTHQGsmdGbRuCFQjyzlr64W_i4fQ2m7FyLGnr-dJ_jxJ9RYMQPREdfZIqq3Xs0G-QrvzWjhyjd15xcL6Zg
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=brjrd&e=1068016250166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ad5579ff46a845583e2ea7c42141e827f17de5cb47598bffeb398286dcd0313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
204
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3568 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYdH1gV68OZ9aNk85vh8wef2wdQN4AzflcKniZB28JtwTLdBcce6CoUpr9t3dDqi3JMO8PAEvvnGKfEma4AoBhqnWKwmuj9U-DpLcQGCb6Ku3c4UipQPzeL5PDfuFLRFt7Mmqs8zUACQrHe0MQLr4FWx8EHQ&cry=1&dbm_d=AKAmf-AKRe4mkXLqapNAZfZ0omyVRaGLV3wfxw0HuSV5ovgfide8NpwBAbnfUZ1eJ7-CXu9EL4FajLF4Qj_AenWYISoM6hnb1kpfkQc62N6JD3-2zyvRfmt7ddfsCPwmljxxtWs6LY3W2MToWNp5sj4-wOU5Pqis7kZaRZiWpeJ2lQh88y3Eh7Rt_sRyv6ES0maKcSOTlzxKDPvTxKne9N6EtrhwEb8bZlekp4_pwLoyDSzhHqQkj4SedqE-3rha5Hd1ls70536jr8dHkr0L570QcaGjTmacqkfUI1m2JntG2Su6yo266OBCv-LythkLmmgh970NiLx3EmPOWbCDWjhLpmSyRGtGXMQimL8D_7b0CM6QgyD-43LDMsDTMppy5JhSsEBpZ1GpiMxp8_giIBF4RB8s6vW58gvo86BnjJpLq5-C25LeWdx1VNCCoK9NF3utd7rLHxJLcT5Au1UtZVRTMQ5i0lQeRRAZKzLVSztvgGM3IfywKoHsozWXqozTcQZkKZFYeQH2sNFwmxo89qC33Ieg_w6UogOCWf6R0QdHvf-i0wlSGX8PIxy2y_rD43mVH0SZtJWrc8thUd4NtlYRKZBvqv-CRVkZZ_JkRppEz-DsXj9L6osveNFTC04TbT5imZTPYlxPBFp67CP_9iRlTsmMz4wadhGe6iMsoYuHj9H66CZvxVRefiJbmYoMVBFQrWdQ8sPBxzLndfQeoOD7rLVcSFVV_hLlDE4PN7gN2x4gVq775Hxg-Bm9f27pVwf4wvf5ZPntbASqnMVA6tFITiPRMS3D-o8S1jhRAV5st6dsLtOoL1BKNNi74Kbb6CIuAWrntPMRI_kj4dTVon5vKKEp8d4mafFYU5d4zZi1MhYU9wyCjY36QSzajeH6u2Y8FunkKa71boF-6EcZoExnPDcq34hw73oPe-LPs0glN0UTYmPbCzIicff1aRCg_bFfrLV_hRiaxmcgn9FGAydGR8lvvG-765lpcGY-WwFUGyUvy-HIz2k3KR64tWYZBl6MUQnFaFs4RvKkRc-4JprdHI5XLSN3C-B0cDzzJNwVcKC4PP9Fy6Je5H1HeV6oadIaBFQuXyX2YApZSqYwUQSAaCxmucbrf6auAOhnawZ0p77S3XzDUKYucMQ9kS6U_KRTsn1CIjy1fnygB37lKgM7-rhTax7uxqLhbDrXnlogmTlP2xC2Wglvcbd-_YYr9vm_RgvWThamLrGBF95Ishb8SqwDg6bAldTimBc2rCBNQ0CA0XiSq4HXuf-ntw00e7rw2up8Tcc5Loz3C9Qd47-HIRD2rHUAJjwf_4yL56Y-xZrpFUAhE1QlLEkTR5paswDrg5w1LQns7yvZQSwmiDvn0P8Cqv3l82fubESppjvIB_FYi_NVVJ8gBRnLKnE64tSnWNCIe-X2jBUL9r1hbSrhGdELal3zPaQ6y4NZAX3jQm4PNZQlE58iZNJgsjTckiPj5y6xlt63QduiwzTomo7cXFLCHAZWaVKin-8m9inFWt4Udk1Ste5WSEN4g7VNut61zV5CJB_01MSS34LSJe9wXNUeuAMlB0ATCmjDIa29wrp3tDTtSDH3ondC9SGR0WIiUBUNsToHH5Xix_tH7wak7d5Ul9XzWBzT2CIA5pJLtQMlBBxOvRC5DZbGqo3_cL-vW83ozffoNsQfBAa4jQJe1E2cInBYOouI4l6YYlIaWpaWQVPo8KlrcH2vsJytmzXbI8hkSJgaxDHHGYwTdy0ApCaUQ1rDapfvGHhjneFAEkez8vyRlNSrC2JJzVI4gd3zPAjz6w5X74d3p8-irSbvWEuHTzL_QVqZwSwcf_CrR3KBKwaFhMCz3orcpsOaMhi-UYNdmp4e8F1jxc7QD0GelRu9Iph1wg7oFjOZiLbKBsIX4m_3VNeTuxNTPWa2zx8HssdXc74UyE5KQ6w23A7Iqc3iPJSNewJ9DeX4Oa3qzMjP2ifz9EyiNhJGwc9dg7kk3RiSXRlyEta5exa9x179vmVFCFWwJVzTRKihACJJz4ZOTPfLYuyM_HCcVr_dQ947YuJ_ri7Rhlr-4ygjHzHUEXC-7_QrU7LV56OtuxoS0D7Sa9VpM1bYHtkZBpOJb4BCcygr-k4Zc5G0PnFtVV9tnjcOqK58lna8x7DNxoZRt3FPXVffg11Zy9ArdQzHUvgI1-CHg9XiMrYXcXQYSZtHyo685LuiFOUwAf1L_hnrbsWPrZezHU5v0sdFhhEjAJa87HNNnFBECpM5m1kYhDdCpk4rEEnze-7UsQ9HGxCjQpHq4aqAlb4y5w_ITaLlu9i07aeLVmwMo4heADxYfkYNjrRZolwqtZR3RFrR-kUfl4dsHrtI0La7vUhtr2AeIRCp2xHU8VpNQV-DkmaWBtmltQQP9xnYoKMJyC_OzdDDKT6XMkHwS43txEuqiQvfIM726vP55-vW5IxjahqNPtXyyFdjOJlcAO0TrZn-DEXl0-k3COhEGT0ciltiVL8MpS2iWx13qovgJ8XmVOKDX9xvqqGcqpHVL_zQUXY3NeM6SFVHMIczrXCCiitQLnC85Cv_AawbS6eLD5gX1_kthRNTMTkvDNYuTInSF8lTIw9VAiLfv8wuoNBNTQowT2pfWjZQDnpDvkbXfJYa5phH8jcvqJ123BML7S6qIcS6x8aY-Je4dBfdIG7R2CrwDuJf_-rjpyUdPimJkLizgUicTwJ0yUQJ1482pYTaMRURbl5qOQMLWV5gAAiEp6281uvg7YZO89F_gFNVBKJWIYFcESf3xEuhm7nXxa5-rvhO8Xhoagm0ej-0nGQ0u2lljLFJOv-f-JDxMv19ubdtIp0mMsbcm68-4AXHYspcMYcjf9k4ICwx9IczhLb6AjSeUHr10mNANOO6mNZa90zIEY2iewxcgfboIaffezBon_OYpbrvW4VNJSKRpKxWPV7HBHObEZyAx5z3nhoJN8Yt8tt4aXZur2c6hr7rw3wBIJIkUgf7j1l39tWjJcDEodgsVU7pE--lOrB-YeiuYtt9ZrGvEBYO5gcDUKum2z7rgj6O2weKy_Q_iz7TJtXrDw7JmeB_tRZ-VxgvLkbpfJ5TXhuUVy2AiBcAtm0ocHTbV4Pc1p8GYdYFIC8OpNEE-1oahXzv4mOz_Wn0l3tQun_9VMqEmVB0-72LZPtT4qo5jqMbvBWDCg9spU6j3BlMHxrvIIQMu1VLiXH_qSeQBZNkfk9EZ97wLnN8JWktuP8AOAApZnnNIverB6UiAghfjweTVKEig9H3X5iKuuzDDlsk6YSPy0AJc-ORDiiEQFAZ9HDD1ygn9BHy9n1zwI47q7BjSs9feEOVrqLuG5cI2anGnGN7YxIToSAadZxBrdJPY-FYL58z1iZUWZUdVhXeTaiCodT5HOtNolrzyQ1rC1CUU9G8NWIOeonbmyO8iiD_nsrvZOcDR6j50vslyAZfHrOYAaUAsOeyN1reOs29K_dGmNFSpITOd8SYRl9DzUjEVztueLVw0si1XgPzZtk2x7ZuGK21UCnk1GeoW30U6YbB-B9hFOwcKrW46KCOnbUS9dVmjA1v9u2mvO9-POyB5DGB6t-al14r8KRSOe3Tr3G8GrgMaw9jeHX0p7nnOA&cid=CAASEuRoWAyDnNYvbaFInEKryBSKtg&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1285227b6621ab93e1bf41b92bce3a8cf1bab06c4a7ecc73d76883c4c548993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32411
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 4439 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:19 GMT
server-processing-duration-in-ticks
2427
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 0A51 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:20 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame E306 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Origin
https://mediawoot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame E306 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bw-HMYTiDXcnrkbFABdRpIXt2hSbuFetviyhtBivp4u5DFNF5OIKvqnae9KuQZRJGlKxwjCDE8KPyz9q68GLR5Rq7VwjKSvBQY294DpV676eoxSCMgTInguLVgqJ2JFbPZnnaOkbXr2jxgpsQuM1DO5JbJpw&cry=1&dbm_d=AKAmf-Coa2dqzhWuuGbZI6QSSsOlUDF1jUIyWxJ697tTHYVZNSowDLrr02wSpn7g-vetKk-dG7Bn2GXygcHuEEJfhjzmA8FSyjSRibm_eJV0ImTKxNbkxzyt6o8CgVbXLEs0vEPhk10_Ph5oka2Dn9qcPd8Tse1B-cn6zxISVVN0T5SYwz6zUU8PbEg--cTTrLq4ZeIdR-t3yeJKqC9PdA9MrhBeI97mC2od3euGuy83yRt7mAocr_ypibFV49NEDrplg8MnJGN3DevVt3ERrCAtj0iXjDsp43rMjuY8SAt76YQRCR8U4OyGJoguD-QrdAnfTC0_iwxZyd4Rf4E78N6x5BTXBZ40sODpXU1Cd3mvLaHj6SNYGzppxY5E4vZKlWrVgxhq35Z7EYUsjOAeExgufaboU39Tt5KkZNQlvQI06FCqBwbU5o6wroZbZPfFjKVX_5ErgihNDdRHYWK3DdoF5V-Hbp_yxKYeq1iP7QOIr4vQgn4JdZlq8NXSDpJCdisf1icQM6A56YfShKpL0SiKtCelGyoGjPyO0j16lnQCrk4MZXZhp_5q2viV4uUlozHmtd3jN63LklraBs6ryt_XNrzAFev_XR_Q5SQQygSgJIPW2hpnvANqYvN3cqlmwCGA6zA2mFMtIdb61egCCrR67SpRpMCnvQGoHYrluhTSuEUI78eAHVqK983e2wgfegcC23LwctZouVuBtyacOoZgzvGmV3RlDpSgqVwWlEr-osC6NLEOl7HB5QtxopKuRIyTk65HEDlEkbv-BDujsweEThhm0Qbvt2dWiNCzXwXD7Dh4DezIPkIS5lJPJetMuSB9njIazVz57PzeIbs8sUsDQrk2Uy-C6oz6QlOzMAzHU3_F9gvmuamzJb5JyO3Ca7o-rs1jMai2wQAStwKU0Kakr7uyf1hudduBcZZ3qaY00tEe19Wz3u13A-h3B9sY4keETBqXC07ytz4qqn2_R0y7IFB5557OFI1DGlpkkfGWmI7gZUZjdqpWshs5KoU1KBpkVfDKMhSMTjMEH3nkAKXxVGTVpX959vOFnNLwU9tpZGYBQy7BdE8QBe3VMdAjrlWVH2D7cztMAR5HIcUNRFCtU_NYUIi663MWgB2Cpg_7fqQ_0oPbqbi_SyFjcMXMfiNQpHljluuRfYosqRDNHkQ_e5gYVZtgcAG3pyUj8ytumtOeZNqtkeM2kUz5AZlPkGUUFw-9WX4LAuKFR424MiDnKD9F_cEJDFMVzdO71FT8oIobwxzBqwm-3eZo3TJk8Lr8vkjNVorNUP7EePiHvlCjR4tLrKu1FFZ0zySUcyvSax41xXrmAgew3bStv0tFofd8zX-2zxLfdfaRr3MGyOPjIa5HvNub6S4y3WTtrvbUx815N5U06cMB9k5DjC07XFu7Pf7u7Vi9eXoqgRv5Ph93lsfu4-TU53trqDzbfKQSH-oRBVKz7hWww-Rxq9fLqu1Mpv1TDKo4cOzEqXz2p9fji2IfjYZcugKbxyO-UDea71fJERMEBH1K1wz2UX_eg2HKqm0ItXXIpRIRRhRBYzUMzd28ubbMaXTE9dnYFnWrPJgt5Jyiul0gNf6PD_F5RbU_3zzIMSplKLpaM3bu9HoXJMV5XxSmNFigOGcZGjezgSnyGEAi7z8-fL7EpD6FC6Uo7buO0OXdQQGm3ViZQCB6tow5d7kUaZpjFAbAUdijHohLCQ1bgQjdRV4jP9uWf0LEQacALfxPFm-2A7WZRdaduFE-yk1zLqjJg2B2rXlTylAlPqj5RFFkFwslXJXjESRoTfj4P1TYuT0n7lt3rDWp00x1mNLV1NsSjg-3b5qJwly7lW9MWI4fhJPy3fgNtEPX11nlbviPu1mUrsfLRBF2oj4c5MOb7rxRGbWvyRnYlTil0Z4_SvkjtgkLYPOE81XC2ACQPIHuEZHPbEtDXlF9LXS-rFg7M0h4DdgW8L_e6pST9_AN9nit_0YN3Pr7vOg1N5wq3qKXMZr-URKuH1_8AgBqCA8mef_CkdOnZl7E7gqvX1LrQSNYZb1lNmUEg6On9AeF89vgYgG50imUTMiVwsiHI-Oi8VBkRtqDtrnGIltjiDz_y8U5wnBQ5FOhTJLg3YojCBfDIsmhUjlKAonxsBrrOVRYcDQvaZsMrS2zxNBPBTPCT5UGmXL__2yZUMhatqVRhilAyYHVjoug0mgUdAftsQRcJdo6Pp3xkuIdTZSKftdr9nGmCr7_6kLFQR6urocnggOHNLL8OnER6bUqS9E9PhTA9Z-OZM6CXxcpIAxKAVH21DktaFViRddLBtt-fEZyUep-L5nZCLrvgwFKPGw6l_Y-KvoTAHSMztGqrLKb4gnyBfRHteJZycAlcQDq1FypWE-kG3nlGyxX27zLQeAffibQKw7x6rAN0x06tEYqnoVAaoFDND1fI6WX_qfcss20mUbr5bJJFEju_EafTIktfhv9Kdy9JENmL9M7GclLX7fwGirspqdYSOpvhABX6Rb4MSv0j6ouFvy5o7BrEsd008mxJG6dY5ySLZz9I2Erd7vJJqQ0z92rQYgmopovL00HuN5EV1Xrn74PsqesxIYKSVQKyilkuciqCCnTnVDaB-BarYl_Be52Adsw9FA-1hgjMMq0qpsg-t8OHv3BOX9o4yZkadQpQhvCQlGTBcDVxFSPdo13e6JHZwezjb0hpVW9mVp0m4UtmXkIFoKRZn66zp3YYJQ9h9EdOdywzdpRfZJLwPK--WNYAztTxeoJ_cbrRaxo33QAvhzQ5OCUrLOoa8751tZCThf5YmgLY6C3S9Wj6U4JLNkOJXo0VZzxkD0RB-pNqKAV_3AEhJzWUOAs5V64ZfkiezPsaRhFHUeTOloe_Oihcyl6LwOAhjGHoz-GfwMGLygWDiggU6Ivqbb2Klq_Q5lbpKcVW0RWx-rYVP9kspr1rDuUM1209Fi-fqS4ys5EH9gbUOBZif9YRvq3q-dxz1M77UFz-Coi27QpCm-aBcpd4N8wWlX1OsVTERaWyIcp30FudEGobmHPslcNWzkQMDrT0m6OgN5IViV0780suYBY5tbxZH9jVxDBzBqpO8OSv26V5FXJLlX_Q1y5Pz3TLKyU5wLQzJFNuGxpMwNQAMfmnEnTDB5BPPD4Fe_NFbxZUW4ab1yfGe5rh7c0_7KKPVkQYTIVrMuQYY7689lH4uLHofVf52U2J1-IzjswmaFWwpROgoaRpD9vE0vWT1tPiQh3hSEWtqju9nbUHeSHjENh7u13qr4sswF62PkMDDU2L47xoQYu8aW-riEYIDDZGl5r6-O70PiCwn7hKzQjnPdRmroQonbkLIkaLNYfx7U_nrfD1-ez9sqHrQeJPL-qACeBNXYXtsFYEPufCI1zDnmbEBlxe5a5rGjXYKYrAcVTnlIPgTkkP4hZB6MHsc4xnWS2J4rQGnhJFoshLMEPAzudBYXIhmYQT5auczrFxatvcFuUGP1adC7ovlc7nOb-uc2GNnc0_NStHrOi5otKcnoS6BOPj3DfnbR1ZsS9GUv_G3x1yoRYwxSpDz1rgMfgMKlGBJ1rlukxjk7ceKn5h1PqK87lKPmVr9GTMgvT9BK1&cid=CAASEuRoGqiKeWCVtNNiCcGoyI90hw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:42:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame E306 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bw-HMYTiDXcnrkbFABdRpIXt2hSbuFetviyhtBivp4u5DFNF5OIKvqnae9KuQZRJGlKxwjCDE8KPyz9q68GLR5Rq7VwjKSvBQY294DpV676eoxSCMgTInguLVgqJ2JFbPZnnaOkbXr2jxgpsQuM1DO5JbJpw&cry=1&dbm_d=AKAmf-Coa2dqzhWuuGbZI6QSSsOlUDF1jUIyWxJ697tTHYVZNSowDLrr02wSpn7g-vetKk-dG7Bn2GXygcHuEEJfhjzmA8FSyjSRibm_eJV0ImTKxNbkxzyt6o8CgVbXLEs0vEPhk10_Ph5oka2Dn9qcPd8Tse1B-cn6zxISVVN0T5SYwz6zUU8PbEg--cTTrLq4ZeIdR-t3yeJKqC9PdA9MrhBeI97mC2od3euGuy83yRt7mAocr_ypibFV49NEDrplg8MnJGN3DevVt3ERrCAtj0iXjDsp43rMjuY8SAt76YQRCR8U4OyGJoguD-QrdAnfTC0_iwxZyd4Rf4E78N6x5BTXBZ40sODpXU1Cd3mvLaHj6SNYGzppxY5E4vZKlWrVgxhq35Z7EYUsjOAeExgufaboU39Tt5KkZNQlvQI06FCqBwbU5o6wroZbZPfFjKVX_5ErgihNDdRHYWK3DdoF5V-Hbp_yxKYeq1iP7QOIr4vQgn4JdZlq8NXSDpJCdisf1icQM6A56YfShKpL0SiKtCelGyoGjPyO0j16lnQCrk4MZXZhp_5q2viV4uUlozHmtd3jN63LklraBs6ryt_XNrzAFev_XR_Q5SQQygSgJIPW2hpnvANqYvN3cqlmwCGA6zA2mFMtIdb61egCCrR67SpRpMCnvQGoHYrluhTSuEUI78eAHVqK983e2wgfegcC23LwctZouVuBtyacOoZgzvGmV3RlDpSgqVwWlEr-osC6NLEOl7HB5QtxopKuRIyTk65HEDlEkbv-BDujsweEThhm0Qbvt2dWiNCzXwXD7Dh4DezIPkIS5lJPJetMuSB9njIazVz57PzeIbs8sUsDQrk2Uy-C6oz6QlOzMAzHU3_F9gvmuamzJb5JyO3Ca7o-rs1jMai2wQAStwKU0Kakr7uyf1hudduBcZZ3qaY00tEe19Wz3u13A-h3B9sY4keETBqXC07ytz4qqn2_R0y7IFB5557OFI1DGlpkkfGWmI7gZUZjdqpWshs5KoU1KBpkVfDKMhSMTjMEH3nkAKXxVGTVpX959vOFnNLwU9tpZGYBQy7BdE8QBe3VMdAjrlWVH2D7cztMAR5HIcUNRFCtU_NYUIi663MWgB2Cpg_7fqQ_0oPbqbi_SyFjcMXMfiNQpHljluuRfYosqRDNHkQ_e5gYVZtgcAG3pyUj8ytumtOeZNqtkeM2kUz5AZlPkGUUFw-9WX4LAuKFR424MiDnKD9F_cEJDFMVzdO71FT8oIobwxzBqwm-3eZo3TJk8Lr8vkjNVorNUP7EePiHvlCjR4tLrKu1FFZ0zySUcyvSax41xXrmAgew3bStv0tFofd8zX-2zxLfdfaRr3MGyOPjIa5HvNub6S4y3WTtrvbUx815N5U06cMB9k5DjC07XFu7Pf7u7Vi9eXoqgRv5Ph93lsfu4-TU53trqDzbfKQSH-oRBVKz7hWww-Rxq9fLqu1Mpv1TDKo4cOzEqXz2p9fji2IfjYZcugKbxyO-UDea71fJERMEBH1K1wz2UX_eg2HKqm0ItXXIpRIRRhRBYzUMzd28ubbMaXTE9dnYFnWrPJgt5Jyiul0gNf6PD_F5RbU_3zzIMSplKLpaM3bu9HoXJMV5XxSmNFigOGcZGjezgSnyGEAi7z8-fL7EpD6FC6Uo7buO0OXdQQGm3ViZQCB6tow5d7kUaZpjFAbAUdijHohLCQ1bgQjdRV4jP9uWf0LEQacALfxPFm-2A7WZRdaduFE-yk1zLqjJg2B2rXlTylAlPqj5RFFkFwslXJXjESRoTfj4P1TYuT0n7lt3rDWp00x1mNLV1NsSjg-3b5qJwly7lW9MWI4fhJPy3fgNtEPX11nlbviPu1mUrsfLRBF2oj4c5MOb7rxRGbWvyRnYlTil0Z4_SvkjtgkLYPOE81XC2ACQPIHuEZHPbEtDXlF9LXS-rFg7M0h4DdgW8L_e6pST9_AN9nit_0YN3Pr7vOg1N5wq3qKXMZr-URKuH1_8AgBqCA8mef_CkdOnZl7E7gqvX1LrQSNYZb1lNmUEg6On9AeF89vgYgG50imUTMiVwsiHI-Oi8VBkRtqDtrnGIltjiDz_y8U5wnBQ5FOhTJLg3YojCBfDIsmhUjlKAonxsBrrOVRYcDQvaZsMrS2zxNBPBTPCT5UGmXL__2yZUMhatqVRhilAyYHVjoug0mgUdAftsQRcJdo6Pp3xkuIdTZSKftdr9nGmCr7_6kLFQR6urocnggOHNLL8OnER6bUqS9E9PhTA9Z-OZM6CXxcpIAxKAVH21DktaFViRddLBtt-fEZyUep-L5nZCLrvgwFKPGw6l_Y-KvoTAHSMztGqrLKb4gnyBfRHteJZycAlcQDq1FypWE-kG3nlGyxX27zLQeAffibQKw7x6rAN0x06tEYqnoVAaoFDND1fI6WX_qfcss20mUbr5bJJFEju_EafTIktfhv9Kdy9JENmL9M7GclLX7fwGirspqdYSOpvhABX6Rb4MSv0j6ouFvy5o7BrEsd008mxJG6dY5ySLZz9I2Erd7vJJqQ0z92rQYgmopovL00HuN5EV1Xrn74PsqesxIYKSVQKyilkuciqCCnTnVDaB-BarYl_Be52Adsw9FA-1hgjMMq0qpsg-t8OHv3BOX9o4yZkadQpQhvCQlGTBcDVxFSPdo13e6JHZwezjb0hpVW9mVp0m4UtmXkIFoKRZn66zp3YYJQ9h9EdOdywzdpRfZJLwPK--WNYAztTxeoJ_cbrRaxo33QAvhzQ5OCUrLOoa8751tZCThf5YmgLY6C3S9Wj6U4JLNkOJXo0VZzxkD0RB-pNqKAV_3AEhJzWUOAs5V64ZfkiezPsaRhFHUeTOloe_Oihcyl6LwOAhjGHoz-GfwMGLygWDiggU6Ivqbb2Klq_Q5lbpKcVW0RWx-rYVP9kspr1rDuUM1209Fi-fqS4ys5EH9gbUOBZif9YRvq3q-dxz1M77UFz-Coi27QpCm-aBcpd4N8wWlX1OsVTERaWyIcp30FudEGobmHPslcNWzkQMDrT0m6OgN5IViV0780suYBY5tbxZH9jVxDBzBqpO8OSv26V5FXJLlX_Q1y5Pz3TLKyU5wLQzJFNuGxpMwNQAMfmnEnTDB5BPPD4Fe_NFbxZUW4ab1yfGe5rh7c0_7KKPVkQYTIVrMuQYY7689lH4uLHofVf52U2J1-IzjswmaFWwpROgoaRpD9vE0vWT1tPiQh3hSEWtqju9nbUHeSHjENh7u13qr4sswF62PkMDDU2L47xoQYu8aW-riEYIDDZGl5r6-O70PiCwn7hKzQjnPdRmroQonbkLIkaLNYfx7U_nrfD1-ez9sqHrQeJPL-qACeBNXYXtsFYEPufCI1zDnmbEBlxe5a5rGjXYKYrAcVTnlIPgTkkP4hZB6MHsc4xnWS2J4rQGnhJFoshLMEPAzudBYXIhmYQT5auczrFxatvcFuUGP1adC7ovlc7nOb-uc2GNnc0_NStHrOi5otKcnoS6BOPj3DfnbR1ZsS9GUv_G3x1yoRYwxSpDz1rgMfgMKlGBJ1rlukxjk7ceKn5h1PqK87lKPmVr9GTMgvT9BK1&cid=CAASEuRoGqiKeWCVtNNiCcGoyI90hw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:46 GMT
xuid
eb2.3lift.com/ Frame 8F5E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGqJUOa2m-7I813jrrxRacc&dongle=c627&google_cver=1
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGqJUOa2m-7I813jrrxRacc&dongle=c627&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNUB9_cj440aQolY8R8vkO3RHwbBbCmLj_CyL5m84-RwK9ShdwzSfBvYNzVpqePPeC395xgSzisNzNCRo_c078FxXPs9SGkcYmq_1TyBfNG4wuED7EKxShK6ierY5sWqY-8P5iqJs1hoB_feT9prrLAXFcUK0XMbjUmGDRTD7A76ZjuHe31MdEre6OIhLPpolN6ex7-S_6t99uI0tQj6c7CPagxytsAv9dfxHuLsOPTReJm45Fg
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGqJUOa2m-7I813jrrxRacc&dongle=c627&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
303
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8F5E
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc5MDY5Njg5MDg1Mzc3NTQ2ODYzNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc5MDY5Njg5MDg1Mzc3NTQ2ODYzNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNUB9_cj440aQolY8R8vkO3RHwbBbCmLj_CyL5m84-RwK9ShdwzSfBvYNzVpqePPeC395xgSzisNzNCRo_c078FxXPs9SGkcYmq_1TyBfNG4wuED7EKxShK6ierY5sWqY-8P5iqJs1hoB_feT9prrLAXFcUK0XMbjUmGDRTD7A76ZjuHe31MdEre6OIhLPpolN6ex7-S_6t99uI0tQj6c7CPagxytsAv9dfxHuLsOPTReJm45Fg
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc5MDY5Njg5MDg1Mzc3NTQ2ODYzNg%3D%3D
date
Tue, 17 May 2022 15:45:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
pixel.advertising.com/ups/57304/ Frame 8F5E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEEQwifTi-Ge8E79osgrOysY&_origin=1&google_cver=1
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/57304/sync?uid=CAESEEQwifTi-Ge8E79osgrOysY&_origin=1&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNUB9_cj440aQolY8R8vkO3RHwbBbCmLj_CyL5m84-RwK9ShdwzSfBvYNzVpqePPeC395xgSzisNzNCRo_c078FxXPs9SGkcYmq_1TyBfNG4wuED7EKxShK6ierY5sWqY-8P5iqJs1hoB_feT9prrLAXFcUK0XMbjUmGDRTD7A76ZjuHe31MdEre6OIhLPpolN6ex7-S_6t99uI0tQj6c7CPagxytsAv9dfxHuLsOPTReJm45Fg
Protocol
H2
Server
52.59.71.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-71-183.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.advertising.com/ups/57304/sync?uid=CAESEEQwifTi-Ge8E79osgrOysY&_origin=1&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pixel.advertising.com/ups/57304/ Frame 8F5E 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/57304/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNUB9_cj440aQolY8R8vkO3RHwbBbCmLj_CyL5m84-RwK9ShdwzSfBvYNzVpqePPeC395xgSzisNzNCRo_c078FxXPs9SGkcYmq_1TyBfNG4wuED7EKxShK6ierY5sWqY-8P5iqJs1hoB_feT9prrLAXFcUK0XMbjUmGDRTD7A76ZjuHe31MdEre6OIhLPpolN6ex7-S_6t99uI0tQj6c7CPagxytsAv9dfxHuLsOPTReJm45Fg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.71.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-71-183.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
2981
tags.bluekai.com/site/ Frame 3725
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEFU71fXBkNGWfll4lDRAn4k&google_cver=1
62 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEFU71fXBkNGWfll4lDRAn4k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNVImkWz83Mabegy1SR06g2uUPRCRjvLugWF911QaOTKQwPIvVHHbxc022diAGML8eVp76LtxqNXNHqaGiINhgsS3-Nnn7EA6KnFsdgt-oyLUN9M7pn70jCmoFj_rw3sJwkAJoNf_fryDn4i5M5R-fbqjIUzPWVoIRqiuCWlHCAfYKuGSc8337z03FsXNg4etAADS_ZQ1e_tM_TPA_F38-UOXy9SaIyKq0EkqcAZV-_xB9MSTfY
Protocol
HTTP/1.1
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:20 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
2a03
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEFU71fXBkNGWfll4lDRAn4k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3725
Redirect Chain
  • https://tags.bluekai.com/site/2981?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbluekai%26google_hm%3D%24_BK_UUID_B64
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_hm=NFNNdG54OTk5OVlOMC9CaQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_hm=NFNNdG54OTk5OVlOMC9CaQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNVImkWz83Mabegy1SR06g2uUPRCRjvLugWF911QaOTKQwPIvVHHbxc022diAGML8eVp76LtxqNXNHqaGiINhgsS3-Nnn7EA6KnFsdgt-oyLUN9M7pn70jCmoFj_rw3sJwkAJoNf_fryDn4i5M5R-fbqjIUzPWVoIRqiuCWlHCAfYKuGSc8337z03FsXNg4etAADS_ZQ1e_tM_TPA_F38-UOXy9SaIyKq0EkqcAZV-_xB9MSTfY
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_hm=NFNNdG54OTk5OVlOMC9CaQ%3D%3D
Date
Tue, 17 May 2022 15:45:20 GMT
Connection
keep-alive
Content-Length
0
BK-Server
2419
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
generic
match.adsrvr.org/track/cmf/ Frame 3725
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENVvHjSZYY70M3Y8l06N0eA&google_cver=1
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=b4df9751d4b590841b13c7f9c09139e&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0fb2_7098731915447990598&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNVImkWz83Mabegy1SR06g2uUPRCRjvLugWF911QaOTKQwPIvVHHbxc022diAGML8eVp76LtxqNXNHqaGiINhgsS3-Nnn7EA6KnFsdgt-oyLUN9M7pn70jCmoFj_rw3sJwkAJoNf_fryDn4i5M5R-fbqjIUzPWVoIRqiuCWlHCAfYKuGSc8337z03FsXNg4etAADS_ZQ1e_tM_TPA_F38-UOXy9SaIyKq0EkqcAZV-_xB9MSTfY
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1652802321337019-576
Expires
Tue, 17 May 2022 15:45:21 GMT
pixel
cm.g.doubleclick.net/ Frame 3725
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YjRkZjk3NTFkNGI1OTA4NDFiMTNjN2Y5YzA5MTM5ZQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YjRkZjk3NTFkNGI1OTA4NDFiMTNjN2Y5YzA5MTM5ZQ==&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNVImkWz83Mabegy1SR06g2uUPRCRjvLugWF911QaOTKQwPIvVHHbxc022diAGML8eVp76LtxqNXNHqaGiINhgsS3-Nnn7EA6KnFsdgt-oyLUN9M7pn70jCmoFj_rw3sJwkAJoNf_fryDn4i5M5R-fbqjIUzPWVoIRqiuCWlHCAfYKuGSc8337z03FsXNg4etAADS_ZQ1e_tM_TPA_F38-UOXy9SaIyKq0EkqcAZV-_xB9MSTfY
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YjRkZjk3NTFkNGI1OTA4NDFiMTNjN2Y5YzA5MTM5ZQ==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1652802320719008-546
Expires
Tue, 17 May 2022 15:45:20 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 1518 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Origin
https://mediawoot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 1518 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgzRhgxzFszMsMkiB2GtgvHY9h-3RdDvc525mkb6lpwZTLvpNOf-wPTH5ttXrry_sxb74bDa3iFY0V6Mfr0u988FNsHVc89kBvfRGVHPhA59jw8cbL5EUYFGB_ZonX40pOXJPgGLDaWxKeC_CKDcCwVADi1w&cry=1&dbm_d=AKAmf-Dc04W6mkgHMXv73qgcUvfqxAMXcP1DgEK9OgOh9JZKPtEJJmY-35WFtqIR6RmFjBVDp4H7yX7mhbOvt1LDIMaZJq8le62PUzK6oo1AnJPkW5FvDnQqaRVetZVg_Thuobfa4KlWqk6IL1f7GdsDtMmIBRCYXDXSl_CDIrhWXhV7G2mhaVXejKfTpN9RXQqJZBAlikgrrIhpvwQ9QiqsR0C1vHaE3M65_whwyxq5PlD3PPw52ZCbQrG8GzjjnINIQ9vNxKc9B0yzFyp0JDGs2FUL3bBWfijJKcpVOOihI6RRlc73QDPC_sKLLMa-iZ_QZkGyiVwAMX0yK7PdQCP1hi44REGLMs_xZHepj5mZ6Z_A9dfNbuaBOv0lVtndJaBkUcDrlTowmI9X_8PNctaXryvWSzx8-wPfoQkiHuFihv6C_-VRYyOnGi7_k3nDzdPCPqBAlurwIiTZTeL5xd8iTZRZ6sOavDOURtiN-9NhVkSyxrKSg8SPJvCMsrMzaPYF_mvwgixv0epFCy9FhJUyoimZaMKfWBqCRsvExr_hkXFGw3-idsQSzpD-DYzbUDkzZcYX0p7-BkX9o018YWIUHYieVQ5Rtbp6K1W6VkiH0c-Hc5eawtyD7147ezs_xcFczr5UlBVNKk7PEAtMBFJerEJbSNSdocJ4d5-p8oiqszwyirlrTGaXmyPiL55RnvHex5NbcvCa_V703E4sGMuftcBuSI3eWRyFl6GNvEQraCuqpWH9IabZowOt53lY6zx5JpwgQCD-1lKAe_yxtyRNSjwrWtEAD96-i7lNDUu66AswVWbSF522aFKe9AFNeG5rLFSdZYellScHLQhHvY-WVvFBeCCsZJH_v9nRR7kdXeocWiEDVzHmr2lyoCf9tmpJr5uBbgiGf5rCiXHSeACWc2fXJbDHOZnhdqu3aG2lLkPmg0qrL17slN9AFBmPqg3OR6BDoHaAiX4J_DyNle8lQACKYHwJdWzliaehzEqMooC6sVXV_OT-zKhNiuDrUTPKTp1CjLYPqFjdP1zYdLppD9t-CHvOWe3wGY7aDTTD5Is_G6mTrXImpfNj-l3n1M01Hwe3Wy-KMzHznrXdj7GRrI7zah72G3DCYcQh8t2bnCqz89xUDgfpZ61kJxyAVAksJPYKTtWw8Q8pUOh3JvM10bvixgK7nwMkmr-inwjlax-QTiO0adR6v3KGg4oBZ7oNoahlfncsUPtseB3rLFBF-12jAgK2C_VSehKCjQPCB3sT7ZwvgmyoXssDaEWSf1muSTVewSuU3pMbdGmo6rEpPXH1crS0flCXtgqzu0NmswUrHNbT2iTZapni9I0ejrrp74RiIKgGN21erIompf12oiMXqQ0CGLbO_r3fW_sOOa3EERa83ojvSDACY30JCGy7zg5zyS0POIDWf3rhtWoaVdFBBUTBtf1UqEMth3-V3lKtmpbfQlrCpalqRjCNSWyaf5xcsrZga2sMborADt2zJ98QcLxI9AIHD4zGnL49VS9tcKW0xgR7BNZEwlxJY4bJMw5D2KSxjJxXci0lsWQ0TJqujc9GgV6Ku3KQwpPVbDG_r6i_eK0w1_j8FfIE-YLrSA3JewNDHIhLSnQJoFT2ypCPTbn05O7Z5thPFnI2LK_P0bOiHjvL-4FsMg6-VYdSiokG-Ij6FD1ObWjpy9K-6f2_2jvz-pYc8MtTxjebsDSFlB7QBqvML4mlyUuhOYT2pI1DAtSg1oOGKjcnKb27rz44h17aDB2k4CTWrGA4Fw4GdN3XoSgR7qJyhfOD1sLYEdB88UBXZFnOw1UCdywOCgHZH_Y18kQQfIDI9ZROOkvRwDTlvcwu5yUB-D5uiYIpRB1WQBlJvqALSh6mREXzkqDE45i23KBmIv5dGz9PgxHh2evK5KSlK7qPrx0dwMV9bGTozkNzLbjpSTAJLos4UgX3sectlqIhA7H9JfLuCymh81QqyXJIO1v_kbnfBkwPeAbCbR_yGfPGeaEdsT1vOJh8TVhENr28OA-NvOil8sgRsYteE5UgbVjQZ-XtwagWt3S8TCF07J9x3USvuB8p_ZETRMpXzHk8vjMEh5N2QXJwxL1MJEM7ILkxyMFnXcTqLX4HCeqpouZM9x1z1xgKPwXM5wGnhQbwR7SMhKRIlqZSKXnHnbBrjShO3H26icYRmhl6COdjz7WZTXTZL2GlX-ecjAIkyG2OBjq1hB3hXTeNsmFBD-5H4JbQGSK5Jg7yJ6U6z7oNX2UkpxiQj-5p2Gl4Q4829Cnub486apA_eT1JcG2BoX-3_JtelezEzmddVgGv9c9a3Rs5w2saPR8jwrGn6Vu1Xb2fqgZ5yldW9KOmsiIy9DsoXdnwfPurziCz7m8uo792IHRbt5n9Sa9QXaqgezPhpizDH5RsDdsgfLt9b4_59wuqNM1urt2vR8WCc4S1-iaCJoGk98vpBdt-sCJn8ovU-hlPvUR4tRNF8Yj3hct6ryIY5sSv2ZW8s1nCgucFy09MAlI9OXKHvzvCvfUT6b6l48SBdwbmlKNVVctqY-DFCMAagsiclyEqDjV57asxcyWSr9ZFKcjx-uV3_8_IcDN2uOBeYnlApLRCVIXtxaTKs50Gz80P5EcFO9xDsXDnj9GmGCHVQXIMro9B7ncHzKEypycBO4NQKuTc7PT2at5JaIDvuBCc7Ii02m3fRk2b3ggQvjWwTlgm6fWXLdqshJ9fLM1o0GVoDjI8pD_fZ5dBWafG61WiogL5g0xKU4Ea1sGRqUy9AkGunOOLtesPT4HQVSnNnhKCbUD4q4YVlR5MWkf6Jdt4CIJ9dNpPyopCU9HG06XtMM-odg4Kt_LJBf_7uf0BZEZc-Uc6z6MNr1JsItIHOn26q9_FtlCGnQumGe_0zkxaQ2BE939x6CEs-kTL6L22OIXsHP6ALDCgrENrejKfWA28KnaU2tmhzkCR6quw9Q2KDvOXjxfyoDTie9bdYl3JX_MvnOYj6E-DJ1tzpF-9gVYikRbcZlQvp1rgLJ-jsbfq68ACiDev4Js1mu_RcldvlHFWghF0tUomR0zvDX2FPsN3Z_OYaEsmSv7uiTqGQcfh8WbcqGjmm28XGQzGJtkoF3Nm4ak0rR1vmniLifs3apn7OFIrwwSNZjQLUrGPF8vHDItsAC-1jWBaKbm10vvcKjFP5UUfHXn2QTs42GWo30Prk02j4r4bH271JAXqPPlP5BhgPPeez-rNIc-98vng5V22_m6isJG3L06a81yK3yfDS772S9fO0Mgm7sDPH32HHJaANh5nwQnBqdzPbtC0IvEd1gzJtU5NfIbeGnA-YhvguV4R6kvCzsOoj1UXScERUaJI522bpkMOEMPV9qFR7pjF-I5RKgkeahQCj5NmtNWNzbpe-VyEZXpvfGclOflVV-A4hL9gMdkN_AXehq9bL8f9FSLrWJDZnRE0zvekw-QHvSzwE0X88R0GZeS8X2W0jAh9NTy_kl0Fjhb-xzg897SeSy8BhhYeVFxGlICzuXoQQlaiJKJAHDagqnULqgrSKi7PXEgHMEz13V6zhS6zU0FdP77LTZvhHMoH3-3p0nbRjSXIAhC0qJpBgigSLd-9WS8DNfTWkXtDXaNLeA&cid=CAASEuRo-9F38PhU8jcB44w0KjElbA&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:42:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 1518 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgzRhgxzFszMsMkiB2GtgvHY9h-3RdDvc525mkb6lpwZTLvpNOf-wPTH5ttXrry_sxb74bDa3iFY0V6Mfr0u988FNsHVc89kBvfRGVHPhA59jw8cbL5EUYFGB_ZonX40pOXJPgGLDaWxKeC_CKDcCwVADi1w&cry=1&dbm_d=AKAmf-Dc04W6mkgHMXv73qgcUvfqxAMXcP1DgEK9OgOh9JZKPtEJJmY-35WFtqIR6RmFjBVDp4H7yX7mhbOvt1LDIMaZJq8le62PUzK6oo1AnJPkW5FvDnQqaRVetZVg_Thuobfa4KlWqk6IL1f7GdsDtMmIBRCYXDXSl_CDIrhWXhV7G2mhaVXejKfTpN9RXQqJZBAlikgrrIhpvwQ9QiqsR0C1vHaE3M65_whwyxq5PlD3PPw52ZCbQrG8GzjjnINIQ9vNxKc9B0yzFyp0JDGs2FUL3bBWfijJKcpVOOihI6RRlc73QDPC_sKLLMa-iZ_QZkGyiVwAMX0yK7PdQCP1hi44REGLMs_xZHepj5mZ6Z_A9dfNbuaBOv0lVtndJaBkUcDrlTowmI9X_8PNctaXryvWSzx8-wPfoQkiHuFihv6C_-VRYyOnGi7_k3nDzdPCPqBAlurwIiTZTeL5xd8iTZRZ6sOavDOURtiN-9NhVkSyxrKSg8SPJvCMsrMzaPYF_mvwgixv0epFCy9FhJUyoimZaMKfWBqCRsvExr_hkXFGw3-idsQSzpD-DYzbUDkzZcYX0p7-BkX9o018YWIUHYieVQ5Rtbp6K1W6VkiH0c-Hc5eawtyD7147ezs_xcFczr5UlBVNKk7PEAtMBFJerEJbSNSdocJ4d5-p8oiqszwyirlrTGaXmyPiL55RnvHex5NbcvCa_V703E4sGMuftcBuSI3eWRyFl6GNvEQraCuqpWH9IabZowOt53lY6zx5JpwgQCD-1lKAe_yxtyRNSjwrWtEAD96-i7lNDUu66AswVWbSF522aFKe9AFNeG5rLFSdZYellScHLQhHvY-WVvFBeCCsZJH_v9nRR7kdXeocWiEDVzHmr2lyoCf9tmpJr5uBbgiGf5rCiXHSeACWc2fXJbDHOZnhdqu3aG2lLkPmg0qrL17slN9AFBmPqg3OR6BDoHaAiX4J_DyNle8lQACKYHwJdWzliaehzEqMooC6sVXV_OT-zKhNiuDrUTPKTp1CjLYPqFjdP1zYdLppD9t-CHvOWe3wGY7aDTTD5Is_G6mTrXImpfNj-l3n1M01Hwe3Wy-KMzHznrXdj7GRrI7zah72G3DCYcQh8t2bnCqz89xUDgfpZ61kJxyAVAksJPYKTtWw8Q8pUOh3JvM10bvixgK7nwMkmr-inwjlax-QTiO0adR6v3KGg4oBZ7oNoahlfncsUPtseB3rLFBF-12jAgK2C_VSehKCjQPCB3sT7ZwvgmyoXssDaEWSf1muSTVewSuU3pMbdGmo6rEpPXH1crS0flCXtgqzu0NmswUrHNbT2iTZapni9I0ejrrp74RiIKgGN21erIompf12oiMXqQ0CGLbO_r3fW_sOOa3EERa83ojvSDACY30JCGy7zg5zyS0POIDWf3rhtWoaVdFBBUTBtf1UqEMth3-V3lKtmpbfQlrCpalqRjCNSWyaf5xcsrZga2sMborADt2zJ98QcLxI9AIHD4zGnL49VS9tcKW0xgR7BNZEwlxJY4bJMw5D2KSxjJxXci0lsWQ0TJqujc9GgV6Ku3KQwpPVbDG_r6i_eK0w1_j8FfIE-YLrSA3JewNDHIhLSnQJoFT2ypCPTbn05O7Z5thPFnI2LK_P0bOiHjvL-4FsMg6-VYdSiokG-Ij6FD1ObWjpy9K-6f2_2jvz-pYc8MtTxjebsDSFlB7QBqvML4mlyUuhOYT2pI1DAtSg1oOGKjcnKb27rz44h17aDB2k4CTWrGA4Fw4GdN3XoSgR7qJyhfOD1sLYEdB88UBXZFnOw1UCdywOCgHZH_Y18kQQfIDI9ZROOkvRwDTlvcwu5yUB-D5uiYIpRB1WQBlJvqALSh6mREXzkqDE45i23KBmIv5dGz9PgxHh2evK5KSlK7qPrx0dwMV9bGTozkNzLbjpSTAJLos4UgX3sectlqIhA7H9JfLuCymh81QqyXJIO1v_kbnfBkwPeAbCbR_yGfPGeaEdsT1vOJh8TVhENr28OA-NvOil8sgRsYteE5UgbVjQZ-XtwagWt3S8TCF07J9x3USvuB8p_ZETRMpXzHk8vjMEh5N2QXJwxL1MJEM7ILkxyMFnXcTqLX4HCeqpouZM9x1z1xgKPwXM5wGnhQbwR7SMhKRIlqZSKXnHnbBrjShO3H26icYRmhl6COdjz7WZTXTZL2GlX-ecjAIkyG2OBjq1hB3hXTeNsmFBD-5H4JbQGSK5Jg7yJ6U6z7oNX2UkpxiQj-5p2Gl4Q4829Cnub486apA_eT1JcG2BoX-3_JtelezEzmddVgGv9c9a3Rs5w2saPR8jwrGn6Vu1Xb2fqgZ5yldW9KOmsiIy9DsoXdnwfPurziCz7m8uo792IHRbt5n9Sa9QXaqgezPhpizDH5RsDdsgfLt9b4_59wuqNM1urt2vR8WCc4S1-iaCJoGk98vpBdt-sCJn8ovU-hlPvUR4tRNF8Yj3hct6ryIY5sSv2ZW8s1nCgucFy09MAlI9OXKHvzvCvfUT6b6l48SBdwbmlKNVVctqY-DFCMAagsiclyEqDjV57asxcyWSr9ZFKcjx-uV3_8_IcDN2uOBeYnlApLRCVIXtxaTKs50Gz80P5EcFO9xDsXDnj9GmGCHVQXIMro9B7ncHzKEypycBO4NQKuTc7PT2at5JaIDvuBCc7Ii02m3fRk2b3ggQvjWwTlgm6fWXLdqshJ9fLM1o0GVoDjI8pD_fZ5dBWafG61WiogL5g0xKU4Ea1sGRqUy9AkGunOOLtesPT4HQVSnNnhKCbUD4q4YVlR5MWkf6Jdt4CIJ9dNpPyopCU9HG06XtMM-odg4Kt_LJBf_7uf0BZEZc-Uc6z6MNr1JsItIHOn26q9_FtlCGnQumGe_0zkxaQ2BE939x6CEs-kTL6L22OIXsHP6ALDCgrENrejKfWA28KnaU2tmhzkCR6quw9Q2KDvOXjxfyoDTie9bdYl3JX_MvnOYj6E-DJ1tzpF-9gVYikRbcZlQvp1rgLJ-jsbfq68ACiDev4Js1mu_RcldvlHFWghF0tUomR0zvDX2FPsN3Z_OYaEsmSv7uiTqGQcfh8WbcqGjmm28XGQzGJtkoF3Nm4ak0rR1vmniLifs3apn7OFIrwwSNZjQLUrGPF8vHDItsAC-1jWBaKbm10vvcKjFP5UUfHXn2QTs42GWo30Prk02j4r4bH271JAXqPPlP5BhgPPeez-rNIc-98vng5V22_m6isJG3L06a81yK3yfDS772S9fO0Mgm7sDPH32HHJaANh5nwQnBqdzPbtC0IvEd1gzJtU5NfIbeGnA-YhvguV4R6kvCzsOoj1UXScERUaJI522bpkMOEMPV9qFR7pjF-I5RKgkeahQCj5NmtNWNzbpe-VyEZXpvfGclOflVV-A4hL9gMdkN_AXehq9bL8f9FSLrWJDZnRE0zvekw-QHvSzwE0X88R0GZeS8X2W0jAh9NTy_kl0Fjhb-xzg897SeSy8BhhYeVFxGlICzuXoQQlaiJKJAHDagqnULqgrSKi7PXEgHMEz13V6zhS6zU0FdP77LTZvhHMoH3-3p0nbRjSXIAhC0qJpBgigSLd-9WS8DNfTWkXtDXaNLeA&cid=CAASEuRo-9F38PhU8jcB44w0KjElbA&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:46 GMT
googlegdn_sync
x.dlx.addthis.com/e/ Frame A972
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm
  • https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEAAIvty53B81_765Oea2zN4&google_cver=1
43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEAAIvty53B81_765Oea2zN4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNVWmgG9wUSxU9H8gfDFnDLMMW4B6k5y7-1Fk3PYgvJZ8HWMfAXdCcy7YCie9a0TfdghZssf8uVjDKsfE7UHHSmu1d85S2YfYjjc7mtRMO1MBV8XuJftAsO59g-ekxTzsWKdQVWlhy8VISv5ISbwAFDpMQEYBfnid5QyzQnwaYXnGNr7s-hPPNDqJR5YxzPz2nQxwlIvseVgwUySkArQ7hIvd6pOLMkeR8x66UdElyVJFVbLMqk
Protocol
H2
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 17 May 2022 15:45:20 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEAAIvty53B81_765Oea2zN4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A972
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDW-ZDIKE_imusEx1ZMh2v0&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDW-ZDIKE_imusEx1ZMh2v0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNVWmgG9wUSxU9H8gfDFnDLMMW4B6k5y7-1Fk3PYgvJZ8HWMfAXdCcy7YCie9a0TfdghZssf8uVjDKsfE7UHHSmu1d85S2YfYjjc7mtRMO1MBV8XuJftAsO59g-ekxTzsWKdQVWlhy8VISv5ISbwAFDpMQEYBfnid5QyzQnwaYXnGNr7s-hPPNDqJR5YxzPz2nQxwlIvseVgwUySkArQ7hIvd6pOLMkeR8x66UdElyVJFVbLMqk
Protocol
HTTP/1.1
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEDW-ZDIKE_imusEx1ZMh2v0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A972 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNVWmgG9wUSxU9H8gfDFnDLMMW4B6k5y7-1Fk3PYgvJZ8HWMfAXdCcy7YCie9a0TfdghZssf8uVjDKsfE7UHHSmu1d85S2YfYjjc7mtRMO1MBV8XuJftAsO59g-ekxTzsWKdQVWlhy8VISv5ISbwAFDpMQEYBfnid5QyzQnwaYXnGNr7s-hPPNDqJR5YxzPz2nQxwlIvseVgwUySkArQ7hIvd6pOLMkeR8x66UdElyVJFVbLMqk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
transfer-encoding
chunked
content-type
image/gif
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C9CB 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Origin
https://mediawoot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame C9CB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkMIuJFJRgpHLm-vpd5ic3EaI92JbhmBoIPck2J9tf0yY0g68RARDZpVOZ5ISEXoiS86HXUuh_952252q4TxK5NH-miFu1R5P95GnezJHUnasrTbmTNXEQXLKbdPaEex4dCZY4rfiJXFt8fGjEeYynutgtzg&cry=1&dbm_d=AKAmf-AtAL1NcMi8VoGjCLCpfIcjkhYi8Tm59fv1lr2BHZq9FgI2phFa4Z9QzeqIPueaiSaP4Lhd1MM2Ojrjc4IXYiSsyIBz583BTJa29j-qeCCGjJOFisopZFILtKJ0qNs2vi4A-NrcE3wRKqSSeMJAG9DD9NMX5PKnAnY8QD2C8ews559swX2-SkBDYXHDXZ_w8KdSemmgVF9pZ3osPsjVLQW8IqkbPXxQn60O98V3QUBUyMLwMfxvikKXRbv8zTHAblipMVJIBiKroL6DlX1Apk8FsUKURpdYpePDsg1zThZX6spa31UApFmqsL_6ds8CD_mgMi5JRFa3i2g9Oo3mPmFH6pvonX05FdMAdnc6q5WpWokebWG9qsEKC1bUw13NxKGmM-_LJUoxheeCmX3_uPBWcsGLrto-WAU1iPBTAomdOrOZOt__F7su6imgYtF-5I2ledcknD3-kbrmET3vzSTX4Zf6IRh8d4OlUXqwUT6CCjBUeCUPbchFuJdXyasDIFbNr-h-z7J1bxHW0W7xWX7cDpTivqEQtwv3zfQIrRhowkURGcAeKMZBkzrH7m1EOFLMM2jlLeKmCCNzMeEeOQJJ4TP_yMMi4-mdmbfmLedPubBHNV4N38lWwx8D4Cmw1rDtxC5HFW-jFzajj9tiH2QrLsPwabFWG2MPYuqNmgtfpHRIfKQ0MTQfauSOHfPCIi5SWFa189AEH0-klvMYxqaO2tm4SFGmEkVdvPiuplTo0fn-R6p0VMeLy5xmJiIFiqM9eXm0nfP66uZvxhzmsm95PzsiiqpoU0QLwJTwGHGHWjWUS2c6kwro_H0Md7eQGN5vFlXYOQZt34LEb8Y1JjERQXL-ALoVL0iSpkDZzx_wMqEeSahttRWR33il6ySrqL6vTkl_AE_N61q2UZJlm43X6kTYLV5xK56YiBNI_RtU9JHRGfrRbc6hOUmH7kZoA4M4xlaZ-2WDL76rOI1nJEgezO7jOXbvJ8P8z-GdbsMdpeNd6T-5nSdHwt0DTKWTdZTj5fISk1lTVwQNuENnih3NYASObGm2UgRhmtgoQf6N72Xc8_NRU5RuoGGgJPBCBAspRqdwrySFuBZ3jofRMNaOzPhVwFxIT3TF5QztXsg6anwdQLipBHFEZVrMTGJKVtWqtkuQfiEeLhHm-dWr__2a0UnPwmKJdFuC4ShJ6srNyCdNQVZSD4DXIesGOfWW_TNrH03U-mAIMhNU3I_GrP225Ds7nKM64UZhOh33gsP8a3qJp-NdraELgWBcC9kxRXDx9qCnFCad4P9Qv0PTBVUkcfSgFPcFTSF3vnIW2rjrILSZdFGv5sztXYLAjM63lsogGesfPezFB3T9-R7Mj7OdHM5anWGiCRzAKrkyoXSne3YLFfXwi3YZvunbGI5iEQSfDaNiTt0VYejj_ZPaSmSHu_sGArf7-cpbfDc4FtZzOL1POo_iwogoa_x_3yhABQARSO6X0MQ2qW2VL3GEgR_VF21gZLEzHZN7S2SpAyK9VNoRuKAedPwkPIaL_b-BJV3lQ-F3NlIDZAYC3Y0vzpC70N22hqdevSVYSz5gIAs-oXMUqUI5SrHiOE6xgV6IBmogJuQMZsFda5tJpVCmErPybHJ-Q0XTieEMfdF0iWp9VVH8mr8Id3Abhry5hx-U9jPu7ysrS42IHt45-e2s6d12qtq8Q0rSWbRhG8pAiJCX5DdtqqHH_wubpVUyEpELJdwnIw0yb3a7Ppt9FqyTeO0lq8gHtqW8oV3uPem0GflnQc76kBlSoUKR5mnDNrWn2U4eXeJay3TENjZORP7JO8a0p3VIHQF6mX7E4LAi1u7uinaf3xMdXCO8RhZuffKEGSZ_pwG02PVottjM9R02NwGT3tkhcCniRluosAx9BDOyoJeqyvAY7yum0oqi6oErTOqK0B-OGvyOgEZRv-EuauC7SWM0TbnhD_8gp2MOPLFOOf4Bm8-ZGxGDQ8fZsncQCkMnmsmBjePtI9qA0NHosUTzj6vW0HccbZEqysKiDmsXa9fAO8yqLVH-g0h0FJ1zkhVEdOs67BNsszzuGBfxuxzjeiTrv52SIwTy6HBsQhlfd3GiZTYJiepKKVd97iUO7KvhBnwJ7RCojb2spp36ZX1nPmqaICv4744i9nDh_gO58CMcX41aPTD_2YmCy1bmttz3klFqV2CL2i873VcfWqTy0rjid9aIxwa356QeRmZ_SnO3sW9cLq9cwvTJHy-lUQC1Eo8zJOzUeRQSPdlE2Bt61AdlF68Mu_ksB2CuP9jHjijrX9o7z5iQcwLGXbUq8_EYEMrZLtK5dYm-Oa-0DR25dIN5vyThQrcc-eTbyr9yRdDfL0yzf-ySVHihhqnGoPmz5mq9SJSst34IDx1Y-EDP8at1_myc8cKXG6k5z5N9OgI-qFAXgqGEAOg7y7lVHHuxjndvS4H8XFu-nepxv7jMeE8MM0U4ZoAnyVZI6vTTyV4us0k1FzXg2pg06v1SkTvaISqCOTH2Ygniydw3QDD-KJVhT20GoDnEDp_LZZDSi95EQY5DFwx5Rzb72vxuR6waGElyON6CvzGSKvgjY8PS34RrQAYlzUhpvifJ0-zXgBm4vwsYKByZ6m9xYhquaJ9iPrrHzs_k45LDHHiRXeqd9wNGCyPvKcX8uFSDtGm7uNyzaJHc-HHPgtaBwaj9FONCLk2xjKjdj3OD5Jw2lULGV64pSrC2iRprILPRfaCveodAeZccTAAen0VDXR9lrU3D65-NIgdk-F_q7Eq2xW7kah6uQfG1W1_06Xh7TUWdUzOiM5mLR806T5h_LXSv7Xb9iJOc-CwfCik3sUhGYBqdzsGF7MFgmXpLks-dhogtGeTucA3EK2HAxPREsTC6DFmrip8m6o3iMD-MApnun1g5zWR1SpAIXawdeHjYIYBqMsdPzKKNyFd5ds6w3ORgZjFeS01z2PBv85EEmQpGQgfKawM2-aBj14tfpBO9scIvCJOuwtY4ii6hxyTlz9D4SZ7AGgYmbVy4MrUft2E84pT_b3ZrKkgvYDKxF3koP36gyWV-bTTdRyO86bddKxSEl8lAn8yDMsX_L4RUpeAu7e9iGi6Yp1jTXu5Ijf7VB6F6vzJeZUpbWVTNglz_j9I0rZFUr3De1JbpD_HEoGyAzuNAVlMO4H4qhFJqoUzw_1GT5MIVigWTPXuNtVC9VPKGbvrLIsm9ILHjZ11AQGiAuBPr4PTrkA7Fbk7-5CEuhEyPab4rgy1ci7gk44gMDEVVudSXXTOeZV4szYeXJAmmsIn2owPnB6rSLzkbI3TstDIPRj9nGgGzfJBZ9dNGzIGFBZUrxeHv8-hDTYPzYs345kZWIPRqaLtOYoqTGx18RYuNBTXh__Y9aRonvguvxlINlZK9kSLec1o1RJyqeUeVpb2aiuTV1qu3bEXkZBeB4l9z9O1EMDZ7rEJW_VVy1mJp4DpllzhLMNJ0Pm8fJfYOFl3dJRM2wVBtHdfP7xy1PvoCaV71rY3j03PUqAY9YSKfkNoBLDiR7qIHuwDzY0LtkRMVoic3ukviPqYpqALQiqf_hxE_sgTN6xsTz1BfcpJm1pL24Iy7&cid=CAASEuRoBwdt0czy51Nst5255Pxu5Q&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:42:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame C9CB 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkMIuJFJRgpHLm-vpd5ic3EaI92JbhmBoIPck2J9tf0yY0g68RARDZpVOZ5ISEXoiS86HXUuh_952252q4TxK5NH-miFu1R5P95GnezJHUnasrTbmTNXEQXLKbdPaEex4dCZY4rfiJXFt8fGjEeYynutgtzg&cry=1&dbm_d=AKAmf-AtAL1NcMi8VoGjCLCpfIcjkhYi8Tm59fv1lr2BHZq9FgI2phFa4Z9QzeqIPueaiSaP4Lhd1MM2Ojrjc4IXYiSsyIBz583BTJa29j-qeCCGjJOFisopZFILtKJ0qNs2vi4A-NrcE3wRKqSSeMJAG9DD9NMX5PKnAnY8QD2C8ews559swX2-SkBDYXHDXZ_w8KdSemmgVF9pZ3osPsjVLQW8IqkbPXxQn60O98V3QUBUyMLwMfxvikKXRbv8zTHAblipMVJIBiKroL6DlX1Apk8FsUKURpdYpePDsg1zThZX6spa31UApFmqsL_6ds8CD_mgMi5JRFa3i2g9Oo3mPmFH6pvonX05FdMAdnc6q5WpWokebWG9qsEKC1bUw13NxKGmM-_LJUoxheeCmX3_uPBWcsGLrto-WAU1iPBTAomdOrOZOt__F7su6imgYtF-5I2ledcknD3-kbrmET3vzSTX4Zf6IRh8d4OlUXqwUT6CCjBUeCUPbchFuJdXyasDIFbNr-h-z7J1bxHW0W7xWX7cDpTivqEQtwv3zfQIrRhowkURGcAeKMZBkzrH7m1EOFLMM2jlLeKmCCNzMeEeOQJJ4TP_yMMi4-mdmbfmLedPubBHNV4N38lWwx8D4Cmw1rDtxC5HFW-jFzajj9tiH2QrLsPwabFWG2MPYuqNmgtfpHRIfKQ0MTQfauSOHfPCIi5SWFa189AEH0-klvMYxqaO2tm4SFGmEkVdvPiuplTo0fn-R6p0VMeLy5xmJiIFiqM9eXm0nfP66uZvxhzmsm95PzsiiqpoU0QLwJTwGHGHWjWUS2c6kwro_H0Md7eQGN5vFlXYOQZt34LEb8Y1JjERQXL-ALoVL0iSpkDZzx_wMqEeSahttRWR33il6ySrqL6vTkl_AE_N61q2UZJlm43X6kTYLV5xK56YiBNI_RtU9JHRGfrRbc6hOUmH7kZoA4M4xlaZ-2WDL76rOI1nJEgezO7jOXbvJ8P8z-GdbsMdpeNd6T-5nSdHwt0DTKWTdZTj5fISk1lTVwQNuENnih3NYASObGm2UgRhmtgoQf6N72Xc8_NRU5RuoGGgJPBCBAspRqdwrySFuBZ3jofRMNaOzPhVwFxIT3TF5QztXsg6anwdQLipBHFEZVrMTGJKVtWqtkuQfiEeLhHm-dWr__2a0UnPwmKJdFuC4ShJ6srNyCdNQVZSD4DXIesGOfWW_TNrH03U-mAIMhNU3I_GrP225Ds7nKM64UZhOh33gsP8a3qJp-NdraELgWBcC9kxRXDx9qCnFCad4P9Qv0PTBVUkcfSgFPcFTSF3vnIW2rjrILSZdFGv5sztXYLAjM63lsogGesfPezFB3T9-R7Mj7OdHM5anWGiCRzAKrkyoXSne3YLFfXwi3YZvunbGI5iEQSfDaNiTt0VYejj_ZPaSmSHu_sGArf7-cpbfDc4FtZzOL1POo_iwogoa_x_3yhABQARSO6X0MQ2qW2VL3GEgR_VF21gZLEzHZN7S2SpAyK9VNoRuKAedPwkPIaL_b-BJV3lQ-F3NlIDZAYC3Y0vzpC70N22hqdevSVYSz5gIAs-oXMUqUI5SrHiOE6xgV6IBmogJuQMZsFda5tJpVCmErPybHJ-Q0XTieEMfdF0iWp9VVH8mr8Id3Abhry5hx-U9jPu7ysrS42IHt45-e2s6d12qtq8Q0rSWbRhG8pAiJCX5DdtqqHH_wubpVUyEpELJdwnIw0yb3a7Ppt9FqyTeO0lq8gHtqW8oV3uPem0GflnQc76kBlSoUKR5mnDNrWn2U4eXeJay3TENjZORP7JO8a0p3VIHQF6mX7E4LAi1u7uinaf3xMdXCO8RhZuffKEGSZ_pwG02PVottjM9R02NwGT3tkhcCniRluosAx9BDOyoJeqyvAY7yum0oqi6oErTOqK0B-OGvyOgEZRv-EuauC7SWM0TbnhD_8gp2MOPLFOOf4Bm8-ZGxGDQ8fZsncQCkMnmsmBjePtI9qA0NHosUTzj6vW0HccbZEqysKiDmsXa9fAO8yqLVH-g0h0FJ1zkhVEdOs67BNsszzuGBfxuxzjeiTrv52SIwTy6HBsQhlfd3GiZTYJiepKKVd97iUO7KvhBnwJ7RCojb2spp36ZX1nPmqaICv4744i9nDh_gO58CMcX41aPTD_2YmCy1bmttz3klFqV2CL2i873VcfWqTy0rjid9aIxwa356QeRmZ_SnO3sW9cLq9cwvTJHy-lUQC1Eo8zJOzUeRQSPdlE2Bt61AdlF68Mu_ksB2CuP9jHjijrX9o7z5iQcwLGXbUq8_EYEMrZLtK5dYm-Oa-0DR25dIN5vyThQrcc-eTbyr9yRdDfL0yzf-ySVHihhqnGoPmz5mq9SJSst34IDx1Y-EDP8at1_myc8cKXG6k5z5N9OgI-qFAXgqGEAOg7y7lVHHuxjndvS4H8XFu-nepxv7jMeE8MM0U4ZoAnyVZI6vTTyV4us0k1FzXg2pg06v1SkTvaISqCOTH2Ygniydw3QDD-KJVhT20GoDnEDp_LZZDSi95EQY5DFwx5Rzb72vxuR6waGElyON6CvzGSKvgjY8PS34RrQAYlzUhpvifJ0-zXgBm4vwsYKByZ6m9xYhquaJ9iPrrHzs_k45LDHHiRXeqd9wNGCyPvKcX8uFSDtGm7uNyzaJHc-HHPgtaBwaj9FONCLk2xjKjdj3OD5Jw2lULGV64pSrC2iRprILPRfaCveodAeZccTAAen0VDXR9lrU3D65-NIgdk-F_q7Eq2xW7kah6uQfG1W1_06Xh7TUWdUzOiM5mLR806T5h_LXSv7Xb9iJOc-CwfCik3sUhGYBqdzsGF7MFgmXpLks-dhogtGeTucA3EK2HAxPREsTC6DFmrip8m6o3iMD-MApnun1g5zWR1SpAIXawdeHjYIYBqMsdPzKKNyFd5ds6w3ORgZjFeS01z2PBv85EEmQpGQgfKawM2-aBj14tfpBO9scIvCJOuwtY4ii6hxyTlz9D4SZ7AGgYmbVy4MrUft2E84pT_b3ZrKkgvYDKxF3koP36gyWV-bTTdRyO86bddKxSEl8lAn8yDMsX_L4RUpeAu7e9iGi6Yp1jTXu5Ijf7VB6F6vzJeZUpbWVTNglz_j9I0rZFUr3De1JbpD_HEoGyAzuNAVlMO4H4qhFJqoUzw_1GT5MIVigWTPXuNtVC9VPKGbvrLIsm9ILHjZ11AQGiAuBPr4PTrkA7Fbk7-5CEuhEyPab4rgy1ci7gk44gMDEVVudSXXTOeZV4szYeXJAmmsIn2owPnB6rSLzkbI3TstDIPRj9nGgGzfJBZ9dNGzIGFBZUrxeHv8-hDTYPzYs345kZWIPRqaLtOYoqTGx18RYuNBTXh__Y9aRonvguvxlINlZK9kSLec1o1RJyqeUeVpb2aiuTV1qu3bEXkZBeB4l9z9O1EMDZ7rEJW_VVy1mJp4DpllzhLMNJ0Pm8fJfYOFl3dJRM2wVBtHdfP7xy1PvoCaV71rY3j03PUqAY9YSKfkNoBLDiR7qIHuwDzY0LtkRMVoic3ukviPqYpqALQiqf_hxE_sgTN6xsTz1BfcpJm1pL24Iy7&cid=CAASEuRoBwdt0czy51Nst5255Pxu5Q&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7CB4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
176
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:42:24 GMT
expires
Wed, 17 May 2023 15:42:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3540 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eec1dec8dac7635e9fea6ef66bf06253ee83a40d71c9b3b1e5afb09bbffeba07
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7vupAMIwJ5L_Yg_bZYFH1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-7vupAMIwJ5L_Yg_bZYFH1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
expires
Tue, 17 May 2022 15:45:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 7EC3 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Origin
https://mediawoot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 7EC3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS9iBuzVrbzfokEjMif4kS0ZqpO3bZtQyh1Oysx8qGBTDo7l6AH9Z3mx2mqnbCYaXvMNngTQpN5-33-h79QRDy8YV7NEN68CYpSzMXDJXG4lwUVbHpx5DqaHDunToczxt9YYmIsftoamJNBX9Xm-CKx2ukjQ&cry=1&dbm_d=AKAmf-DoN4VqraAL6nfkdU9NFM733p4qaqO3upT_vVeGamMb2HmWdpZEzm5mGm2Riv17Fs1yLZq2CNXeXay0uNEcNQxA7R3_vXlQ65nnpix90JmL441u40oLBScjGBesKAyWOToI0x8Un1X0AVmGgCSlMxpNe5qgB0Z-EcXjLw_wiXLh31aivyL42GqA573IA6b7vo_3llsJ7s5ldq2627TaZNKP-9FiYzkWqVAF_II6VzjYZwaAdRIISc1AbZchb06upLG7uld8t5_sYJCinUlAuCMj45Kx1Pu2W7H8Ep0S2DYNpiX2w9Erm8ZGWMR51_ffz-W-FGIT8z7avSXtgoqUQ3EyHjwn8ZlyvztJ1CjSAH3rcUgc3yOe_9aeagmt5QlVb3chmY8E-EC1lkneGxHMhNuVudQHagafoYSGTSTnhdyZkt-PdxMLoNK4hMjSbswFLg9__W_Zh76OZoZLoLhQ_m4PISGy-eObQeCEiGpqOq7zN1SAr7dYobLITyW0SL281zA60sh4ZnFpZedr3XsYZtS6pEWPwLZbao5rei8Wcval2HVcyW7Mtw8bLhapYuRHOY3SeuQ_ifi1HZU394abJ8MOy-hweEU71WP_NSp96HjHC_7OrdET90mlvbWwy7vEe0ehfzQlWDJOShI4ruIYMLuixPUxoqom9HRczyK00CU1XT0GBfwn3C3s4HBuIRjYDpufptdJGrCcamWl27jGZ3F8ybdWMUlZjqt0HAiHSOhjO2-BgIhArPFnIvj8E5a4wNXr0MMyrxbq9gASD4D12r9517mjWO5ltUvJVip61ecRK_Upn2hSK7ArsNbbSN0k2KxqyTrcwAI1gFcxtyavLHYkAWCPvDNq2o2ivSYRW17d9sacsWxvYqB_0ILynkmLcKKOuuxlpmFpql-FFDyocOjLvkAP0jocAMLStZlWlgZ1nmKm2uyujgBSKWkW8w47QfU0X7F8Tfj105jrymFBg-aPtuDu_hi0KqylDyVrvalFFAnqco3H9vsEi6MeOEGFFPRCbCxziBUDgKQpK7n4aA9UgMhVu75eDVoQvzE_Eu5Uo9XAaDQ7N-dWn6TXczTPFMH1faCYVFbROcPwzTvgECJSZaBm1bPca8kIsvHdHO_0xSWXiIBUZUwXZ2ScUYnDlHGnyhEEmiukL1wj64SfT7RE49k17A8uqdiqYifxeLAOYnQpiO0hZ2xpxMdx9cKDesHrFLVw9bRIEhd2IIo7IQGrqiUjKqHpI4xJLMypZ18D7Ra9yT4tM0VeWay03ershxeLXv__ns66EUry2HhetvrYXHxBrG7kBtx-6mZ923Sq1E3Dz7rS-NDiRrWXTGd5Kzul6MnmuffbFvdXu-CEFaM2z2lsV26h8FgVoAADmRnGYujbQiAk4d_-I2t22og06aCZtR127QTM_yM1MP-n3bg59YzR2XrF-lgsnyb608h6RhyJWtUNpOcj9RDEYTN0Z33gCvAicxQm6nvweJt8CYLFTU26dm4YA1M3mj6H30fFLOWzXYi2MG7BwEAyqwl7CHA9hTZB02CstJze7M9ITitNHrTT2HAJvfYNYHBSr5jXHzFDKVuABlBCCKfi3lfOkYoKgxRnfDxH9dTkdussXcxDYX9vbVAmUjdRd0uIe3AfPN59sX1A0O0EOxaPsBwm8_E2xOUSmXbfuk7dGK1z1foRYD9RPTBHnQHP_279jdehlTXpBPNJ-sUZRtS5zQTlduDmsgadz7x1GGp2a-6IaTeqd-f2Bmiv6zgsbEmKjxfgDcAyg7og0X0ZrVZSqFLbbS_KaltmkaHxH0dK-94vBfpnUaNquT5Qph1G7-duh5-fV9Sv30nrUKr_zCjbxmf_jOWXIo_vItsn9y1LJBVkgaYmBAK25P0zT0ZTs2Si8MFgW8rSc9rITcBweiM0cd6jrbFOYsx9npHI-nSYc4Rtl5CFF70oYAKKqxqozmQyvsE3stpBHqrGMOq19XDmnLKssCJAEKTdfqbeSVuFKBaJraC5deA4HQ8eOZvTXuHGUBjn3y65y2ucy2VmlHFEmGXzbeOx35E4qJFY9rJfcR-8Eye7AO2fa6elcC-8J2Qsg_bBFhiahQs4vJLdew11AI1tqxzHiKzAVNo-SMBCUCBcsMLxNor1OX-S_r2Id-hu1DsJG-Ms1-Jj3NB1ZD1gwHqLYQwBivISxG0acUReMixOvqhuBCtybHf816oy0mm4oqKjlpdEO5DzBOWzDRyn25fB6OIzncV2UXTynRfhsZcsRch713bM2x5BktCIaKuwRbKDpJD6_cjjRXQfsS0nIjOMF2TWpNfDewzFMIsc7Gtr93SFaa_8QO_s0g7F54rs3zTGuj1uYwSK1Lrg8r5UQU5WGMTkc7QXRavw4_S8E5_nX5wolxNBZi-zKHNXvmytPv328wHDCffTRu9CfZXlmbWs0dTIVSkJCHWTkqZwWxBnW2Vpig9N_15uTU2bcmuYJvyZLVbEPPe7Kklt3M-xJilLV1wcXn7cjKeig485NFkAm58QyhVEMt5YBvl0IR0iKYwA0V4mWddza2cE5Qmo5uwUU7lwNV7PkQSsZat4Ynmhwdr__luUoEdqQdKeQ-CAx8uo6PpB1wtrKVB9MGPnOP-9Ycn2-wK0OhJxVpDYqManBAbBpZxbDn-FQkfmMJL8IO-q-IoN-J01SJcnt4MEKMT2si_F4nF5-w-YjeKzFeB6jzA55MNOy6fwl2RpURSC4BdT68533U9Zdy5oAhi_OnnYvz3nw5qjJeSaYqi6aNTodn65xo2lyxk41vBqCxgasewTMKiShBB6-5AuX8YJ_5LTzVFtxaN5uds3BCRFhRC43wjJlu4i6l0JpHR0oLJXUV9oAd1a1iEYRqk3RxROB3QoB9R2pyEnxba0Q51oTyYf79GV568l4CUSuJs9N0QuVI8gO8v3StoTVJvSWuNqmygExv4EcC07hs6CzN_vaeGmBZrFo-ytmuuKnZLb_GiXfM1xxLKJFFPIbSdKay_oYNSKyV39ZL26Lw1KtBOJ9os8_MqNeaPclmdRxa5WjPSu_9G2sAuEoHDUTNFGsRZ-kdrwsh11LUAjh_iu_Cc4EEsWu0zCGqFLZ2VhfrUrtzNkvxxjE74fYWIDIELrkXuLxrLTb0OV6Z_zIC0v7yoJTgFY6tx7BDZLPb68Ywh9qFJNfods_KJWgsTLUgAQDSjon90dptYWt_Ntktn_1_jDrevo1kg9MSLI_sCqArthuwQBijrWywASKb_Froe1tJ5i9jEYpPgiGc2k89272pPGi45iIIFnzkTs9Wq5whiEF8aE0zp5AlP9AYPdYXP9-3WPqPWILuzZnT74vBJ_2IRUQdIhHIzOK2sKuxfrEUcIm5TQxvbizq6ttPDVBrGH6BW0bb_Oo6cozCq24HUjXp-1o3L_OkXdWmU87jLg0TcW4gFwsiD8qbF5C5GqHkEBvkKyowoLHGzp9OphxZNFsyFz351VSnh6dzxDvoazP_b9MS2wzYxyYHEEjii_Ku7R5bYNnnqiU7D6ZW04S_xtbKqUXcFY9l6pFJrdpfpJSQcknOYbfqj2YS95oDGBJUFXKTa4CJfOQiU7WcUU&cid=CAASEuRoozhViTK_406WaVTpfQBoxw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:42:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 7EC3 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CS9iBuzVrbzfokEjMif4kS0ZqpO3bZtQyh1Oysx8qGBTDo7l6AH9Z3mx2mqnbCYaXvMNngTQpN5-33-h79QRDy8YV7NEN68CYpSzMXDJXG4lwUVbHpx5DqaHDunToczxt9YYmIsftoamJNBX9Xm-CKx2ukjQ&cry=1&dbm_d=AKAmf-DoN4VqraAL6nfkdU9NFM733p4qaqO3upT_vVeGamMb2HmWdpZEzm5mGm2Riv17Fs1yLZq2CNXeXay0uNEcNQxA7R3_vXlQ65nnpix90JmL441u40oLBScjGBesKAyWOToI0x8Un1X0AVmGgCSlMxpNe5qgB0Z-EcXjLw_wiXLh31aivyL42GqA573IA6b7vo_3llsJ7s5ldq2627TaZNKP-9FiYzkWqVAF_II6VzjYZwaAdRIISc1AbZchb06upLG7uld8t5_sYJCinUlAuCMj45Kx1Pu2W7H8Ep0S2DYNpiX2w9Erm8ZGWMR51_ffz-W-FGIT8z7avSXtgoqUQ3EyHjwn8ZlyvztJ1CjSAH3rcUgc3yOe_9aeagmt5QlVb3chmY8E-EC1lkneGxHMhNuVudQHagafoYSGTSTnhdyZkt-PdxMLoNK4hMjSbswFLg9__W_Zh76OZoZLoLhQ_m4PISGy-eObQeCEiGpqOq7zN1SAr7dYobLITyW0SL281zA60sh4ZnFpZedr3XsYZtS6pEWPwLZbao5rei8Wcval2HVcyW7Mtw8bLhapYuRHOY3SeuQ_ifi1HZU394abJ8MOy-hweEU71WP_NSp96HjHC_7OrdET90mlvbWwy7vEe0ehfzQlWDJOShI4ruIYMLuixPUxoqom9HRczyK00CU1XT0GBfwn3C3s4HBuIRjYDpufptdJGrCcamWl27jGZ3F8ybdWMUlZjqt0HAiHSOhjO2-BgIhArPFnIvj8E5a4wNXr0MMyrxbq9gASD4D12r9517mjWO5ltUvJVip61ecRK_Upn2hSK7ArsNbbSN0k2KxqyTrcwAI1gFcxtyavLHYkAWCPvDNq2o2ivSYRW17d9sacsWxvYqB_0ILynkmLcKKOuuxlpmFpql-FFDyocOjLvkAP0jocAMLStZlWlgZ1nmKm2uyujgBSKWkW8w47QfU0X7F8Tfj105jrymFBg-aPtuDu_hi0KqylDyVrvalFFAnqco3H9vsEi6MeOEGFFPRCbCxziBUDgKQpK7n4aA9UgMhVu75eDVoQvzE_Eu5Uo9XAaDQ7N-dWn6TXczTPFMH1faCYVFbROcPwzTvgECJSZaBm1bPca8kIsvHdHO_0xSWXiIBUZUwXZ2ScUYnDlHGnyhEEmiukL1wj64SfT7RE49k17A8uqdiqYifxeLAOYnQpiO0hZ2xpxMdx9cKDesHrFLVw9bRIEhd2IIo7IQGrqiUjKqHpI4xJLMypZ18D7Ra9yT4tM0VeWay03ershxeLXv__ns66EUry2HhetvrYXHxBrG7kBtx-6mZ923Sq1E3Dz7rS-NDiRrWXTGd5Kzul6MnmuffbFvdXu-CEFaM2z2lsV26h8FgVoAADmRnGYujbQiAk4d_-I2t22og06aCZtR127QTM_yM1MP-n3bg59YzR2XrF-lgsnyb608h6RhyJWtUNpOcj9RDEYTN0Z33gCvAicxQm6nvweJt8CYLFTU26dm4YA1M3mj6H30fFLOWzXYi2MG7BwEAyqwl7CHA9hTZB02CstJze7M9ITitNHrTT2HAJvfYNYHBSr5jXHzFDKVuABlBCCKfi3lfOkYoKgxRnfDxH9dTkdussXcxDYX9vbVAmUjdRd0uIe3AfPN59sX1A0O0EOxaPsBwm8_E2xOUSmXbfuk7dGK1z1foRYD9RPTBHnQHP_279jdehlTXpBPNJ-sUZRtS5zQTlduDmsgadz7x1GGp2a-6IaTeqd-f2Bmiv6zgsbEmKjxfgDcAyg7og0X0ZrVZSqFLbbS_KaltmkaHxH0dK-94vBfpnUaNquT5Qph1G7-duh5-fV9Sv30nrUKr_zCjbxmf_jOWXIo_vItsn9y1LJBVkgaYmBAK25P0zT0ZTs2Si8MFgW8rSc9rITcBweiM0cd6jrbFOYsx9npHI-nSYc4Rtl5CFF70oYAKKqxqozmQyvsE3stpBHqrGMOq19XDmnLKssCJAEKTdfqbeSVuFKBaJraC5deA4HQ8eOZvTXuHGUBjn3y65y2ucy2VmlHFEmGXzbeOx35E4qJFY9rJfcR-8Eye7AO2fa6elcC-8J2Qsg_bBFhiahQs4vJLdew11AI1tqxzHiKzAVNo-SMBCUCBcsMLxNor1OX-S_r2Id-hu1DsJG-Ms1-Jj3NB1ZD1gwHqLYQwBivISxG0acUReMixOvqhuBCtybHf816oy0mm4oqKjlpdEO5DzBOWzDRyn25fB6OIzncV2UXTynRfhsZcsRch713bM2x5BktCIaKuwRbKDpJD6_cjjRXQfsS0nIjOMF2TWpNfDewzFMIsc7Gtr93SFaa_8QO_s0g7F54rs3zTGuj1uYwSK1Lrg8r5UQU5WGMTkc7QXRavw4_S8E5_nX5wolxNBZi-zKHNXvmytPv328wHDCffTRu9CfZXlmbWs0dTIVSkJCHWTkqZwWxBnW2Vpig9N_15uTU2bcmuYJvyZLVbEPPe7Kklt3M-xJilLV1wcXn7cjKeig485NFkAm58QyhVEMt5YBvl0IR0iKYwA0V4mWddza2cE5Qmo5uwUU7lwNV7PkQSsZat4Ynmhwdr__luUoEdqQdKeQ-CAx8uo6PpB1wtrKVB9MGPnOP-9Ycn2-wK0OhJxVpDYqManBAbBpZxbDn-FQkfmMJL8IO-q-IoN-J01SJcnt4MEKMT2si_F4nF5-w-YjeKzFeB6jzA55MNOy6fwl2RpURSC4BdT68533U9Zdy5oAhi_OnnYvz3nw5qjJeSaYqi6aNTodn65xo2lyxk41vBqCxgasewTMKiShBB6-5AuX8YJ_5LTzVFtxaN5uds3BCRFhRC43wjJlu4i6l0JpHR0oLJXUV9oAd1a1iEYRqk3RxROB3QoB9R2pyEnxba0Q51oTyYf79GV568l4CUSuJs9N0QuVI8gO8v3StoTVJvSWuNqmygExv4EcC07hs6CzN_vaeGmBZrFo-ytmuuKnZLb_GiXfM1xxLKJFFPIbSdKay_oYNSKyV39ZL26Lw1KtBOJ9os8_MqNeaPclmdRxa5WjPSu_9G2sAuEoHDUTNFGsRZ-kdrwsh11LUAjh_iu_Cc4EEsWu0zCGqFLZ2VhfrUrtzNkvxxjE74fYWIDIELrkXuLxrLTb0OV6Z_zIC0v7yoJTgFY6tx7BDZLPb68Ywh9qFJNfods_KJWgsTLUgAQDSjon90dptYWt_Ntktn_1_jDrevo1kg9MSLI_sCqArthuwQBijrWywASKb_Froe1tJ5i9jEYpPgiGc2k89272pPGi45iIIFnzkTs9Wq5whiEF8aE0zp5AlP9AYPdYXP9-3WPqPWILuzZnT74vBJ_2IRUQdIhHIzOK2sKuxfrEUcIm5TQxvbizq6ttPDVBrGH6BW0bb_Oo6cozCq24HUjXp-1o3L_OkXdWmU87jLg0TcW4gFwsiD8qbF5C5GqHkEBvkKyowoLHGzp9OphxZNFsyFz351VSnh6dzxDvoazP_b9MS2wzYxyYHEEjii_Ku7R5bYNnnqiU7D6ZW04S_xtbKqUXcFY9l6pFJrdpfpJSQcknOYbfqj2YS95oDGBJUFXKTa4CJfOQiU7WcUU&cid=CAASEuRoozhViTK_406WaVTpfQBoxw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:46 GMT
usermatch.gif
beacon.krxd.net/ Frame ED9E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEKTW1LwDZFopI6hTMMI3sqY&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEKTW1LwDZFopI6hTMMI3sqY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNV9Q7TN-Is6GkKSbbziWKYXV0TSzkk1i5fml6DLE9NZylOzS78cE5sptxrz3aLiRFtkVhGDaELwHLk-fdssyIfImoKEfpgfVaN8R1A4CaB0cotSnQx5tzwTqNx3uPmX3AZQPOFFMdvgNWxvxyuM9NQ693tzb4xbUiKiB8Yt4S0hYjzzmCMztNHlqRi1ZkYDzN4N1_LVFxd4fyMvG56olx2Kypy2MNm4w8TbomPq4-FC6NgSxUw
Protocol
H2
Server
54.171.37.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-37-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1652802320
x-served-by
beacon-n003-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEKTW1LwDZFopI6hTMMI3sqY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame ED9E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_cm
  • https://rtb.gumgum.com/usersync?b=gdv&i=CAESEJtN_d88whK8Sw0tQOqipiY&google_cver=1
35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=gdv&i=CAESEJtN_d88whK8Sw0tQOqipiY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNV9Q7TN-Is6GkKSbbziWKYXV0TSzkk1i5fml6DLE9NZylOzS78cE5sptxrz3aLiRFtkVhGDaELwHLk-fdssyIfImoKEfpgfVaN8R1A4CaB0cotSnQx5tzwTqNx3uPmX3AZQPOFFMdvgNWxvxyuM9NQ693tzb4xbUiKiB8Yt4S0hYjzzmCMztNHlqRi1ZkYDzN4N1_LVFxd4fyMvG56olx2Kypy2MNm4w8TbomPq4-FC6NgSxUw
Protocol
H2
Server
52.213.153.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-153-112.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.gumgum.com/usersync?b=gdv&i=CAESEJtN_d88whK8Sw0tQOqipiY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
286
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 1E5C 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Origin
https://mediawoot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 1E5C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJcd1y8FdSnkRIqKLOCKIGAOAxUeQGWfKlFi5qt951zSpALZFuvxmASw_153LEE6aBhd1bEJ3QkS9GeSfGdy5mcZcOevbOEagE-VuI-Drw0Nlde28ubLjee8M4wY6fmXeUSsU5eLzaQGKyQL1ZgqlpI3epBA&cry=1&dbm_d=AKAmf-AukYCwGG7jFwY90_NwAlDIYdpBEga2YbY29U3jbuFkdmGuq7vu2F1LNBdxxiVTVgSz5HouEQpLjev_kHBUuOcblKpRPkkB5OPi_FTSIL1Q5sLtWkN8nYgUwKjskNDNzYhJaLX1XrwN1MZQyeDynxuUtVYLoeAWn7EclSEw0pbaiNpK5dMRuaMNERvqvoN5KWYCsmMngaRFv-_RfM_GBaFx5yNIDwJM7WCfjRhFL5z29Xh8wsiWfZENCdNSoQefudxIm-P8AqAEPULAbrLGg9lLOfFbJ5AM_rJ2YRVrObRTlnn-8yeiQ7CjpO_hRmgRFxPuneact7SiUfwniTBIh0lZVG0_df_WIb0Gikp1KkU4PZcYMd01AC0y_D8PT_63qv4Fgd1gBCzXNGgkHYG1mu8mKIprMC675Ka-blxDrbJMO1WJlY7CwRt_opZK5nvgfRQk1nle9haY8KllY0jDNDolhUM3D0Joe1wKT-W4NTCagj8rz4LG2nXRDOMZ4SwpgNO_O8B4pq-DYiefQn9sXeX2jJ5ne5nW3R4XfTHZHDpLwzsrr4zrtPcJJpb2YBUOS4C6BiGCI3O8ij0mfcb18MJN6F5zJmUpq0ToXR0yY_3REiL085cp8HI1RMm1Ci4cX77I5mY8NKREvxrrRKWNIkPPhrSbiAgvj4jIoyZM0Q3OSQ5TpK-yPMlS_vUPSItZjFkgPYkh9vNMSX8hBFbzq81ilIolNIZt16eAHnIBHwu-TY9nr1ljjEgdLpdnnk6XHJ6UzjLgksyqDJYlzGAQUN1g6zuxE5Ms8PHC6clJQfa3TvlXUaw-7Uc_e2CWcD6kUjF1ck1cEjamLKKd5aFrkMJSIWx9TVR8jrq7fgvo2zIhlg3nuV_5pB-BikcTZc_6g2315T5NlX-yo0LYJKD2LRHc2wFDmTzDdnBJBmZzYQoaIi7MuBpxQIGJzE_Eevlp53s6Rzq3pWQWtsWxrW0mxLjUXvst6s8v-KU3LVJIFpx2y5YQtapwx-wJ5BMLkg306Ojj2Z6pf4q8xVM2uhqR0mgQOIdpQ_Y5YGHlHyo-QblS4PlEh6OoRiQ8l4Nqcy31DGJlLEv9TmNe5m9HyEH5xnwSH83JHqoD61yfGgX9LbvtT8wymqwtaFvJJe4FC6AeKD4GsjNMBn79zsYmL-vgDHsBqHHQ2IrxLZHYSKlVqKzrgQArfrcsWlL0uELZ0frHwL-8UnbNPfdugUHqMV6GATSfh_-P-WQ-FS1E8IWH0QJy0xpfldMFb7rxIVkcv4VHydEAS19ueMPcS7GvmHIoQLOkIiGt1gPl9p1HpvvpR71JHyHFmNcXshelHBDtHPh7uKqebCqxYz9hH18COjZsI2JRjnCJ0vvhc_4msXVmYxNTI4SUis12zO95IoYXJ_U7d3GRrUU-zf6OZ1wpJPJS8cO25VJCnJwNsC8pg_mb7OBnwiyq5Oo4B5z3bL9U3DmfoHksBeW8fKfuYGGPUKkTcXTNfQzX4FxQ-xQGTn7Kti1795H6UxDBYOXi6AbFVUts-lZ8JS2sJitlDII9qi71xw2SKK11lrhVfGMUmzORJftp4yvgIopdyu0eaTq-CME6jPmJx1Xa69adZ8Dy9930qiYNQ4GVRhEm9xKHgxF5pjwP4YwoLLNahhPGYrVlSoodlb_QPj73JCXfCA9U2NFBHNiwHLWH-KAQrX7bH3gVtwImqpi6X6aoAECPAgCoWKKWJE76B9nXmQceX5n7I2v4JjvW5pn7MxpIfdEEJXSBa-o3skwJt54oHXV7cr75rduhhppRUknPMn66gvy_FWjntM9CgEPIxqjspGGBHbuziJT2uH4kd5yWWwTwERS7nVXJUkwBWsG0zcfLu1BnAe58RYNDJ8gXRct_4H3ppG8h95_zhksQBayVkJ4q7hj0-S7HmIsl9yT00mOtJQrdACr_T6RVIKh72ksbmX_GuYPE2GXsiBD_q0hKgdkauChG1IJ2Nj8Bn-Tlr4mWqwyrFn0qrq13Eat3W59Fq3SU-SvgnAPq5jzSQhyWsxJrDptHzaOZMLRixUXJXUYLgLnsUo09XML-foLQrZ8mGXPrdOJ6dDMlR5_ncimUEtB2L4EWUACyEjtsxkRziYfRK8KoLegQ0P346Tc4Tai9M2Gry1otPxIymKauwK_SAPPK1ZbhQttOyxv6GtKCF1zSkOt1fhtVv0ry3vl1u01tf14GMGq8ujPlWQfNZ3FhRIkmbUemP3wOPBNR_xkMiYWvB6jNQwctHIAvkzAqLuPyqfC5Iy7PLO1eAlqh2ltIKzM5O9lHrD_sWp4xDhMH9gBpaRsQrLXD6646qCxhaXJ2m9ULAsdJ5Jc_93jvzWgiL8y_hkpimoLsUQDdFrvdEx1H7lCOSuHVHsoIfMVmWNQTr_IEgzpmCfO2rKmPN6UqM0QNpDhkzas4bgvWt-Fda2o8WLoP2dFUC04AzsnpDGhi7tuA7AUwhVez91vOFS2wrs-rEQm3eMNN4ksn2hjK046G04QCQwN9TP9Ejflf65tTibUm58AqMEoaXvkiRukxxZsmDoeLw-Sj0DUob3BSh_BJ0gijGA9ZFoxfPeoJOjMdoEaPrb2rt1HanrCpPUVDzLoyB9Y_JaO6jJD195fkUaJiE90nusMd1uC5LH-j_HGVaTC1_7Jb66rOZPC13wiooIoWn5MskK3bW-bpwZnTw-lKADO8wUpftPIZyVcXkeYqRSPeMiZOKwliBJbU4OFkXOf_KyfyPefOypF6tO-FSMsBiq4ejkk1BfYmgrd2A9soWq9XoYnnY_WHztEg3zVioQyKB4QD2rvHAtdxLp8BQv43PDLhNDhsU3oABLH_l6OpbGpezkx5Hsl_6Hxe-dZIuv_mLMiFx7ZWUH3grEC7fTKWMkBKloaxcfz4gbCeZis6sAkIbsV8saLGRVbadFeuw5zmx3V_pmGZJi47211yGmR4Q2OYwFln5jp47Q9nazE-L7ezADL7uTamdD1kkzcwTw_u2jCyJuQjRqzbbjqnty9aT7aOnKTyBTW2A-5G_N3cn_Ct14gWG2oUkghRoJqWjrHAf-agRyFtJAmbbhE-hRfvw3nROihL8f0D0S7fACl5xuX4H7W-DDKK8QNWnGZDbR-oC8KGFxJTiM-Hz5sE2OmiMFQr6TY5Ntqa2DTe5rAk6rcgaI2UJBRowhFK27qKjNa_g16Psofg_CAMJCYSq1if3vxazvTxS7I2BVDK_W5ruY6kT_1S5nucQJn8rZAG-Xnpj2BqeBrfMPLi72QcJJRSXfYJCzSL1q9mWvBaCk2OfQIZ8RpOaHhISTSIM6V2f-FRZRRoXmduDrOleDYaStfWnfDcHk_ViR6zSqvQHaoBBGZcLqwx3ZJa8LU7MssnGHZsclxsg9dJVNEgQAjeVVWj8o4oMA68_ihp5H5dupkehJz1POCcuqHGpBpyjUJUr1H2pKw3ZDGInwD1plT6kvf35RRXMZWH1lpLQkhiZOnZ_badLMTQcKuBsutNfcYb4ngTHqBHZjkQuwFTK733V5bws7Y5ZIVTUBqyhpR4F3VMvMYbO1xvYjjFKXqUfo1gw1e5KScCBLMgIecAwaZ5&cid=CAASEuRorwi5tWrtfHuFPId9bt8Ydw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:42:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 1E5C 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJcd1y8FdSnkRIqKLOCKIGAOAxUeQGWfKlFi5qt951zSpALZFuvxmASw_153LEE6aBhd1bEJ3QkS9GeSfGdy5mcZcOevbOEagE-VuI-Drw0Nlde28ubLjee8M4wY6fmXeUSsU5eLzaQGKyQL1ZgqlpI3epBA&cry=1&dbm_d=AKAmf-AukYCwGG7jFwY90_NwAlDIYdpBEga2YbY29U3jbuFkdmGuq7vu2F1LNBdxxiVTVgSz5HouEQpLjev_kHBUuOcblKpRPkkB5OPi_FTSIL1Q5sLtWkN8nYgUwKjskNDNzYhJaLX1XrwN1MZQyeDynxuUtVYLoeAWn7EclSEw0pbaiNpK5dMRuaMNERvqvoN5KWYCsmMngaRFv-_RfM_GBaFx5yNIDwJM7WCfjRhFL5z29Xh8wsiWfZENCdNSoQefudxIm-P8AqAEPULAbrLGg9lLOfFbJ5AM_rJ2YRVrObRTlnn-8yeiQ7CjpO_hRmgRFxPuneact7SiUfwniTBIh0lZVG0_df_WIb0Gikp1KkU4PZcYMd01AC0y_D8PT_63qv4Fgd1gBCzXNGgkHYG1mu8mKIprMC675Ka-blxDrbJMO1WJlY7CwRt_opZK5nvgfRQk1nle9haY8KllY0jDNDolhUM3D0Joe1wKT-W4NTCagj8rz4LG2nXRDOMZ4SwpgNO_O8B4pq-DYiefQn9sXeX2jJ5ne5nW3R4XfTHZHDpLwzsrr4zrtPcJJpb2YBUOS4C6BiGCI3O8ij0mfcb18MJN6F5zJmUpq0ToXR0yY_3REiL085cp8HI1RMm1Ci4cX77I5mY8NKREvxrrRKWNIkPPhrSbiAgvj4jIoyZM0Q3OSQ5TpK-yPMlS_vUPSItZjFkgPYkh9vNMSX8hBFbzq81ilIolNIZt16eAHnIBHwu-TY9nr1ljjEgdLpdnnk6XHJ6UzjLgksyqDJYlzGAQUN1g6zuxE5Ms8PHC6clJQfa3TvlXUaw-7Uc_e2CWcD6kUjF1ck1cEjamLKKd5aFrkMJSIWx9TVR8jrq7fgvo2zIhlg3nuV_5pB-BikcTZc_6g2315T5NlX-yo0LYJKD2LRHc2wFDmTzDdnBJBmZzYQoaIi7MuBpxQIGJzE_Eevlp53s6Rzq3pWQWtsWxrW0mxLjUXvst6s8v-KU3LVJIFpx2y5YQtapwx-wJ5BMLkg306Ojj2Z6pf4q8xVM2uhqR0mgQOIdpQ_Y5YGHlHyo-QblS4PlEh6OoRiQ8l4Nqcy31DGJlLEv9TmNe5m9HyEH5xnwSH83JHqoD61yfGgX9LbvtT8wymqwtaFvJJe4FC6AeKD4GsjNMBn79zsYmL-vgDHsBqHHQ2IrxLZHYSKlVqKzrgQArfrcsWlL0uELZ0frHwL-8UnbNPfdugUHqMV6GATSfh_-P-WQ-FS1E8IWH0QJy0xpfldMFb7rxIVkcv4VHydEAS19ueMPcS7GvmHIoQLOkIiGt1gPl9p1HpvvpR71JHyHFmNcXshelHBDtHPh7uKqebCqxYz9hH18COjZsI2JRjnCJ0vvhc_4msXVmYxNTI4SUis12zO95IoYXJ_U7d3GRrUU-zf6OZ1wpJPJS8cO25VJCnJwNsC8pg_mb7OBnwiyq5Oo4B5z3bL9U3DmfoHksBeW8fKfuYGGPUKkTcXTNfQzX4FxQ-xQGTn7Kti1795H6UxDBYOXi6AbFVUts-lZ8JS2sJitlDII9qi71xw2SKK11lrhVfGMUmzORJftp4yvgIopdyu0eaTq-CME6jPmJx1Xa69adZ8Dy9930qiYNQ4GVRhEm9xKHgxF5pjwP4YwoLLNahhPGYrVlSoodlb_QPj73JCXfCA9U2NFBHNiwHLWH-KAQrX7bH3gVtwImqpi6X6aoAECPAgCoWKKWJE76B9nXmQceX5n7I2v4JjvW5pn7MxpIfdEEJXSBa-o3skwJt54oHXV7cr75rduhhppRUknPMn66gvy_FWjntM9CgEPIxqjspGGBHbuziJT2uH4kd5yWWwTwERS7nVXJUkwBWsG0zcfLu1BnAe58RYNDJ8gXRct_4H3ppG8h95_zhksQBayVkJ4q7hj0-S7HmIsl9yT00mOtJQrdACr_T6RVIKh72ksbmX_GuYPE2GXsiBD_q0hKgdkauChG1IJ2Nj8Bn-Tlr4mWqwyrFn0qrq13Eat3W59Fq3SU-SvgnAPq5jzSQhyWsxJrDptHzaOZMLRixUXJXUYLgLnsUo09XML-foLQrZ8mGXPrdOJ6dDMlR5_ncimUEtB2L4EWUACyEjtsxkRziYfRK8KoLegQ0P346Tc4Tai9M2Gry1otPxIymKauwK_SAPPK1ZbhQttOyxv6GtKCF1zSkOt1fhtVv0ry3vl1u01tf14GMGq8ujPlWQfNZ3FhRIkmbUemP3wOPBNR_xkMiYWvB6jNQwctHIAvkzAqLuPyqfC5Iy7PLO1eAlqh2ltIKzM5O9lHrD_sWp4xDhMH9gBpaRsQrLXD6646qCxhaXJ2m9ULAsdJ5Jc_93jvzWgiL8y_hkpimoLsUQDdFrvdEx1H7lCOSuHVHsoIfMVmWNQTr_IEgzpmCfO2rKmPN6UqM0QNpDhkzas4bgvWt-Fda2o8WLoP2dFUC04AzsnpDGhi7tuA7AUwhVez91vOFS2wrs-rEQm3eMNN4ksn2hjK046G04QCQwN9TP9Ejflf65tTibUm58AqMEoaXvkiRukxxZsmDoeLw-Sj0DUob3BSh_BJ0gijGA9ZFoxfPeoJOjMdoEaPrb2rt1HanrCpPUVDzLoyB9Y_JaO6jJD195fkUaJiE90nusMd1uC5LH-j_HGVaTC1_7Jb66rOZPC13wiooIoWn5MskK3bW-bpwZnTw-lKADO8wUpftPIZyVcXkeYqRSPeMiZOKwliBJbU4OFkXOf_KyfyPefOypF6tO-FSMsBiq4ejkk1BfYmgrd2A9soWq9XoYnnY_WHztEg3zVioQyKB4QD2rvHAtdxLp8BQv43PDLhNDhsU3oABLH_l6OpbGpezkx5Hsl_6Hxe-dZIuv_mLMiFx7ZWUH3grEC7fTKWMkBKloaxcfz4gbCeZis6sAkIbsV8saLGRVbadFeuw5zmx3V_pmGZJi47211yGmR4Q2OYwFln5jp47Q9nazE-L7ezADL7uTamdD1kkzcwTw_u2jCyJuQjRqzbbjqnty9aT7aOnKTyBTW2A-5G_N3cn_Ct14gWG2oUkghRoJqWjrHAf-agRyFtJAmbbhE-hRfvw3nROihL8f0D0S7fACl5xuX4H7W-DDKK8QNWnGZDbR-oC8KGFxJTiM-Hz5sE2OmiMFQr6TY5Ntqa2DTe5rAk6rcgaI2UJBRowhFK27qKjNa_g16Psofg_CAMJCYSq1if3vxazvTxS7I2BVDK_W5ruY6kT_1S5nucQJn8rZAG-Xnpj2BqeBrfMPLi72QcJJRSXfYJCzSL1q9mWvBaCk2OfQIZ8RpOaHhISTSIM6V2f-FRZRRoXmduDrOleDYaStfWnfDcHk_ViR6zSqvQHaoBBGZcLqwx3ZJa8LU7MssnGHZsclxsg9dJVNEgQAjeVVWj8o4oMA68_ihp5H5dupkehJz1POCcuqHGpBpyjUJUr1H2pKw3ZDGInwD1plT6kvf35RRXMZWH1lpLQkhiZOnZ_badLMTQcKuBsutNfcYb4ngTHqBHZjkQuwFTK733V5bws7Y5ZIVTUBqyhpR4F3VMvMYbO1xvYjjFKXqUfo1gw1e5KScCBLMgIecAwaZ5&cid=CAASEuRorwi5tWrtfHuFPId9bt8Ydw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:46 GMT
match
ad.360yield.com/ul_cb/ Frame A37C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&dsp_callback=1&google_dbm
  • https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESEPNd2ZSKIPlkz6KstZQql74&google_cver=1
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESEPNd2ZSKIPlkz6KstZQql74&google_cver=1
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESEPNd2ZSKIPlkz6KstZQql74&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNXPNtqKpw9KlM9G-oapKF48Wq3II3AvuDGeXFQPrMWV2jutnr_2GPP4-PZQWOePkSS19rZm7HefZDxER8ydWLj9QtRrQ84VOTFaRgOVG1837-Bc-bZg0447Q4NtyCx9mfnrDu30svDYsECnGz_Y9O_MVSfq89AQqm3nGKYW5dQNoZZIu_WF68S3qW7JsULTsiqf5mEYYP57LgfqKKLYdRYKSLbyh6cbrX6RsIhxwcwtIiV1mbY
Protocol
H2
Server
34.255.218.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-218-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 May 2022 15:45:20 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESEPNd2ZSKIPlkz6KstZQql74&google_cver=1
date
Tue, 17 May 2022 15:45:20 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame A37C
Redirect Chain
  • https://match.360yield.com/match/55
  • https://match.360yield.com/ul_cb/match/55
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_sc&google_hm=OTI5MjE3ZmQtZGFkYy00MjdhLTg2OTktZTQ4Y2MzNzlmMTVh&dsp_callback=1
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_sc&google_hm=OTI5MjE3ZmQtZGFkYy00MjdhLTg2OTktZTQ4Y2MzNzlmMTVh&dsp_callback=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNXPNtqKpw9KlM9G-oapKF48Wq3II3AvuDGeXFQPrMWV2jutnr_2GPP4-PZQWOePkSS19rZm7HefZDxER8ydWLj9QtRrQ84VOTFaRgOVG1837-Bc-bZg0447Q4NtyCx9mfnrDu30svDYsECnGz_Y9O_MVSfq89AQqm3nGKYW5dQNoZZIu_WF68S3qW7JsULTsiqf5mEYYP57LgfqKKLYdRYKSLbyh6cbrX6RsIhxwcwtIiV1mbY
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_sc&google_hm=OTI5MjE3ZmQtZGFkYy00MjdhLTg2OTktZTQ4Y2MzNzlmMTVh&dsp_callback=1
date
Tue, 17 May 2022 15:45:20 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame A37C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm
  • https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEOyw1Kwqx-aQ4-9dM9db214&google_cver=1
  • https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEOyw1Kwqx-aQ4-9dM9db214&google_cver=1&xl8blockcheck=1
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MzdkZjM1MGRlMzg3NWM4NTNkYzU4YWMwNjRlM2U3MDQ&
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MzdkZjM1MGRlMzg3NWM4NTNkYzU4YWMwNjRlM2U3MDQ&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNXPNtqKpw9KlM9G-oapKF48Wq3II3AvuDGeXFQPrMWV2jutnr_2GPP4-PZQWOePkSS19rZm7HefZDxER8ydWLj9QtRrQ84VOTFaRgOVG1837-Bc-bZg0447Q4NtyCx9mfnrDu30svDYsECnGz_Y9O_MVSfq89AQqm3nGKYW5dQNoZZIu_WF68S3qW7JsULTsiqf5mEYYP57LgfqKKLYdRYKSLbyh6cbrX6RsIhxwcwtIiV1mbY
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 17 May 2022 15:45:21 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MzdkZjM1MGRlMzg3NWM4NTNkYzU4YWMwNjRlM2U3MDQ&
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0622 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Origin
https://mediawoot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 0622 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BigT5iFZGsa9g7LSwmlIlijJZsgbpsphIyXc5StjMuJeRqh5hvu4cI429VXMIy8SoYK5p8Ko1u8akOPzwq-dkkq9oIhnEfVB8pav_addqNcv_DxWPrUX8TPeeSyZXupjVG0pxOwG8LUpN8XKzQc8HCqUlxfw&cry=1&dbm_d=AKAmf-AsmF72j41H_swg9y36ef_xwudh950mdd3uTePPogN2oHVzjNd7zITaxiOSDwKYga-yKj3XoQw5njvpb7NfCmSKsgzk0Z6kB4pybPrGo_r2WTgK6cqSoEvB14Ed93nnLDhrSwgBBpO2mpxJNGmMQrH-c2hzNf4cFNK7FPOr06jhFt538986f6XAQ5CuGQqLadzD6TqPY70Bzi9Be3AiKw0oPS3O4ResNRCAGF1ZbsU8Pr-nsDBe98rL36w35RibagG6M9zk0jCsaBzFitCqQIsk-p67_kSlXtM_Zv3YLxz5j1M5Jt4dTJ1LuYGE4pYdSEV2EhiC_8sqc_inwyWGwB9bGf5MUyw2JwwNrI9dGZ7ToKNgZj62G50Bq0Tp9T12IaTNQirLoi7bul7jpoHFQ15q67IEwDa5xz7_5cNCc0ZKUNti0tomAKKtvkUG83L6njuzbLJAAaTAWIjeSvPjJCLcTZNLX462tTCW-4zkQMz81iS-GP7fvgkC3qbOpVbXNhcyyldKFtyqAFwuKgeoku7uW5OKlR2ibzLH_Zn3C8vj5iVAv9XQf2t_B8nRg2lASGYIQ0iY3PIFLC9IMQwfdKXfStjdqYX0cvIpnilEOKymEDC1L9_M-79ORzpI9QRU_nvRAgotFvhvK51goLJJFu9V6oHubexvBajIrY6O3LETOTKhC4zMxtkELNedsWzx8Hq0wxhbfVOZyiXgeXcZTMKj4niijY8bTizSo8k0roWyUJuShJEQYhhsgpfsuPZSBXHV12j-SDlZggKb66wAlOZNKaC1LnXMdTPxY8K8G9D8NGFGHrFP062lcuLX8pRnVJIHkD1mKLjMZSOngoh9l7C1B_VKgdDe8BB3YCe5rCp6upJ-5Cd_wUedfQ0aJICDt53lf7cZY6W7Ba57MHt9IfjEfRVAlvAgFUSG44F6m4Bk9sfRga091pXK0FbXDr4wYWbOB3sdsg1g8xPLfV-sUYlJhcOy3V1HdPH4DwzaBTgzqDzmiokLBLGdqk9APnFwQ-_pQOIl3fCXAA2KFsSK_IwEP94S26vMXjTsZF0KLX-hgVh81T4wtYCNBATRm0vkDZSDxResTnlaEoSxzyDHvwU0HVybKochPnf7y3IfqcjWVrTKdTBRZL_xqKiW4-1eMUvdJFtie3XxvnUJ27RsZw4-uzmIko4d4WD0YCvRyQn4wMgLaIrlCxFBZOO41Gy0Jzt8QK_GarmIH239ps_JE8qtunUruu-IsL6BuxmMaiS0xzgV6k_nSsNJicuIBclGDWjxid8AjksYxkeDNVO-7r_W1_rINStm_rE1GUQOmYkLUkXONjk1uto2C8-XxJWP75FJxm6QNwVWXgdWeoqjv43GGqQ16LFa7tVwP-QE79ioQCjmuGs3ApX0PTvN0EJBn2Ic39JZcd1374mkoTpxE7ampQzeZcK7Y-ZM_d6rk5RAZ0npemZUJlQwmONJjF028e_fP49uMwu8QSv-fUuaSHpq7VWkuuIVelpE00ItN1QlMj116dOO19to7rREZFIwKeFhNn_zivSywhASwPTdvEQbxiSjiXxI_CAgxyozC3Z_CQR-QqTp6BmvlPJARCS6bSbhD90dRminrf9krJteb4nYvKfR_7cag-g2WZKWiJUqkoRxVxOKwMH0Zl9rL9jNNrJlMXzKu-SF59LDtr4qGRouJCFcZcC-61OVf-XIoAHU5qKlGW7FJO-lUV9BylYftP4drlIBK-IC7JgxYi_pH3LZp4mtzSkHu0zEMA6owRK53T5Go_X3RQiQRWrTYThO6K6ZzO9Q0Ynx89r99Qq4TA36Lx9s2prCdob6HB3Fac4UhdcInghFBzLzpPMirodqi4-zby-w8e-ugiRjRCpw4o7ds4GEmYSV58XAstc-mHCqmSJ6ZW85X-u4iaM-J9y1U7coqHjW8Yuy4HJ3rxDdIUpzfx0j1CjOPowbbt4lTbsVmyu-HMQIi4KskAX1sMHr0VTkL4vZ01oyHr55a6AbEXmPqm0SzAfSEajrWWekMxiWe9xohznhEFVE_B-W488VwwWghVc0DtiITmGnhdo6KURdbUUJeAATeRuJAl7zJyNEU7mhjUBkJUY0tmS94R6NtGq3q-cGwMT4B2u0RriHaSFToWShCPeF2Dq3AecCeTG72atg2tpVwSzOnxe6oezua4ZC6FV8W7_NVtb6QtDM2JgiyEVxxZPcjV8ixZN1S-zBAMl8aPVXcWGrEJvkxfFDuKkmNsHLoSqnch9bsiCNCQnkwt2-u-67SgIAsZnLcY8DBabVSZlS6-CdIiMALleQNZoxHp8mpbWafY8q7AgKQuA3BIAUX8OwLWfng4aOQpF1AdRjOagvKuWMPCxWSAgIfWw3jy27lW98NogusShfjeNLzii6IiE_Q4tjCom8FeBkKPa-S06XQ4hPc56C1cN-r9hLkwjFQxuapMtjzsYWjTYIfXJy1NHcEldRPE26deHYZeYKPnop2-Uar5fEhgpS2nGp5hPBnNPmoRNnxizod1ID92uSnywYt522xKMIG5synBqzpLQZVNLB387rSvAP5GuJFjxEn79YMiIuBUqLu5tOvnIW8Z8XJo3TVGhyhxZ6Gt_KzrKPc4RX4_uhUUYEPL3h0wWV7KvIVMGf7Cb2EeocacKjeSW9ZIK9K7oLRxbbqwD2ZEZ-XfIsu02pHkx_BVM-dgUFCE2cNtLAKmWfXfxwP1x-v0p3DAWppI5HnijPECrlSfow8NG0LwnVFZ8zpPrOAN7BJ4JRshOtpKZ1_wVw8UKXy5xiHcOHXPuRDOn-2gR3jm0Py6_P9Z_IgOwySSRVSEnpL46gcnmf2HNvqIIsHDZDteIy1jEvX6Jcp-uMfJctVicInpCyFLm86cRwtgF8fzmmhEoM_WqAMbCYP2xS93JVXRwaZQ-L6DT1BN0wMVUsqd4zZFFM7Q5pgam5OzgLYoh0cMG1qTRFmI7WI2ctrD2K3B_dfz4RxF6-gcPMTw4MlCNpZfUBCYjomSJ27d1qIuxonxVyHaBXNUTXPBIG700Nel6QHjsWQC1_b6LlGB6TYkeWusvIfUuF8tafIouZTrh1T7oBwFEj3HJ6c8bUE627OmFl7_Aq4iFZwua1u9dD8Qv3E0u4QeSy3CdmSP-RIQbBQ6WbFh9Ur4-1rnd1mESNuXA9NTd4JEXZafdrQl_qv7DDQWl4d7m-v58d_aXB3awPsmWBpuwBWNie_9juWEACjwZ2sZZJyQxNvlqf_D9_iMhEDbubpYeIiqBd_y4haNhhalbYLvXiz87kc9c7-95K_3t73ffQmizZZrx81d5HO83lUt__bTcGBNccEckz1Gq5A9eo3SOvosZzdM58L7QMPmFOgGelOD-g9ss1Mc1nNQVttlikJW6l5TfciFcD4sJs9Uuw5kKqXwE6Fvciopy6_h1X-RnyOEL03b9pLJAbpKC4byMilzLQk1XIj5JXVmHA0zo8-JyS9V-8SQBGcErO5qQ76r-6YY0bKZIEr7ok47DssR4uZLI4zt56gXAi98lhXO308RhJmRjh-s3In7NcNMsglJVrDzNH7oLMgraKnm2V22JGfwDMwLaTk9_EtbuUYP08XhXfX3Kckd8WIf_7mw&cid=CAASEuRovBn0sQFodZ9IPj2XvDeLIw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:42:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 0622 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BigT5iFZGsa9g7LSwmlIlijJZsgbpsphIyXc5StjMuJeRqh5hvu4cI429VXMIy8SoYK5p8Ko1u8akOPzwq-dkkq9oIhnEfVB8pav_addqNcv_DxWPrUX8TPeeSyZXupjVG0pxOwG8LUpN8XKzQc8HCqUlxfw&cry=1&dbm_d=AKAmf-AsmF72j41H_swg9y36ef_xwudh950mdd3uTePPogN2oHVzjNd7zITaxiOSDwKYga-yKj3XoQw5njvpb7NfCmSKsgzk0Z6kB4pybPrGo_r2WTgK6cqSoEvB14Ed93nnLDhrSwgBBpO2mpxJNGmMQrH-c2hzNf4cFNK7FPOr06jhFt538986f6XAQ5CuGQqLadzD6TqPY70Bzi9Be3AiKw0oPS3O4ResNRCAGF1ZbsU8Pr-nsDBe98rL36w35RibagG6M9zk0jCsaBzFitCqQIsk-p67_kSlXtM_Zv3YLxz5j1M5Jt4dTJ1LuYGE4pYdSEV2EhiC_8sqc_inwyWGwB9bGf5MUyw2JwwNrI9dGZ7ToKNgZj62G50Bq0Tp9T12IaTNQirLoi7bul7jpoHFQ15q67IEwDa5xz7_5cNCc0ZKUNti0tomAKKtvkUG83L6njuzbLJAAaTAWIjeSvPjJCLcTZNLX462tTCW-4zkQMz81iS-GP7fvgkC3qbOpVbXNhcyyldKFtyqAFwuKgeoku7uW5OKlR2ibzLH_Zn3C8vj5iVAv9XQf2t_B8nRg2lASGYIQ0iY3PIFLC9IMQwfdKXfStjdqYX0cvIpnilEOKymEDC1L9_M-79ORzpI9QRU_nvRAgotFvhvK51goLJJFu9V6oHubexvBajIrY6O3LETOTKhC4zMxtkELNedsWzx8Hq0wxhbfVOZyiXgeXcZTMKj4niijY8bTizSo8k0roWyUJuShJEQYhhsgpfsuPZSBXHV12j-SDlZggKb66wAlOZNKaC1LnXMdTPxY8K8G9D8NGFGHrFP062lcuLX8pRnVJIHkD1mKLjMZSOngoh9l7C1B_VKgdDe8BB3YCe5rCp6upJ-5Cd_wUedfQ0aJICDt53lf7cZY6W7Ba57MHt9IfjEfRVAlvAgFUSG44F6m4Bk9sfRga091pXK0FbXDr4wYWbOB3sdsg1g8xPLfV-sUYlJhcOy3V1HdPH4DwzaBTgzqDzmiokLBLGdqk9APnFwQ-_pQOIl3fCXAA2KFsSK_IwEP94S26vMXjTsZF0KLX-hgVh81T4wtYCNBATRm0vkDZSDxResTnlaEoSxzyDHvwU0HVybKochPnf7y3IfqcjWVrTKdTBRZL_xqKiW4-1eMUvdJFtie3XxvnUJ27RsZw4-uzmIko4d4WD0YCvRyQn4wMgLaIrlCxFBZOO41Gy0Jzt8QK_GarmIH239ps_JE8qtunUruu-IsL6BuxmMaiS0xzgV6k_nSsNJicuIBclGDWjxid8AjksYxkeDNVO-7r_W1_rINStm_rE1GUQOmYkLUkXONjk1uto2C8-XxJWP75FJxm6QNwVWXgdWeoqjv43GGqQ16LFa7tVwP-QE79ioQCjmuGs3ApX0PTvN0EJBn2Ic39JZcd1374mkoTpxE7ampQzeZcK7Y-ZM_d6rk5RAZ0npemZUJlQwmONJjF028e_fP49uMwu8QSv-fUuaSHpq7VWkuuIVelpE00ItN1QlMj116dOO19to7rREZFIwKeFhNn_zivSywhASwPTdvEQbxiSjiXxI_CAgxyozC3Z_CQR-QqTp6BmvlPJARCS6bSbhD90dRminrf9krJteb4nYvKfR_7cag-g2WZKWiJUqkoRxVxOKwMH0Zl9rL9jNNrJlMXzKu-SF59LDtr4qGRouJCFcZcC-61OVf-XIoAHU5qKlGW7FJO-lUV9BylYftP4drlIBK-IC7JgxYi_pH3LZp4mtzSkHu0zEMA6owRK53T5Go_X3RQiQRWrTYThO6K6ZzO9Q0Ynx89r99Qq4TA36Lx9s2prCdob6HB3Fac4UhdcInghFBzLzpPMirodqi4-zby-w8e-ugiRjRCpw4o7ds4GEmYSV58XAstc-mHCqmSJ6ZW85X-u4iaM-J9y1U7coqHjW8Yuy4HJ3rxDdIUpzfx0j1CjOPowbbt4lTbsVmyu-HMQIi4KskAX1sMHr0VTkL4vZ01oyHr55a6AbEXmPqm0SzAfSEajrWWekMxiWe9xohznhEFVE_B-W488VwwWghVc0DtiITmGnhdo6KURdbUUJeAATeRuJAl7zJyNEU7mhjUBkJUY0tmS94R6NtGq3q-cGwMT4B2u0RriHaSFToWShCPeF2Dq3AecCeTG72atg2tpVwSzOnxe6oezua4ZC6FV8W7_NVtb6QtDM2JgiyEVxxZPcjV8ixZN1S-zBAMl8aPVXcWGrEJvkxfFDuKkmNsHLoSqnch9bsiCNCQnkwt2-u-67SgIAsZnLcY8DBabVSZlS6-CdIiMALleQNZoxHp8mpbWafY8q7AgKQuA3BIAUX8OwLWfng4aOQpF1AdRjOagvKuWMPCxWSAgIfWw3jy27lW98NogusShfjeNLzii6IiE_Q4tjCom8FeBkKPa-S06XQ4hPc56C1cN-r9hLkwjFQxuapMtjzsYWjTYIfXJy1NHcEldRPE26deHYZeYKPnop2-Uar5fEhgpS2nGp5hPBnNPmoRNnxizod1ID92uSnywYt522xKMIG5synBqzpLQZVNLB387rSvAP5GuJFjxEn79YMiIuBUqLu5tOvnIW8Z8XJo3TVGhyhxZ6Gt_KzrKPc4RX4_uhUUYEPL3h0wWV7KvIVMGf7Cb2EeocacKjeSW9ZIK9K7oLRxbbqwD2ZEZ-XfIsu02pHkx_BVM-dgUFCE2cNtLAKmWfXfxwP1x-v0p3DAWppI5HnijPECrlSfow8NG0LwnVFZ8zpPrOAN7BJ4JRshOtpKZ1_wVw8UKXy5xiHcOHXPuRDOn-2gR3jm0Py6_P9Z_IgOwySSRVSEnpL46gcnmf2HNvqIIsHDZDteIy1jEvX6Jcp-uMfJctVicInpCyFLm86cRwtgF8fzmmhEoM_WqAMbCYP2xS93JVXRwaZQ-L6DT1BN0wMVUsqd4zZFFM7Q5pgam5OzgLYoh0cMG1qTRFmI7WI2ctrD2K3B_dfz4RxF6-gcPMTw4MlCNpZfUBCYjomSJ27d1qIuxonxVyHaBXNUTXPBIG700Nel6QHjsWQC1_b6LlGB6TYkeWusvIfUuF8tafIouZTrh1T7oBwFEj3HJ6c8bUE627OmFl7_Aq4iFZwua1u9dD8Qv3E0u4QeSy3CdmSP-RIQbBQ6WbFh9Ur4-1rnd1mESNuXA9NTd4JEXZafdrQl_qv7DDQWl4d7m-v58d_aXB3awPsmWBpuwBWNie_9juWEACjwZ2sZZJyQxNvlqf_D9_iMhEDbubpYeIiqBd_y4haNhhalbYLvXiz87kc9c7-95K_3t73ffQmizZZrx81d5HO83lUt__bTcGBNccEckz1Gq5A9eo3SOvosZzdM58L7QMPmFOgGelOD-g9ss1Mc1nNQVttlikJW6l5TfciFcD4sJs9Uuw5kKqXwE6Fvciopy6_h1X-RnyOEL03b9pLJAbpKC4byMilzLQk1XIj5JXVmHA0zo8-JyS9V-8SQBGcErO5qQ76r-6YY0bKZIEr7ok47DssR4uZLI4zt56gXAi98lhXO308RhJmRjh-s3In7NcNMsglJVrDzNH7oLMgraKnm2V22JGfwDMwLaTk9_EtbuUYP08XhXfX3Kckd8WIf_7mw&cid=CAASEuRovBn0sQFodZ9IPj2XvDeLIw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:46 GMT
1a
i.clean.gg/ Frame 2D81 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 725A 		482 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNW62boOjwlAWk4Hb6Ai56hdzKgYlvwNdzlfwEu9JfoKBV9m1iwodsPkBnFZiWvG9X132QNnYwIIGBD_yaGGiWjt8X7cGapzZmEVSHviexOiE49totPLcOOVOwOlUL4niJet1JoJ-wVGN2PMTiGATBE70jtriXzGcv3diZIzsPCsULxfhxAyr4wCO16XmEnnet3i85kRX5Gqo_9lg3PMxfRmWGzYO6wtt83uRkK5Kx8INa8eEqY
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ukbrjr&e=1068016250166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d979043c48cf13e1b033cfabe1aaa1188263ff138c04206fbd057a5c4f572b48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
263
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 17 May 2022 15:45:20 GMT
server
nginx/1.21.6
via
1.1 google
ad
googleads.g.doubleclick.net/dbm/ Frame 2D81 		75 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Auyj53RsslllnSvUeHujdaV_zSaebC1RQ4lgQEie7EHslfP1ClkonZ03ZYgKeOoElze-xLSYDcwwiTlfWGlm1DnILCkc050KKA0E_ywxldixQbGDUBM90ZxQJ7aUo0rRqd8KGh0kDYSTg3CR1Ml_mlXrd7uw&cry=1&dbm_d=AKAmf-D6O6jCYWsDDWaJy_nHA9uVcfTmonHwZQkPDYX66hCop4-x4bKG-g2tVQ-79D5KceDesLu079AKajAnfl6qfenRlqyAYQqDwViF3gAdrP6HplC3cxc8n7a0IC8c0hmubAnFqUydheifYmrq2ADp7WvaB5ptOE2FXyICD8FXPp8vsracFZpLOVTPTNiOsHhoKXgc6twAxbFh9W1L0BXxMk2vlhY-00pvbBHRzFs0KyoH7l01_kWgzaUJV-kJ2AEj6aiNv62r68WSDSK1AQsMRP1Km6Lro1zDOqNgYSaqebwa9838hg8BwEPK9Vln4fk8MQrL_6dCfrSLAuist08elXT6K6Yh6i-tv4BaOIxdzRPuEQcXJJprFhjxv2Nm-Ss_vkHrJzN5hno-9jYulTX6n7P2YtmuC1KSObOxrQ0BjlsHdgvH40g-27W6seIsDjbA6D38dSQVmXqISAVvXt2gWG6yWMfRNXFEhsqColBz16MzHzsYv5nZY8HgXcOSBdDptqAWvs4IBCoktLY8gKhEm-3Q10WJFkrMtgR-HSF0eHvqUgDwx5lGKfPBUlSP9-4XKS5i1z52IbzzdLn02Q3vxPCTWxBK69mu3UHuKoG4R6SrnKCDQ0natPTEVEJ3zJxCt41gvm5vgYwhnQdF4lQ4oViqQeODp78Y4p56JFQFA4qCECPKmMgZ6qQt0bBVYsM4ELoSo6KKAzcZ0nXfnYDTqJM6oFd3Uf1kg6bG0UBGI52S_GbKlXyXemjmhp9WyEUn0j8K0-b1zbqnnjOvVXsXoXoc_NocA61xW6ifZ2idvpZBrgYmGLn49zwN22EZ4W3-AN2ZxVurA7P5g94WWkgvfCFINQjMX2VXQvKRgL0xY1QufAnr-VaD-DdQ6YVduPnXKpLbaiFzzo8MWSPiEmOu_XjPeI-08PKOr5kj0LcgOOr5b7O8wENG_omuB_F2jdAXycqcXIp1IGdpa13ry9QY-63SRHr_iG3KdMKM5CVd0Zg8GsO8jFsmaOVLk3Jl3isxF6afCM7ZQpaAbayEXAiR2767F7ljVGYnOZI3ZnuiS1vRbDpLpeFpzMCpbhw2sdRc4WAYBwW1MmMOK_byq89LJIXefJN8i5bAUahCLbhq4hcFQy8AM-ubMAiGVpRYNDYiZ4gpxK3kUl_bF-jNpc2uVa5Swo-1WUXKVwNcnzF9HkQgeR__582Sy7GUtb661a3moxAUHk49wwvy0O5RLBmxBSi2TiyBCA_3Ieo2KoTi4h0amCOc3MylhcVLw00GWm8Q6Ui_TJkteA3lan1mg-t7tx9jLgERwka_YhQsAxdhC4ghclXrZ_2qWBobZMXlPxyfbYlcGunS31Ky3UbRm7Ved_D50diyWx6pDRnRSYZvuxkZdU4jtbZV4ZsHaaQiz0SEz2LfjfI3zp05JrPlkxWzi4KkbmqS5c-irjlAoRfNBe7cQsGxYmYsG3TAv5Mn2u1SPGK0juwRw4vttZOhLWWyNWlfScZ3QPYZWjblQnWF2JtDc2Li5krVIQZjXYF9UVYUukUPU09JcFoaUve2Yt3toH5S-0udLrgwU5r1ZEFDma-xBSjHhRuWgUnk7kUZeMS4YI-0oW9quqRffDbDcL95g1YDy_2paB_UJ4RXzporH7JhhcFOSxnKpIQjgtRABSUrv1sBviFqM_ISOU1uMRL8eYcAUsJrNIsxEJ4bv-vqMS-IMTmV5rPr0ISzy_9NCbCgcDiMLwlGVEYhu5tLw-RKtubm0v7g8PbMxzihS27ZFOd2w50LGQSLfynacSuyZrJSGFkHyAunoMUbHHpqLiFc5Ay3Ji2qaZ-ewBqSG69g9Uhz47W4FqpSsKHMvITGED3WXgt4n1VL-TXCFQFpto0MrShYbNtVIX7q9jACTuxiEqBfrmfVMFkE-3Z5FecwVuGJGeoZt7WqGcNm0noVLAnR_S9cLAh7YDHC3aKRMtGEQRAGZTHv7LoZON5s0r42esKQwj0teDfiE2cId0irQz4-y1Rw8V-95Z02wIaQSt9CqcjgvEzc0tjCuwGnSyWNla2gvWtL4oKiozMfTo9uFi_QzPIlmhGdMSisfs--S3tj1mgAgNbmG0TbDbuTMi0IRu69baLMmsjwtgxjO9CiJhvm2nsq1IIGA0iuZGYfTondwv9K-VDuCGLOkDrexFvuz7fTTxyJeDuYeFNUiGvxhqjha26ht0SO5A4AdPgL_MAPBSrdHBBKfLBzCfuLkUC8oaeS-Lg6M-99jZVJPl7bClDjfhUfBLjBxyevVgwH1UvsB-FYAkTwPXWIUPqwNliRIlZUYBH1eBtafoAjbyPAP9T_Q46PyurPBrIpqETvTZEqpjUImiNfxNGP0b9_YPvIFs5ULcVE00htRyRqg0PyoA_j26kOsYFEcQaySPAi0N7dpHRN1yOuJb6OYqkUofT_jmjFu_2HbasttLHCMHQjY2d_HNpLcxSMNiEG5wZBC6WmoZQXE4zBQgqm4pxWDurja4xcKBS_2YclXfzuHLwNVoCE1dMs9qEkMmWHFa34cz4aDqpr62_V6-8ZC6WD24d2RXIU6iOdNaMUOSPuRafYszXXfZSIur8m7_XdL9zh59H8-93iWsNjGJXPR50PQp67_sXMN-CKOmMZNiR9dPlc51RObfaAQM6deQHbsXM-kVFWpHrKlaF4bgRZnhkhM4qVhmJwCuZNDK0VsxkqtXixs8pdwMVId_oIOjDYUV5OBh5Y9MAIcuk32LWLsYrEJr-y2qOcnlv0EB3b2OR_DjZX0n6GRkgt0-yQIhHJsJeAooObmRK3BIyUDzlvQ0UuIuDaLoosF1ngFZ8UURfV35A9KxtfVarUiqaVANUWhDjUeyXU4F-0hqdEE3DKScclH4KpcvAeVq1ASaterrGdwQOy7bYSidExxSWBWoxJ3TSnFvP2sSbOUg5YrdpDAureRsLDJr3KImZBkXUILk1gELcu-hu_s-oncSagqOG6r7VrZpdRDXqfInvmhKrV761hHOYCsGywhzIpBLfKW_XR1OR0una52q7cGOR2L7YHSk_rXktjkWoLY31NKL73EEJRUbiW1NAmQfqqd_LOTARp1yZ7D-yVaNZ-jcqlPJWMu8dBOCtSkbpHb_exq_RxGnRRNIEpl39V3CyXYF3aqRmvCoAG-X-3piLErE8atxeK697M1UGgw2vzwApkL3EzGoXwoyaEb4AyvcetdOeQauR6IhnUpmWjeQqLyLv-5tqTjh7hovapuKFLbyWoLIx9GiAP7IyuMgni99jqR5JMQtiZZbIFK5oBu2m0Yjz89JXO4hiBwxD13eBEBJA2HwzExMj1sXpP2_8qvTw-5AsiRAfhnd0r9OXz_wr2kC6dmlH4-IL8VEArXHb5OKusdF4QIFKvJw8jzkeJhJ9nsAz2CQptRaDOCF9lpgkswUneVgUQeKkuzN1GUFiGy2ZXp5HEtB7hg5YpoaiqJuRgcMJcfSjZq9p_ORLKm9ONimgyO7wy3TjEFt63-0zYQefKSIi_vLXMIIPfuyamhW3hSA1zNkRKBe6m-y3KTctRWsB4YvJ39yaEVdNBRZho_R36vxk8pU188d8wETbKID6E7pOlFIPKnwSF3Yg7qvz-ZF-IBg&cid=CAASEuRoQdsrbqQYnQICZ5DRi61Vaw&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66f7e91cfe55242ef1f35490ef3c43445430ce919d97ab7a1a8cd8dfaa2808e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 8948
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_cm&google_dbm
  • https://ce.lijit.com/merge?pid=23&3pid=CAESEJ4jTZdxNF-fSvui3Se_lME&google_cver=1
0
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=23&3pid=CAESEJ4jTZdxNF-fSvui3Se_lME&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNViFhXkfWOTXJKkDt2-taQZX-1c5OZ3rG5Pzn7cJEzly_HmkfFOP0nvkdvgJImbiZFTL1cLaReokjjU9nBMhbevRStUSZ1wR5tHUNerSVqJzUHMF_sByUKAS1glSsKmq5mrlTJw7q5TK5rOxK8bXuNpxXCek0x1amTHQGsmdGbRuCFQjyzlr64W_i4fQ2m7FyLGnr-dJ_jxJ9RYMQPREdfZIqq3Xs0G-QrvzWjhyjd15xcL6Zg
Protocol
HTTP/1.1
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
X-Sovrn-Pod
ad_ap7ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ce.lijit.com/merge?pid=23&3pid=CAESEJ4jTZdxNF-fSvui3Se_lME&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
285
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8948
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?
  • https://ap.lijit.com/dsp/google/cookiematch/dv?sovrn_retry=true
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RXFBUnVEWkhFcGk4RUcyNVFQaWNvdzJs
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RXFBUnVEWkhFcGk4RUcyNVFQaWNvdzJs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNViFhXkfWOTXJKkDt2-taQZX-1c5OZ3rG5Pzn7cJEzly_HmkfFOP0nvkdvgJImbiZFTL1cLaReokjjU9nBMhbevRStUSZ1wR5tHUNerSVqJzUHMF_sByUKAS1glSsKmq5mrlTJw7q5TK5rOxK8bXuNpxXCek0x1amTHQGsmdGbRuCFQjyzlr64W_i4fQ2m7FyLGnr-dJ_jxJ9RYMQPREdfZIqq3Xs0G-QrvzWjhyjd15xcL6Zg
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 17 May 2022 15:45:20 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RXFBUnVEWkhFcGk4RUcyNVFQaWNvdzJs
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.yieldmo.com/v000/ Frame 8948
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm
  • https://ads.yieldmo.com/v000/sync?google_gid=CAESEISK0hJPj_aX4eiNLN7RNo8&google_cver=1
43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?google_gid=CAESEISK0hJPj_aX4eiNLN7RNo8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNViFhXkfWOTXJKkDt2-taQZX-1c5OZ3rG5Pzn7cJEzly_HmkfFOP0nvkdvgJImbiZFTL1cLaReokjjU9nBMhbevRStUSZ1wR5tHUNerSVqJzUHMF_sByUKAS1glSsKmq5mrlTJw7q5TK5rOxK8bXuNpxXCek0x1amTHQGsmdGbRuCFQjyzlr64W_i4fQ2m7FyLGnr-dJ_jxJ9RYMQPREdfZIqq3Xs0G-QrvzWjhyjd15xcL6Zg
Protocol
H2
Server
99.81.121.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-121-75.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.yieldmo.com/v000/sync?google_gid=CAESEISK0hJPj_aX4eiNLN7RNo8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
287
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
exptsync
ads.yieldmo.com/ Frame 8948 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/exptsync?partner_id=dv360
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNViFhXkfWOTXJKkDt2-taQZX-1c5OZ3rG5Pzn7cJEzly_HmkfFOP0nvkdvgJImbiZFTL1cLaReokjjU9nBMhbevRStUSZ1wR5tHUNerSVqJzUHMF_sByUKAS1glSsKmq5mrlTJw7q5TK5rOxK8bXuNpxXCek0x1amTHQGsmdGbRuCFQjyzlr64W_i4fQ2m7FyLGnr-dJ_jxJ9RYMQPREdfZIqq3Xs0G-QrvzWjhyjd15xcL6Zg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.121.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-121-75.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 96BF 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYh_DTyQEwAQ&v=APEucNWfFJ5_WSc2kzxqBK8j9gdWfsP67UPSPxFDPtHjMPqCGuQY2ra1C-IXL4tf68D9gDiGjh-0XNOiKncktFIlsvtDzS-rkUrCJNGWw12BASA-_8XUC1zJV6b7EY-E4oL_uynNJYfIs6sQw9xj_Nmx8p0c_1rdDwbgUnja0o8cRvzN-MtoAEY
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame BBE6 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
Origin
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame BBE6 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:26:27 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame BBE6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7989
x-xss-protection
0
server
cafe
etag
11406487492938680093
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:17:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BBE6 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-U5pZ1CB_u9WsWX8QDfLdeU7d2FCigmXMZmmZ8Q9H0kY47JT4jED4PwxFbvp2BrigLjjN0-_bIMI0m8bKp-1E4Ud1LEI9OmQZFiLaUWla781nekk
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame BBE6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BBE6 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame BBE6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
451
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
server
cafe
etag
1643562372680595834
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:37:49 GMT
l
www.google.com/ads/measurement/ Frame BBE6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRsbZdbb0EnvSeW-_abUvPTdzl5K1o99OaRvw8XbXacIUeXJj2cgzUGfUI1qaZ7HrwBIXbPYaym_2zHwq2CqUloEnkxw
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
inside.js
cdn.js7k.com/rq/iv/ Frame 2A33 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: pr.ybp.yahoo.com
URL: https://pr.ybp.yahoo.com/ab/secure/true/crid/2MuZrH47BBFZFv0MfqY8Gnyy6FJPvY58/imp/fDYgHlzGVVgrrSGJjto0EN4ZpStYmvbjHoRNRzKIyQgJ5n4x0G80dQnaxJqwIbnfdkX9doZXbnARg6eW7Gjm7WxluQx69WmLd0qRbhnMEay3Mt7mPXAN3GQbefU-KaXIL0TDSRPfoRpjFneTkDuaWeOQxWwsbrIXAktJf9ZFaFkMOIA-f86kTKJf4uD7Q4GVb7IC8BAPbANnJKBYbZi1brfZm_nmSEAuqKhBDuZDaReQmRDCFrRMDLUT7VGGJIS2e1SEqyK_NpmxF6zyrTXnWlrtwDX_-3wsOP7S2FWxb2Y9pOjCvNGJ4SPurzwzM3v1Xywjz9y6RbKGXHKM0eG30YRSGxWdLfCEaGGuMlK5haHvJd4ieCKqTfEDd2_m56VGrgeyY724NHm8tC6vIgDJj3J4GyBfwiC1e355iguXWQPRAgYYEPjM077P66QToHBP3Gn9oIf98vSrT-C9ZMjg9qnuSOdhbexEfGTd0FNHMkcM9CeXsctFuxub8iTnOMMOpcEIlubYVUpsDiWPCiSg0M8fJyAs_4YAWg1V797AYXePvEw2HvBaiDmXgQsT2ndPSvdBtRoCDI45YFIKr7WPVTJrTNLyARhHE06dUH5fF4vMwnWOmAg-9iK84loHBYh6x15Lu09wik9zxilXiEuSTuh9kpLh3q8WEIwIXo8XQgN5V7hbLDLjJ4oaIcPOo41u7IofNPh960buCFe4Mf0HbsQagwytNMhDTZN_5gycJBA_f9j8UoN720YA_17ofnl4tLlfeE_vklbkZtT0Uw_dZ5WVBzdhCMYeJfsYVLaS41AmXxi34jd4mzEMeJY8IPE-QfitmK8okqw7cXrXfiTRyXwfmaASJpQTgI4Ke9esmDNK2GrS8dmYycxNNwopFd-wf_wpIroIE1i_oI4WU1rMVIBit2xtgZ_NojYT2ZsCPXIj1ccWbKlHxpt6e93_QBU86HZLMkkCOat09an7ucv6qic58Sh9UdYCA4xGB31uj4zjJRHNpX0y_c5s7NuwyY1HJhnDfA2rnOYDxpzuTFk3A425GpwcP0tsfvmbsfTQz9zB8A_r4U9Nt-PlVIj_Jl7VpnwoS_XKrOnAptUJZCp4LMuf6cqqAw4_bJoP02Lz8V5knh5_Sj_tKhFT0tzrIVvUMNjA922vhcWI9dD_PcQXM6i4G4tqwDswMXeILLnQN270-WoSqsvRFbFm8eo6BFNu18l45f7w4S-ZQcMs4te8la0aSreLur0UwtjZb_V3E2BfmaDR3crrugEeUFsvFCIYeGqBB1mippsinEi6xzKp06X7Xz_2Si7ZV7WccUK384W2jBTu-rbdidL6JlriUDXT__VZ3HV9Ai3N-u0YTBKxOuwWOU1AFcxO9eJVQU_wX_5HkfsJD7YeH-O2SDqOTMeYFvcY7TTJQyDhUaTF0jrLjD_ZLaz6YtGvzlSVOJJsTWms63ohVHL2ag/wp/0.000659
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:40:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7473
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
14353
x-amz-id-2
8gkmcvUu2Sr9UgzLhvnCWzDsgYSnKzg3NCPfhEbwpVtxMa1UPqz5t6bHRE2sy++it4oERF2epQE=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
SKFF8S1FEWMT4RAE
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
80375f18-73ab-47a2-a304-57a6245dc4ab.png
s.yimg.com/ch/ Frame 2A33 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/80375f18-73ab-47a2-a304-57a6245dc4ab.png
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=pjbzvaf&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
9fd7cb2426f6a2028628aab09ec4d1e6b1101ae94a5d388fb3f341115e6ff69f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 17:22:42 GMT
x-content-type-options
nosniff
age
426159
x-amz-server-side-encryption
AES256
vary
Origin
content-length
94124
x-amz-id-2
fkuwTM+ktClRhvY6cs227ywwH9IW5ch7YDPS4GIaiLxMAjpRDbcaDc10/Hjd3tcx3gP3bMFrfx0=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 May 2022 16:45:42 GMT
server
ATS
etag
"4f5ef98c88396f4274a53d24a08b358e"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
DHG2SRTGD3HXZCZZ
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 2A33 		565 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=pjbzvaf&e=1068016250166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 12 May 2022 05:27:37 GMT
x-content-type-options
nosniff
age
469064
x-amz-server-side-encryption
AES256
vary
Origin
content-length
565
x-amz-id-2
ZU3sSAhcooA0Fcq2MA2H8+lKqhH+Hacxl9DtJuPxRxMeumXq/daKvucZn8oMMEaxR4LWx3Tw88A=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jul 2020 18:15:42 GMT
server
ATS
etag
"349bad1100a940608cb9109eb2b166a2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
VXKDG6A9KBSJP8MM
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1026 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:20 GMT
index.html
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 609C 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:30:38 GMT
expires
Fri, 12 May 2023 10:30:38 GMT
last-modified
Thu, 05 May 2022 07:04:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1026 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIAfm3jW7Cmk8lh1l94Ii6CFrzzFFle0OlcIpfm2EpjZDPBudN4KmG_LxN5yTrfWiVY_oyi5679SzyVok06hEWVQ1VCUs6OSCn3WFkjy90tDZeY5c767crUHNT6OrOMLCeUTr2k-fq843ahEOFnToLBUUu-fM&sai=AMfl-YT-FLYJWGZludg4N3bvrvTmXsqH_lzRfDSRUTE6h5769pmwxFgfMHsMoT_RFO-XXTNTsHwucleT6HO0EQPsDhd9UYdxEq4WDOE&sig=Cg0ArKJSzHArfqb0RKSAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=304&cbvp=1&cstd=301&cisv=r20220511.98632&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5640 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:20 GMT
index.html
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 54A1 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:30:38 GMT
expires
Fri, 12 May 2023 10:30:38 GMT
last-modified
Thu, 05 May 2022 07:04:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5640 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrmmgj7SnWRD_Qm_rRKKrxll05ZS1Z0ECvQgFFBkAGpr2QFaj4qqqir_imGyt5QYilz2ySx092Tc-QB6l4GCATvMFgSwgjmbez8y1jREoGDRq4ZMH8a4JUjlV1oeA_RM0Hc3ZfJQ-KIvYvJfCEyKqxAGjeP2s&sai=AMfl-YTeXEIlnhLiPh6cBioWGXztJEry9WUoKFXK2BPPU_VsQSHrZxYcboKl2PkH4eYmSDR8LDsMWZTbrsYGp9kyIgk0KvBd6KM5uZU&sig=Cg0ArKJSzIfUB5vtEyEMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=320&cbvp=1&cstd=319&cisv=r20220511.63223&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FDD8 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:20 GMT
index.html
s0.2mdn.net/sadbundle/6979732036807963214/ Frame C40C 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:30:38 GMT
expires
Fri, 12 May 2023 10:30:38 GMT
last-modified
Thu, 05 May 2022 07:04:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FDD8 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-prXjT5h5BYWxXopsY_jIhiFq4-oWIg41n7NZW013QDKQovcgE5m0f8vmPcUrYawHVc2nt6xN1adXpAFkf53tXonOYEXrvmTT27YRjgWjwkw4vHZiEbSYLrlwrceq82TpTI5WahA8aEYeQ0wfTO2gdocmfug&sai=AMfl-YQ5DhFNMVOWcC19TPBRqPkcPfXksyExAIEQkKyKqTyma_Loh0PaxFvSwY6J6s_sHMbhaL6IO1dGFqRwD9Aj3IiooTu5WrA7Ufk&sig=Cg0ArKJSzBV3_rNVDWpkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=282&cbvp=1&cstd=281&cisv=r20220511.97182&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D062 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:20 GMT
index.html
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 992F 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:30:38 GMT
expires
Fri, 12 May 2023 10:30:38 GMT
last-modified
Thu, 05 May 2022 07:04:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D062 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssa1TCkfWrSfnskIFmjD0y6EfnEftDbNxY60lNUj03cjeAcNdQuo4wxhwLsyADih0g5kvVlTdl_BY8eOZH1HeVv1HIJ2lD_vKQuA5DiaLMlJ4pYNHLFySBH7t8HVOAhncUgcQbPDtesQyIZ5ZCiqCm2F63a-ug&sai=AMfl-YS1jhhrieVYMd_AOrMKvLuezw_GdvvyJdmmOgKVj7jshMXEvBOMC8z86d95MImSP9GtA0i3NEMztk2H0u0OyyhlJknyYnes1kI&sig=Cg0ArKJSzFp4zRdb9Qj5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=284&cbvp=1&cstd=282&cisv=r20220511.63054&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E306 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:20 GMT
index.html
s0.2mdn.net/sadbundle/6979732036807963214/ Frame E975 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:30:38 GMT
expires
Fri, 12 May 2023 10:30:38 GMT
last-modified
Thu, 05 May 2022 07:04:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E306 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4AW_-9CuVCOB8yrF-j_YHVAqgDbQSIt9Rhu33tQ4mTkcx-7S8harrjWxh_QD8hU7ZzZmTtyZtao-RJyMX2LMtHzZSg5HuAZw47BLcBE9mGSLkpdoSzE6M-sR75EDgpOaYogofrRifb8__pj1ixi4xtLgpkiA&sai=AMfl-YQjAGxMOScsHCG2zS8RJKR-bpgdkc2qdEF4kJzNX1egGBL2K9wN-SFuf1aEjUAwjacgCFfXsLD4dESx_oYYWlrWPRKVyWET2rU&sig=Cg0ArKJSzOWIrAuhKnYLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=261&cbvp=1&cstd=256&cisv=r20220511.93623&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5640 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yyakrhcb&e=1068016250166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1140 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yyakrhcb&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40725
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:20 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589213
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802321.866278,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame 5640 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKiBPBMIgIAAAMA1gAFAQiPho-UBhDAibKY84-4uBwY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPRIATEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4ub0DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAWB6aOIhtKGriPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYADTEk0AaL5QHaBhYKEAURHQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IBShEIAAwADi9BkAAyAe5vQPSBw0JEUkBRgzaBwYIBQlE4AcA6gcCCADwB4njAooIAhAA&s=7e435f49fb6522e0871f0e675e94bf7c3389f64f&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dyyakrhcb%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dyyakrhcb%26e%3D1068016250166&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yyakrhcb&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b2285326-1ec0-4acc-909e-58863bb0da95
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1026 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zrffrdpel&e=1068016250166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3478 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zrffrdpel&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40725
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:20 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 590535
X-Served-By
cache-lga13628-LGA, cache-hhn4041-HHN
X-Timer
S1652802321.869957,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame 1026 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKiBPBMIgIAAAMA1gAFAQiPho-UBhDYiqiviMO4ulwY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPRIATEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4k_sCgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAX9277B8o2P2RvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYADTEk0AaL5QHaBhYKEAURHQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IBShEIAAwADi9BkAAyAeT-wLSBw0JEUkBRgzaBwYIBQlE4AcA6gcCCADwB4njAooIAhAA&s=6632e4310d4322237fba4091abac248bfdc0f207&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dzrffrdpel%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dzrffrdpel%26e%3D1068016250166&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zrffrdpel&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8c4a9830-3d42-4139-ada2-8380bf5e13f2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FDD8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=uowquneh&e=1068016250166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame CF34 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=uowquneh&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40725
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:20 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 590536
X-Served-By
cache-lga13628-LGA, cache-hhn4041-HHN
X-Timer
S1652802321.887841,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame FDD8 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKiBPBMIgIAAAMA1gAFAQiPho-UBhD05Omk17ek1UoY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPRIATEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4sugFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAWIg4uoxrGn6HjABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYADTEk0AaL5QHaBhYKEAURHQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IBShEIAAwADi9BkAAyAey6AXSBw0JEUkBRgzaBwYIBQlE4AcA6gcCCADwB4njAooIAhAA&s=56f5cfb1318d6884132ee73b7a090cec0f0ce522&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Duowquneh%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Duowquneh%26e%3D1068016250166&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=uowquneh&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8472ba67-a87f-4fee-9e4c-e6c3cdd37e36
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1518 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:20 GMT
index.html
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 1A4A 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:30:38 GMT
expires
Fri, 12 May 2023 10:30:38 GMT
last-modified
Thu, 05 May 2022 07:04:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1518 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOrj6m_jypcZtF163gM2jFCpZo6dN1htSiB0QmaqHCnZ39s6-NPGJSrfJirhYMeYXrzEvn81hJiXL71c1apTUE5Ghi8uucJyRmIrfwADrYe1asSwa8tZl7XaDWMDtw74tQJwXC-TcF6m08CjsSokGHPd002EA&sai=AMfl-YT7XDZs7WD_nmnlK-0OtYPhq7QIHNrxQgluT1j0PJhQrRP1Qb8651-HZZGAwz0nJiXBuf8TWNvs2EppWXRUMSSXJkw-4Sj50iY&sig=Cg0ArKJSzOaZxJX0aHFTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=286&cbvp=1&cstd=284&cisv=r20220511.04914&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sid
mug.criteo.com/ Frame 4439
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=korrespondent.net&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&cw=1&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=FsRi_nwrcjU1UXRJRFF4MjFzSHo1T0g3YjJldm16d3h0R0hqY0ZzM2pwM2l1OWp5MUdLMS93dDFGTktpY2YxMklLTU1lNjY3ZnU5ekV6RmRGWTZuenNpbVdwYi8wcXNON3ZYZlBlbk5WMmdSTy9sdWRvK1YvOFFRdkVaK0...
460 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FsRi_nwrcjU1UXRJRFF4MjFzSHo1T0g3YjJldm16d3h0R0hqY0ZzM2pwM2l1OWp5MUdLMS93dDFGTktpY2YxMklLTU1lNjY3ZnU5ekV6RmRGWTZuenNpbVdwYi8wcXNON3ZYZlBlbk5WMmdSTy9sdWRvK1YvOFFRdkVaK0k4dS94dHRocEhOSjZMa3BGRXFhdzhxWnZLNHVNb3Fobjc4WDJaRmZpbkhaVGJHMWRXRUdhbytnL3IrRFk2dXRSSmFxVzF2R0UwaU9xOEpHQUVTN21jMDZVbkswV3Y3MFlhNXN6c2x0RHdZaEI4aVBpd1FPSHVYSzhBY2JJdjFsOXZGMm5oYU1SK2poUTNwb1JmYm5hem9YQXUrK1FIUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c1603a9203087182ded58421ef7b1c6c93e51ad7b9f219f017fb58e79491c452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4308
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=FsRi_nwrcjU1UXRJRFF4MjFzSHo1T0g3YjJldm16d3h0R0hqY0ZzM2pwM2l1OWp5MUdLMS93dDFGTktpY2YxMklLTU1lNjY3ZnU5ekV6RmRGWTZuenNpbVdwYi8wcXNON3ZYZlBlbk5WMmdSTy9sdWRvK1YvOFFRdkVaK0k4dS94dHRocEhOSjZMa3BGRXFhdzhxWnZLNHVNb3Fobjc4WDJaRmZpbkhaVGJHMWRXRUdhbytnL3IrRFk2dXRSSmFxVzF2R0UwaU9xOEpHQUVTN21jMDZVbkswV3Y3MFlhNXN6c2x0RHdZaEI4aVBpd1FPSHVYSzhBY2JJdjFsOXZGMm5oYU1SK2poUTNwb1JmYm5hem9YQXUrK1FIUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1469
content-length
541
expires
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D062 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=rabglyjyh&e=1068016250166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6AF7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=rabglyjyh&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40725
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:20 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 590538
X-Served-By
cache-lga13628-LGA, cache-hhn4041-HHN
X-Timer
S1652802321.907411,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame D062 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKiBPBMIgIAAAMA1gAFAQiPho-UBhCnzafHnpzatScY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPRIATEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF40OsDgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAWd57SEneyroGzABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYADTEk0AaL5QHaBhYKEAURHQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IBShEIAAwADi9BkAAyAfQ6wPSBw0JEUkBRgzaBwYIBQlE4AcA6gcCCADwB4njAooIAhAA&s=7d67367d6bc777a7365c4775b9d662e5ce2d66ee&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Drabglyjyh%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Drabglyjyh%26e%3D1068016250166&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=rabglyjyh&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fa8ae839-1c50-4edc-8429-3b8c425762ca
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C9CB 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:20 GMT
index.html
s0.2mdn.net/sadbundle/6979732036807963214/ Frame A8D2 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:30:38 GMT
expires
Fri, 12 May 2023 10:30:38 GMT
last-modified
Thu, 05 May 2022 07:04:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C9CB 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuX13oyeD7dKSJclM8FrvC7vhVG7Bq5C04nUFQYAxd79HQcyiPmR_Wp9OlL4P0JgGMqIFnFpCXfPEOwiABPgVv_3RE6eAVmJ27EuNqgV7vbcZcgBM-7YfVYGdz0WXbBUMg54_GNYlyMf2MdwJZd8-K3qj7VT-U&sai=AMfl-YSN-l0PK5tebavUcCZUtc53c9DvvTC1keEo_HqHugx4q0_j2nq8eTJlf-kwY6n9gjA_0q9KoDnJdDPiH74BM4gUFKb3TA4z-nk&sig=Cg0ArKJSzMKKDx44azLgEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=282&cbvp=1&cstd=281&cisv=r20220511.10384&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3568 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Origin
https://mediawoot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 3568 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:42:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 3568 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:46 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E306 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zejlij&e=1068016250166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame D969 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zejlij&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40725
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:20 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 590540
X-Served-By
cache-lga13628-LGA, cache-hhn4041-HHN
X-Timer
S1652802321.946080,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame E306 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKiBPBMIgIAAAMA1gAFAQiPho-UBhDDoYjPravrkT8Y0sWY0qrvobloKjYJQl4PJsXH0z8RWZ74Szoz0D8ZAAAAIK5H0T8hWZ74Szoz0D8pQl4JJPRIATEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4qb4DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAXTiL7k9vH7vUPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYADTEk0AaL5QHaBhYKEAURHQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IBShEIAAwADi9BkAAyAepvgPSBw0JEUkBRgzaBwYIBQlE4AcA6gcCCADwB4njAooIAhAA&s=d60bc2d5e52d6617fa3e842444fdcf167a46dd8b&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dzejlij%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dzejlij%26e%3D1068016250166&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zejlij&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b652c8db-8e01-42dc-9c30-fc4f5a26068f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 725A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_dbm
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEOyelPBKDMXTADwHqs2RLAw&google_cver=1
49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEOyelPBKDMXTADwHqs2RLAw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNW62boOjwlAWk4Hb6Ai56hdzKgYlvwNdzlfwEu9JfoKBV9m1iwodsPkBnFZiWvG9X132QNnYwIIGBD_yaGGiWjt8X7cGapzZmEVSHviexOiE49totPLcOOVOwOlUL4niJet1JoJ-wVGN2PMTiGATBE70jtriXzGcv3diZIzsPCsULxfhxAyr4wCO16XmEnnet3i85kRX5Gqo_9lg3PMxfRmWGzYO6wtt83uRkK5Kx8INa8eEqY
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
de-DE
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-599d6d7f7f-dmb69
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEOyelPBKDMXTADwHqs2RLAw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 725A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=547259&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcontextweb%26google_hm%3D%25%25ENCRYPTED_VGUID_B64%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_hm=Q3FZV3VtMnlnNWdWbTZvbm1oeDJ4QQ&pid=547259
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_hm=Q3FZV3VtMnlnNWdWbTZvbm1oeDJ4QQ&pid=547259
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYhvDTyQEwAQ&v=APEucNW62boOjwlAWk4Hb6Ai56hdzKgYlvwNdzlfwEu9JfoKBV9m1iwodsPkBnFZiWvG9X132QNnYwIIGBD_yaGGiWjt8X7cGapzZmEVSHviexOiE49totPLcOOVOwOlUL4niJet1JoJ-wVGN2PMTiGATBE70jtriXzGcv3diZIzsPCsULxfhxAyr4wCO16XmEnnet3i85kRX5Gqo_9lg3PMxfRmWGzYO6wtt83uRkK5Kx8INa8eEqY
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_hm=Q3FZV3VtMnlnNWdWbTZvbm1oeDJ4QQ&pid=547259
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-599d6d7f7f-65fmr
expires
-1
image.sbxx
global.ib-ibi.com/ Frame 725A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ibehavior&google_cm&pid=266&go=244276&m&google_dbm
  • https://global.ib-ibi.com/image.sbxx?pid=266&go=244276&m=&google_gid=CAESEMrpckr889aQ5AvYXdus6ks&google_cver=1
0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7EC3 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:20 GMT
index.html
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 8903 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:30:38 GMT
expires
Fri, 12 May 2023 10:30:38 GMT
last-modified
Thu, 05 May 2022 07:04:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7EC3 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2oxr7ncN_oEOW8PyspvCRpfgZ7gJvlKGFvNcZ0onwHxE44UeJ4ZDYh_zqhsQZikGwl73OFGsrJxzMVWfmgF9rVgB85QJ6SYnNyLgwtiXOimA3lx1OTi-i24gitKPJ6qqALZ2ZqQsWUmw-MsIbWCUPa5YyvdM&sai=AMfl-YQMMyP_KBaGvJfKZfEePofaOrqo3i3mmHx3g2Cj2Smm02WhgjUy1h7KOPSLKyWaqffNq3A2GQLmNs3Hr7z62nSEOM31GZnWqPg&sig=Cg0ArKJSzBIEUdYBKu4tEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=318&cbvp=1&cstd=316&cisv=r20220511.99516&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1518 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yulkjros&e=1068016250166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame AF92 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yulkjros&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40725
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:20 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 590541
X-Served-By
cache-lga13628-LGA, cache-hhn4041-HHN
X-Timer
S1652802321.984212,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame 1518 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKiBPBMIgIAAAMA1gAFAQiQho-UBhCEmfDLyfnxn3MY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPRIATEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4oesDgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAWp7YGykJzevlDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYADTEk0AaL5QHaBhYKEAURHQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IBShEIAAwADi9BkAAyAeh6wPSBw0JEUkBRgzaBwYIBQlE4AcA6gcCCADwB4njAooIAhAA&s=8dbb86060fe0b26986b5aae176645a21e8a59c28&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dyulkjros%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dyulkjros%26e%3D1068016250166&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yulkjros&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:20 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
510f5306-50f1-4251-95f7-56c78a4d9898
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1386&event=rendered_adapter&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:20 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E5C 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:21 GMT
index.html
s0.2mdn.net/sadbundle/6979732036807963214/ Frame CC72 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450883
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:30:38 GMT
expires
Fri, 12 May 2023 10:30:38 GMT
last-modified
Thu, 05 May 2022 07:04:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1E5C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstS9fgo6NULi7d6Va6ViYY1spHAvzij5E9-KO2_DV-FQP0-GIUPIN_A9_GyINQquTKKkDAjyfOe7oDsZj2TG9160WqUrjeJ_6aexon0o--kJy1DnRIe7sDtY6bmfnPnAKBIZqt6Y8ae4OnSqUVSbNVJ3SL-1mc&sai=AMfl-YQlGkqergyDQdWodDLVz_F4KZwGKvWJUvc0IDd3f8PTM2GutPucJE-Zr1bsNu3wcTDeyy6alevr2DpKYWRervKdwI_CEM4s6js&sig=Cg0ArKJSzIhUQqJVLJ4oEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=324&cbvp=1&cstd=323&cisv=r20220511.52941&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C9CB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=fkkwwruyd&e=1068016250166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5D9E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=fkkwwruyd&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40725
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:21 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 590542
X-Served-By
cache-lga13628-LGA, cache-hhn4041-HHN
X-Timer
S1652802321.009473,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame C9CB 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKiBPBMIgIAAAMA1gAFAQiQho-UBhDyh9Kgl_GdjToY0sWY0qrvobloKjYJQl4PJsXH0z8RWZ74Szoz0D8ZAAAAIK5H0T8hWZ74Szoz0D8pQl4JJPRIATEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF48b4DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAXatJTh9fT_zlrABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYADTEk0AaL5QHaBhYKEAURHQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IBShEIAAwADi9BkAAyAfxvgPSBw0JEUkBRgzaBwYIBQlE4AcA6gcCCADwB4njAooIAhAA&s=418195272783fe2e66e7f78097b8a913238fd04c&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dfkkwwruyd%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dfkkwwruyd%26e%3D1068016250166&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=fkkwwruyd&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1848be00-75e3-4413-abb7-1ed3870cf3d5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame B6A8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=pjbzvaf&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40725
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:21 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589216
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802321.017728,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame 2A33 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLmD_BM5gcAAAMA1gAFAQiQho-UBhDk5KbxjPOeq2IY0sWY0qrvobloKjYJEGQ2qh6cRT8Rxt_PXM6yQT8ZAAAAIK5H0T8hxt_PXM6yQT8pEGQJJPSSBzEAAADgUbiePzDLiKkKOJhQQJ8XSLcBUIbJ1qoBWJPCiwFgAGi02LABeMD6AoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAh1odHRwczovL3VhLmtvcnJlc3BvbmRlbnQubmV0L_ICwwsKCElNUF9EQVRBErYLZkRZZ0hsekdWVmdyclNHSmp0bzBFTjRacFN0WW12YmpIb1JOUnpLSXlRZ0o1bjR4MEc4MGRRbmF4SnF3SWJuZmRrWDlkb1pYYm5BUmc2ZVc3R2ptN1d4bHVReDY5V21MZDBxUmJobk1FYXkzTXQ3bVBYQU4zR1FiZWZVLUthWElMMFREU1JQZm9ScGpGbmVUa0R1YVdlT1F4V3dzYnJJWEFrdEpmOVpGYUZrTU9JQS1mODZrVEtKZjR1RDdRNEdWYjdJQzhCQVBiQU5uSktCWWJaaTFicmZabV9ubVNFQXVxS2hCRHVaRGFSZVFtUkRDRnJSTURMVVQ3VkdHSklTMmUxU0VxeUtfTnBteEY2enlyVFhuV2xydHdEWF8tM3dzT1A3UzJGV3hiMlk5cE9qQ3ZOR0o0U1B1cnp3ek0zdjFYeXdqejl5NlJiS0dYSEtNMGVHMzBZUlNHeFdkTGZDRWFHR3VNbEs1aGFIdkpkNGllQ0txVGZFRGQyX201NlZHcmdleVk3MjROSG04dEM2dklnREpqM0o0R3lCZndpQzFlMzU1aWd1WFdRUFJBZ1lZRVBqTTA3N1A2NlFUb0hCUDNHbjlvSWY5OHZTclQtQzlaTWpnOXFudVNPZGhiZXhFZkdUZDBGTkhNa2NNOUNlWHNjdEZ1eHViOGlUbk9NTU9wY0VJbHViWVZVcHNEaVdQQ2lTZzBNOGZKeUFzXzRZQVdnMVY3OTdBWVhlUHZFdzJIdkJhaURtWGdRc1QybmRQU3ZkQnRSb0NESTQ1WUZJS3I3V1BWVEpyVE5MeUFSaEhFMDZkVUg1ZkY0dk13bldPbUFnLTlpSzg0bG9IQlloNngxNUx1MDl3aWs5enhpbFhpRXVTVHVoOWtwTGgzcThXRUl3SVhvOFhRZ041VjdoYkxETGpKNG9hSWNQT280MXU3SW9mTlBoOTYwYnVDRmU0TWYwSGJzUWFnd3l0Tk1oRFRaTl81Z3ljSkJBX2Y5ajhVb043MjBZQV8xN29mbmw0dExsZmVFX3ZrbGJrWnRUMFV3X2RaNVdWQnpkaENNWWVKZnNZVkxhUzQxQW1YeGkzNGpkNG16RU1lSlk4SVBFLVFmaXRtSzhva3F3N2NYclhmaVRSeVh3Zm1hQVNKcFFUZ0k0S2U5ZXNtRE5LMkdyUzhkbVl5Y3hOTndvcEZkLXdmX3dwSXJvSUUxaV9vSTRXVTFyTVZJQml0Mnh0Z1pfTm9qWVQyWnNDUFhJajFjY1diS2xIeHB0NmU5M19RQlU4NkhaTE1ra0NPYXQwOWFuN3VjdjZxaWM1OFNoOVVkWUNBNHhHQjMxdWo0empKUkhOcFgweV9jNXM3TnV3eVkxSEpobkRmQTJybk9ZRHhwenVURmszQTQyNUdwd2NQMHRzZnZtYnNmVFF6OXpCOEFfcjRVOU50LVBsVklqX0psN1ZwbndvU19YS3JPbkFwdFVKWkNwNExNdWY2Y3FxQXc0X2JKb1AwMkx6OFY1a25oNV9Tal90S2hGVDB0enJJVnZVTU5qQTkyMnZoY1dJOWREX1BjUVhNNmk0RzR0cXdEc3dNWGVJTExuUU4yNzAtV29TcXN2UkZiRm04ZW82QkZOdTE4bDQ1Zjd3NFMtWlFjTXM0dGU4bGEwYVNyZUx1cjBVd3RqWmJfVjNFMkJmbWFEUjNjcnJ1Z0VlVUZzdkZDSVllR3FCQjFtaXBwc2luRWk2eHpLcDA2WDdYel8yU2k3WlY3V2NjVUszODRXMmpCVHUtcmJkaWRMNkpscmlVRFhUX19WWjNIVjlBaTNOLXUwWVRCS3hPdXdXT1UxQUZjeE85ZUpWUVVfd1hfNUhrZnNKRDdZZUgtTzJTRHFPVE1lWUZ2Y1k3VFRKUXlEaFVhVEYwanJMakRfWkxhejZZdEd2emxTVk9KSnNUV21zNjNvaFZITDJhZ4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASGydaqAYgFAZgFAKAFkbbMscimv_gKwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFz6BO-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBuiWA9oGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBzIwNzY3MzS6Bw8IABAAGAAgADAAOL0GQADIB8D6AtIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=6ef4665de89e76228acac1e3216d387ddbcb70cb&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dpjbzvaf%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dpjbzvaf%26e%3D1068016250166&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=pjbzvaf&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c0f0797d-ff51-4d3d-a460-8f76272fe561
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 609C 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 609C 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
main.js
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 609C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59ab3bc73d12a95adc46cec312bd538a692c8361fbc2c6b76f8b33b96b62d4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 54A1 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 54A1 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
main.js
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 54A1 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59ab3bc73d12a95adc46cec312bd538a692c8361fbc2c6b76f8b33b96b62d4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0622 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:21 GMT
index.html
s0.2mdn.net/sadbundle/6979732036807963214/ Frame D2DA 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450883
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:30:38 GMT
expires
Fri, 12 May 2023 10:30:38 GMT
last-modified
Thu, 05 May 2022 07:04:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0622 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspKLgwHIccxNnq31qcIBpyAi09JbpxzmWQvv8L6CZaT_ZH55deJ8624A9bfTI-YTUZFoKChzLXHyLWOLTJFEA-2I9g-MHjT_25q599G_2oHmxCPqmGmyvz1JAGvOIBkLzJo2WK1m-HvwQabHvTaoYaIqm4BRQ&sai=AMfl-YTPTJWF_bqTCbJNPCkIVKamN-V2i3Kg-4bHfLqFZ0PLXLQ_HyNRi3kfNfufJgv585l8FeSEEX6f89x9oc8CgWT5RVYHni4TJHY&sig=Cg0ArKJSzAwvKpfNi_SsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=347&cbvp=1&cstd=346&cisv=r20220511.63635&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7EC3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=jeeeyszd&e=1068016250166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7BEC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=jeeeyszd&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40725
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:21 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589217
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802321.059313,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame 7EC3 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKiBPBMIgIAAAMA1gAFAQiQho-UBhC__qrU4rr10xQY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPRIATEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF46-gFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAXnq6rDgdbLhHbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYADTEk0AaL5QHaBhYKEAURHQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IBShIIAAwADi9BkAAyAfr6AXSBw0JAA0BAUYM2gcGCAUJROAHAOoHAggA8AeJ4wKKCAIQAA..&s=91abd51d31a6392861cf80afbbd4802eee726070&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Djeeeyszd%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Djeeeyszd%26e%3D1068016250166&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=jeeeyszd&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e22357a5-5b64-4684-8e08-dfc68ae072bf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C40C 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C40C 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
main.js
s0.2mdn.net/sadbundle/6979732036807963214/ Frame C40C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59ab3bc73d12a95adc46cec312bd538a692c8361fbc2c6b76f8b33b96b62d4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 992F 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 992F 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
main.js
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 992F 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59ab3bc73d12a95adc46cec312bd538a692c8361fbc2c6b76f8b33b96b62d4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E975 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E975 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
main.js
s0.2mdn.net/sadbundle/6979732036807963214/ Frame E975 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59ab3bc73d12a95adc46cec312bd538a692c8361fbc2c6b76f8b33b96b62d4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1E5C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=mfvhqvk&e=1068016250166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame E8F4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=mfvhqvk&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40725
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:21 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589218
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802321.087507,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame 1E5C 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKiBPBMIgIAAAMA1gAFAQiQho-UBhDp5vXb3pSLoBkY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPRIATEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF45doEgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAW2lsjG5aGm7nnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYADTEk0AaL5QHaBhYKEAURHQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IBShEIAAwADi9BkAAyAfl2gTSBw0JEUkBRgzaBwYIBQlE4AcA6gcCCADwB4njAooIAhAA&s=a20e91faa0626210dbad91a0f4dd834a73a1fafb&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dmfvhqvk%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dmfvhqvk%26e%3D1068016250166&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=mfvhqvk&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
929ce1fd-1c31-4213-9c79-fcca0e848026
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
s0.2mdn.net/sadbundle/862137188495136981/ Frame 786D 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450958
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:29:23 GMT
expires
Fri, 12 May 2023 10:29:23 GMT
last-modified
Thu, 05 May 2022 07:05:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BBE6 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyvnSjPk3lSC9ep9NwthEK64OollEv2W0jscFQsFVEGJO85u1vCPD14ghrrPlnMvgh3TsbeqkZjSPPHyB1kamUOWCn2wCOBCmxwgE0Kb88vSpQ2KNfYQ5LHhkeCMmUdi89vVmuH4pihn3ozGRxKS-aqcA8YjHmvM4e9vv1ENC-cjB1U4s5ZIpY6QdXV8POdh2K8feabZ2ZYgcC1bpU08uhnjuIlCNcfaPES8cw-__7e5VNqrkOeR49v8Xrp-U4j16SK3qHq8DPmyql8OZAg63eUcIwmxuHAeSleOuplWgI8Xe7k46jXqu6FenrHm_WQvw0q9ngNJ04jhyTMQVuct_nu74jZZp3maARWdgeATYDvclv9nVvIwYS2RlnH8OaRhMzsT-0a15N8Y2jdRg0zoUNBi1YHlz7mcSjbr9yBhSVCP7J1rpwgMktd-jzHfR37pKoyjls8SB9AT8E0ya3N-_sw4x0ZoYX5KTWGMa9aP6yCVthK7Inzk4jLPFJHyimchKmailOzT7MB5Cy2zGX4hrDV2DeVAyrW4of4zXaleuoIOzvrY5kaXeV4zc_q6OjJLDjJEH_A-nC5Uxby7b2aFhE9ZPu_YtDRpCuWTRKhFAyHjvR6MpuWTSHFMUPqaLEKoeL7cUvOUbuR3M8J3RJTk4_mayGh8vLceQlXKFqV014VSQkuAxn63G5LngqZaF8j10gxiooO0HbSQxMslBg70LoJiTm2Jkj040RJ3wDmlX3FXvXGGVSF0CQGcmTF1D3BdwpNG5_xGrNNJSxJfcR1CXme3FxoxccRrcG46_gyGqR2O6HSbIe9OUMARi0ft-M04CRsI56xS4arG9RyRAd_2l51A7o7cFSVBrV-VbNtzV2LLQCFQnprsGHB9eWdl0b6BhkgVRWDaOV2zcHJZvkF1TNDO5R6BISeG7DxNq6blfs8FJq1FVo3X9GFkBHkzRIHowWIg-rCRLZwXQIaVd8H1mIR8u6c37PShnCnvurQ-3ikNjCJXl0ps-sb1FvJLarBaWOQUnj8bL_i492GOlOtOqh-M7gX1kdNV2Y9LbW5laufhCqFCrfPdjW4y_0PXQtlegV4xLRsvSNpm_06Y1hsK4UoV4RqhCoMS_uhhISAE9kgWnG0B9ZK5gSxmu90HW0cFDsId94mfaashpauhebemlBDlOOyT5WJQFrm9kUILF-PyUJFM5i6yPt7Ho0GFQCLjEMtoDZMzDjJUW_lemNQvKxvYGZ62pNuhAogFjPoy-MBORuHqwxXBHCstDC4bJCS99ywtoIduozSbC_PLXOfcYDiLtF_i9F5vmvDawb0ZeiuP0gaJ0q&sai=AMfl-YRrTLWS3PIvLpz0Tuf1ZIpyyLW_ifR2xaBv2Xae-Bz1GX2nALC7JsLKhUK_SsxaXGL-nyEAcCw6lCArkHvrodBxQ4Wx10XHbe1afWEpqhuyHem2yO4H85xfXIBMna3BKQp1_tJ8VNN-DdEwFQk84gz9VK0rpWE5a-5z601WQnm4-SGrPW80SXbneAKc75jNo8qgaNNmZY7kl2DR4SFb2BJQ2NmsgqQT4CWVhzmZE5VPgaNxOwCu8rSBNohk7yc6NA2O2yrYGYAqo_JEtYO4U4limyKcv_VTzM-I9LnJLiig&sig=Cg0ArKJSzO0xPGz_77h8EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=349&cbvp=1&cstd=347&cisv=r20220511.55058&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 17 May 2022 15:45:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
vevent
ams1-ib.adnxs.com/ Frame 5640 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiPho-UBhDAibKY84-4uBwY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4ub0DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q1BUNHJEOE9EWXNISU5MS09qdXdQMTRhVHdBSDYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RZl80WTZqZmdHNTlLRWZFX0h3bm5nbFA1blByWGZXMDA5OV9FWHNvaW9ScDJmd1kySlItZGlZRFJ2QWhGcFAwX2tMZkVPWXlRNWJTTTNoMmpYY09UVUxmNTNIc3pLYXFCYlhsZjMwRkQ2NEhMc2tFWU8zRXY4eVhBNno0a3JWVXl3S3RaZGRwRlUzZ2ZENEYza3lNdDVKbU5yMU41SFVVR2NHTEZWS1k3bkV3Ym5ydVl1blIzd3duRUx5ZkZ1NFJPWFR3ejA4R01YQjlXOTkxcUtQVzU2ZnU2OVdNUjQwSzRwWERud0Rod0FERE1rcEhuZWdOZmF1b1plcVI5aHJhUmZUcmxmQVEzd0pHeXZDaE5iTS16bFJqMXhtSnI4RGhqUXNkZk9iTVZocmYwWlk1OEU1V3lSMTRud1pMN0dWcjNMWGg0MmtxZEZjZ0NEQWpLTlRlTXhrWl9UcWdRWU1DNVRrdjd1VkxTV0dQWHAwQl9hc0FFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9V1hnaWlqUWlhb1kmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um9ZRG9DZ1ZnQnREVmltSzFiSFU3VHRRJnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMyMDQ5Mzg0NjY3Mzc1NTAyNTI4IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFgemjiIbShq4jwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAe5vQPSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=5cf24800d09aa81e696faee2438d4c930b5f1409&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f1e914cc-d189-4cae-a44f-8cb2188a7ca8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0622 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ztathhok&e=1068016250166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame C986 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ztathhok&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40725
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:21 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589221
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802321.139815,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame 0622 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKiBPBMIgIAAAMA1gAFAQiQho-UBhCiitvB8qvosEEY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPRIATEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4mL4DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAXPmqyIhLbYswjABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYADTEk0AaL5QHaBhYKEAURHQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IBShEIAAwADi9BkAAyAeYvgPSBw0JEUkBRgzaBwYIBQlE4AcA6gcCCADwB4njAooIAhAA&s=1473e8ac425a85e02a7d4dee9304768c87dc2d2f&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dztathhok%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dztathhok%26e%3D1068016250166&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ztathhok&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d8e314c0-b67b-402f-ba04-ef5070a5e1be
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 1A4A 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 1A4A 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
main.js
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 1A4A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59ab3bc73d12a95adc46cec312bd538a692c8361fbc2c6b76f8b33b96b62d4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A8D2 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A8D2 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
main.js
s0.2mdn.net/sadbundle/6979732036807963214/ Frame A8D2 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59ab3bc73d12a95adc46cec312bd538a692c8361fbc2c6b76f8b33b96b62d4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 2D81 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Origin
https://mediawoot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:44:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 13:44:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 2D81 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:42:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 2D81 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9773
x-xss-protection
0
server
cafe
etag
14407402762925951128
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 May 2022 15:44:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3540 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=1410699056145224&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
vevent
ams1-ib.adnxs.com/ Frame D062 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiPho-UBhCnzafHnpzatScY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF40OsDgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q0Y2R1lEOE9EWW8tX09vbkpnUWZYaW9Yd0J2clN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDZzVtMmI0Q2tzVDZvQXdHcUJKY0NUOUE4emU3d1d5M19Ka3lOdC1ST28tNm9mdkJJQ1hrcnZrOG9xenBjSV8zUHV2V1dCTklWN1ZWbkgyX0VROFV6bGZHX3FZclZyRkE5WXpIYXJPX0pLbTlYank3a0VHdVU5dzFGQ0VMZWRZMGk1SFFORGxla2lHV3VBM2NobmwweXJNVFM1b3VwdjFYSVdhMVdjUzUzcEZrdThQZ1hMNV9EM0VBb2VFdEZEOTZSSHFnbm85WTY0NEtLVkxGRFJENThsUWZrQ0hvVzFWSVRuYm1aRDVYZVJSWkJzQl9sejNUVVlVcmV6M1F5YlgtQ0RINlZlUnl1Z1hOcWw5b1NGaFhWUmVNekFqX252NEhZNmVDcmdSU3BwamFJUmVDSldwanpDTFJnYTVHb2p0QlBJc0ZDamJsUEEtX0hEV1RwcXlBa0V3bWltclJvNUV6YnNQQjRvU1dYMUNERzFYWlotUWg4ZWpaTnM1QkdaUmxZZE5BLU9rb2N3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F5LTRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD11ZlZnem5HUmE2cyZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb3JCQy1wWTVBS2Y3XzZjdU1WVmVLVHcmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzI4NDA0NzkzMDk0NzE4MDMwNDciCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAWd57SEneyroGzABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB9DrA9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=a4d12cf96046dade65195211755b5192218f7f2c&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
adcba112-030f-4180-a172-953ab5223e46
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8903 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8903 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
main.js
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 8903 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59ab3bc73d12a95adc46cec312bd538a692c8361fbc2c6b76f8b33b96b62d4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
async_usersync
ib.adnxs.com/ Frame 1140 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bed20cc6-4169-4ce7-826a-94670b8aa7c4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3478 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5eb8f202-5db4-4ae5-895b-25e5607595a9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame 1026 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiPho-UBhDYiqiviMO4ulwY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4k_sCgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q09pR1pEOE9EWXFENk9NUGYzd082dTQ3UUN2clN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDYTFyZFZrS3VzVDZvQXdHcUJKY0NUOURnN0x3eUxVX1dpcHFzbzlDZHZvSzJsdnFZc1lDVEEwcE1pWnN4QWtLblJreXM0ZC1KMmVWVWJ6OTMxS3BzU0hXWG1aWFgyRDFRQkxLbWxZR2lNN3F1TGZ3a3VCc1Qyb25WU0trcFhIaXMtdlA3VFJhOEszMlZpV1AxcXFIWTZSWVplbXpIVG15ZUJKeHUxVnJLRFM2NGJxQndMVUZWUzgyVmdGYWRfZWYyUjVmWEF4Z3dxQnF2a1R3aDlEYjJuangyTUR0UDRLYjhaNDJYZXRGMmtoMjFBeDE2d3d5SFdXOGNwRTdRc0owX0RTTi1VSzdwM2tNdjJBM25YZXdPMDh0RmR4UGFHdXJTY0ptRlRfaDY0d0tJUmVFVUZGUkJjcnF2YmY1VXhSSGNtWWxiN2FkUV9uQ3FZRXBlcXFQSTdVYXEzVXpsWENubUFnUkc5d3lZSWg1Z2hFZUttckdwTERiRXU3cUlZWllDZGsybk04TUx3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F5LTRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD1NczBTZWJDM1NicyZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSbzZVQWpQNk15RG9RTFFsUTd2dmhVUUEmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzY2NjIxOTgzNDM3NDE2MDUyMDgiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAX9277B8o2P2RvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB5P7AtIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=893c9a66683a615d5206b29d83cdf0604b8cd7a5&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
68a011c3-d68e-437e-974d-b851125dba32
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame CC72 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame CC72 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
main.js
s0.2mdn.net/sadbundle/6979732036807963214/ Frame CC72 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59ab3bc73d12a95adc46cec312bd538a692c8361fbc2c6b76f8b33b96b62d4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
async_usersync
ib.adnxs.com/ Frame CF34 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
14f36f5c-b1f7-4149-a36c-5dba99a95f86
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6AF7 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9f118ab1-70ee-463e-a1a6-a3afd826997f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame 2A33 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLsBPBMbAIAAAMA1gAFAQiQho-UBhDk5KbxjPOeq2IY0sWY0qrvobloKjYJEGQ2qh6cRT8Rxt_PXM6yQT8ZAAAAIK5H0T8hxt_PXM6yQT8pEGQJJPTyATEAAADgUbiePzDLiKkKOJhQQJ8XSLcBUIbJ1qoBWJPCiwFgAGi02LABeMD6AoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAh1odHRwczovL3VhLmtvcnJlc3BvbmRlbnQubmV0L4ADAIgDAZADAJgDF6ADAaoDTRITMTE1ODQxNTIyMjQxMDY4NzE0NRoTNzA4NTk4Njk1OTkzODEzODcyNCIJMzU3OTM0MjE0Kg1PQVRIMTAzMjcwMDAwOgc0NzQ1ODg5wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIbJ1qoBiAUBmAUAoAWRtsyxyKa_-ArABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXPoE76BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG6JYD2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcHMjA3NjczNLoHDwgAEAAYACAAMAA4vQZAAMgHwPoC0gcNCQANShwQABgA2gcGCAUJROAHAOoHAggA8AeJ4wKKCAIQAA..&s=a024d89b13e24a4190cc28e7fb6e465a75b368ef&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d29e68df-17bb-4563-834d-15839f5c6f70
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
request_content.php
hal90008.redintelligence.net/ Frame 93CC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request_content.php?s=67452400152568000951425011962008&a=4db25b0d
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=27aca006f5&subid=&uid=14eb604d9e6345c5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6288863528235289568%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Divawnoge%26e%3D1068016250166&ancestorOrigins=https%3A%2F%2Fmediawoot.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=466975696246&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
2199e443adbcbf3b139be995709b8f12298bff3ea51680c32504be6d4f52c001

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1501
Content-Type
text/html; charset=utf-8
Date
Tue, 17 May 2022 15:45:21 GMT
Expires
Tue, 17 May 2022 16:45:21 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D524 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ivawnoge&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40725
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:21 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589224
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802321.399688,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame 1306 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QL-FPBMfgoAAAMA1gAFAQiPho-UBhDYncGA9MiRoUoY0sWY0qrvobloKjYJ203wTdNnuz8R_x6yBPZxtj8ZAAAAIK5H0T8h_x6yBPZxtj8p200JJPT9BzEAAADgUbiePzDLiKkKOJhQQB1ICFCW2qiGAViTwosBYABotNiwAXjH7AOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC_yAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJdEhM2Mjg4ODYzNTI4MjM1Mjg5NTY48gLMAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SrQFodHRwczovL3BpeGVsLm1hdGh0YWcuY29tL2NsaWNrL2ltZz9leGNoX2FpZD0zMzM2NTg0MTA3NTY5MDEyMDAmbXRfYWlkPTYyODg4NjM1MjgyMzUyODk1NjgmbXRfaWQ9NjYyMjM5NSZtdF9hZGlkPTIxNjUzNiZtdF9zaWQ9NDU2MjMxMiZtdF9leGlkPTEzJm10X2luYXBwPTAmbXRfb3M9JnJlZGlyZWN0PfICFwoTW0JJRF9BVFRSLmdkcHJfc3RyXRIA8gIZChRbQklEX0FUVFIuZ2Rwcl9mbGFnXRIBMPICHgoUW0FEX0FUVFIuYWR2ZXJ0aXNlcl0SBjIxNjUzNvICHQoSW0FEX0FUVFIuY3JlYXRpdmVdEgc2NjIyMzk18gIoChFbQklEX0FUVFIuYmlkX2lkXRITNjI4ODg2MzUyODIzNTI4OTU2OPICpg0KEltOT1RJRklDQVRJT05fVVJJXRKPDTxpbWcgc3JjPWh0dHBzOi8vdGFncy5tYXRodGFnLmNvbS9ub3RpZnkvaW1nP2V4Y2g9YXBuJnNfZXhjaD1hcG4maWQ9NWFXOTVxMmpMekl6THlBdlRucG9hMDFFUW1oWlZHTjBUMWRSTUU5RE1ESk9iVTVyVEZSQmQwMUVRWFJOUkVGM1RVUkJkMDFFUVhkTlJFRjNMell5T0RnNE5qTTFNamd5TXpVeU9EazFOamd2TmpZeU1qTTVOUzgwTlRZeU16RXlMekV6TDFCbGJYcFJRV0ZTTTBJMWRWSkdSRUZ1WWpOS1VIbEpTbWxMTVZGUlYzSnVWMVZUZWtGaWVqQXpWVlV2TVM4eE15OHdMekF2T1RVMk9EQXpMekkwTlRRd09URXdPVE12TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwMUVRWGRNVkVGM1RVUkJkRTFFUVhkTlJFRjNUVVJCZDAxRVFYY3ZNQzh3THpBdk1DOHdMell5T0RnNE5qTTFNamd5TXpVeU9EazFOamd2WVcxekx6QXZNVFl5TlM4M015ODVPVGt2TXpJeUx6RTBOaTQzTUM0eE1UY3VNQzh3TGpBd01DOHhOalV5T0RBeU16RTVMekUyTlRJNE1UUTVNVGt2TVRNdk1UQXlOalF2L1FHVkFzTHhUVl9vUEtJLVBoQUIyME4zNll0TSZub2RlaWQ9MjgxNCZncm91cD1jZGcmYXVjdGlvbmlkPTYyODg4NjM1MjgyMzUyODk1Njgmc2hhcmRrZXk9NjI4ODg2MzUyODIzNTI4OTU2OCZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5NSZicD1hX2JhaGFmZCZtaW5fYmlkX3dpbj0ke0FVQ1RJT05fTUlOX1RPX1dJTn0mbmZ5X2FjdD1MRDV3ZXcmYmZpcD0xODUuMjkuMTM1LjgxJnR5cGU9aW1wJmNsaWVudD1jMnMgd2lkdGg9MSBoZWlnaHQ9MT5ceDNDc2NyaXB0IHNyYz0naHR0cHM6Ly9zLnVwZGF0ZS5tZWRpYW1hdGh0YWcuY29tLzIvNjE5NjIxL2FuYWx5dGljcy5qcz9kdD02MTk2MjExNTU2MTQwMjQ2NzQwMDAwJnBkPWF2dCZkaT1odHRwcyUzQS8vdWEua29ycmVzcG9uZGVudC5uZXQvJnVpPTc4ZDAwYWE3LTlkNDgtNjZjZC0wMDAwLTAwMDAwMDAwMDAwMCZhcD0mdGk9NjI4ODg2MzUyODIzNTI4OTU2OCZwdj0wZWFlYjYzMS05Nzk2LTQ0M2UtYTZkNy1iYjkzOWM5ODExMjgmcHA9MTAyNjQmc3I9MTMmZGU9NDMwMDMmc2k9NTYxNDAyMCZkbT0zMDB4MjUwJmFjPTY1MTg3MSZjcj02NjIyMzk1JmFpPTIxNjUzNiZjMT00NTYyMzEyJnIxPTE0Ni43MC4xMTcuMCZyMj0mcjM9JyBhc3luYz0ndHJ1ZSc-XHgzQy9zY3JpcHQ-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0PScxJyBzdHlsZT0nZGlzcGxheTpub25lOyBvdmVyZmxvdzpoaWRkZW4nPlx4M0NpbWcgc3R5bGU9J2xlZnQ6LTEwcHg7dG9wOi0xMHB4OyBwb3NpdGlvbjphYnNvbHV0ZScgc3JjPSdodHRwczovL3BpeGVsLm1hdGh0YWcuY29tL2V2ZW50L2ltZz9tdF9pZD0xMzY4ODc1Jm10X2FkaWQ9MjE2NzY0JnYxPTEzJnYyPTYyODg4NjM1MjgyMzUyODk1NjgmdjM9NjUxODcxJnY0PTQ1NjIzMTImdjU9NjYyMjM5NSZtdF9uc3luYz0xJm5vX2F0dHI9MScgd2lkdGg9JzEnIE2oiCcxJyAvPlx4M0NpbWcgc3R5bGU9J2xlZnQ6LTlweDt0b3A6BQkAIH7mABR0YWdzLm295ZhldmVudC9pbWc_dHlwZT1tbUltcFRyYWNrJmV4Y2g9YXBuJmJpZD1OUQdkc3Q9NDU2MjMxMiZ0aW1lPVtJTVBfQVRUUi4BD0xdJm5vZGVpZD0yODE0JyB3aWR0aAXIQtMA8KQvZGl2PoADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASW2qiGAYgFAZgFAKAF0JLyy-iR2dAEwAUAyQUAAAAAAADwP9IFCQkAAAAFD3DYBQHgBQHwBfnLIfoFBAgAEACQBgCYBgC4BgDBBgUiMADwP9AG-asB2gYWChAJEhkBgBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwFSTBgAIAAwADi9BkAAyAfH7APSBw0JEUMBQQjaBwYJJ0TgBwDqBwIIAPAHieMCiggCEAA.&s=7dd0219e5be4237e71664238deb4eebb19452310&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Divawnoge%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Divawnoge%26e%3D1068016250166&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ivawnoge&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7db1f2cb-0dfe-40c6-84fd-8361e26c1537
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame FDD8 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiPho-UBhD05Omk17ek1UoY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4sugFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q1plRmtEOE9EWXVQck41eUw3X1VQN3AtTWdBdjYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RYnZiX2R4eXJIWUFGWFBrMmdOYVRsaXllclpsR0x6Y2o0d05raUItUW5mdGV4QXg4eHdiZlRkLXlUUTV5NlZycEZBLVNzYllVSHdTQVItOWY3NFduSm91V2M1VDJwamNfcnJwUVV1dk9qNDVlazF6Vi1LMlhabDVGZWlTUnUzLTc0TWFGb2ZHMk5DSzFFWTFQNGJzeEliSlVlTTdwdU9MWFFiVHhfbEZGTXg0ZDZGMEFJQl9IbF9VYXNXQnpCdlBxRklVOWJPZkh0OU51S0VPakx5NUI4WUZQM2ViYmI1bkFrSnJaV25vWXQtN2VPZEh3eWQ1TkRHT0NydGw0QTdnUFJZM0ZUWXI1ZE03OWljOFl0OXdGMHhVeVZIMFBwZG16MS1KN1FiRVdwS2xacnU4a3JRTHVwQ3BRSk9VM3BFU2V2SDVlVDhtRnlPeE9mOEo2SFFFZXQ2WV9ZSGdVR3VtS2xPZjlGaDFWczBobV9RX2cxOEFFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9cXc4WVYtTUZ3eDQmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um9XQVprOXF4OWYxYzd1UC1HR1lHTHZ3JnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM1MzgwMjcyOTQ3NzM4NjA0MTQ4IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFiIOLqMaxp-h4wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAey6AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=ebbf5776ea3eef8cc0886619470d32644b5df91d&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2ac5abe3-174c-4ee0-96f4-868ecb65cf47
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3568 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:21 GMT
index.html
s0.2mdn.net/sadbundle/6979732036807963214/ Frame B163 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450883
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:30:38 GMT
expires
Fri, 12 May 2023 10:30:38 GMT
last-modified
Thu, 05 May 2022 07:04:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3568 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3uLuQuk76xUivC0vUefpmx83an4tR_KxbTOshUsfuO-GHPMrT9NJZgD7BRGx9fzwNXxRQL7aJZZU_HrNvA_yQ2y-2ALSSBN1u_-fMb9tHT1mPQbfl6g3eUAjlJpvKLmzwJvFF8rOgF4IfhYxzIpwLwbi94Ls&sai=AMfl-YSiJOh_9W2B0S79ETvlZ19VpXFiKZHo9D34rYWFIwvIyZPtZyj2jqtmETrMulnpolLHIh0hGDMIJ5yxkdaq4_ZFlnJRMWLgcYk&sig=Cg0ArKJSzOT4pCPvSLlCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=495&cbvp=1&cstd=492&cisv=r20220511.65723&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
async_usersync
ib.adnxs.com/ Frame D969 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e471007f-2350-456f-bdec-e5110a863936
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D2DA 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D2DA 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
main.js
s0.2mdn.net/sadbundle/6979732036807963214/ Frame D2DA 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59ab3bc73d12a95adc46cec312bd538a692c8361fbc2c6b76f8b33b96b62d4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
vevent
ams1-ib.adnxs.com/ Frame E306 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiPho-UBhDDoYjPravrkT8Y0sWY0qrvobloKjYJQl4PJsXH0z8RWZ74Szoz0D8ZAAAAIK5H0T8hWZ74Szoz0D8pQl4JJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4qb4DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9QzJKODFEOE9EWXB6clBOV0Y3Z09xcWJEd0JfclN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDeWRLSUxiU1RzVDZvQXdHcUJKY0NUOURLRFZrbGc4VnQ0WWZLOEFwNVdiXzFKV2xzUmFPN0pnOWZLb1VJZjlJdkZjd1RkYnY1RVRiT3g5dVVCdTZGNXRmS280WFl4dUUwT21pQ0l5aFpLdmp5WktPZFc4ZU9sc2M5cDBCWHlueXYybE8wbVZDeGY4TFR4MlpIVlF0N1FwRG9aRlVBdFZRSkVOcVRBYXI1enRBbnRnZDBvSTZjWDNkbm9Lbm9lelFPNmJIc19ic0h3N25SZ1NrZERnZ1Myd0QzRzlZYXZDQTZMcGFtX0xTaTZkVUY3emtzclhuc2htSGpSY0VBRE56U1BxcFZoMHBETHROT2QyeUJmeTZ1WmxYNHVFWDRseG9Nd1FUN1MydTA2QW9FVzVtSmVmS29GOVZzZGctcHpmU0ZQLU45SVdDRUViTV9IS0tiSWFMRkdNVW9PSXluYlF0bElmWnlEYUFka01VSHVVNEZGNDdzaDVCaTFqV1JWcHJzQW5ILTlvNi13QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F6TzRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD13dzNkVmdCS3NHTSZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb0dxaUtlV0NWdE5OaUNjR295STkwaHcmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzQ1NDk2NzA2NTQyODg0NjYxMTUiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAXTiL7k9vH7vUPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB6m-A9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=28f91dee091adfe0bd3c5e4912e005d35e19d6f9&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
aef70cfc-02c7-49d0-91fc-c235fac15e6a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BBE6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FCAC 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8349
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:26:12 GMT
etag
48472445140208031
expires
Wed, 18 May 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
vevent
ams1-ib.adnxs.com/ Frame 7EC3 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiQho-UBhC__qrU4rr10xQY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF46-gFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q0NuMldFTU9EWXZuWENkZUI3Z1B5cElDSURQclN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDYTFyZFZrS3VzVDZvQXdHcUJKY0NUOUFYZjdFZTFqOGV6Slg2d09saC1hZTR3cnNjb2hHX0s4Zl9ZYVFuLVBTNHcydmJ0aTZjWUNIYW5KOEpjQ3VnM2J2RjFDeDN5ZGdlVUxINlhwcTNKaFhreWNUTEhxSGNkczlGMWRZUHA5VXdMdXVkNUVrYTFSbHdpT1JFSXphc2ZCNEFXSmYtTXhra2x1Yk9randpckwtblktcHpOTlg1dnFCQnNaMFpkWXROR19YTFZFVlcwWXFCdG9TbTlNUDRkYy1XMnZuSTFTRXBFMWJ3bGR2UVpWY3Z3WkZkWW1lYzhJMVV0YXNaQ2g2RkVlTDU2SlN1YUFTZWhrZVN0bXFPNXZMOWZPMFloNG5qLXlQQkFqcldzWFpfMXk3OWJna2tSTTRQU09GRzB3dXpfLVhmem1HemkwOHdBd2ZKaFJoRTZKQV9oODluNFh5RnFrWmdYaXpPUzJpRGJRdjJaMGxXUy0wQ3paYWlnMzJsRERIYkJUbEF3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F5LTRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD1LR3lCNm5Ed3dsSSZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb296aFZpVEtfNDA2V2FWVHBmUUJveHcmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzE0ODgzOTMzMTc2ODI2OTE5MDMiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAXnq6rDgdbLhHbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB-voBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=e1d41df59ceb8be5487040956474513502b142b3&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d68019a7-bd79-43c4-b0f3-4bd51482a9de
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AF92 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
82d60d7f-4398-48be-8102-6785c4885392
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame BBE6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69757d069494651b4015ee7f2a2ff3b1c70043bab4c65f5ec627bf65d4294a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 786D 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 786D 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
main.js
s0.2mdn.net/sadbundle/862137188495136981/ Frame 786D 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/862137188495136981/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc34b5228224caef0a37f0c9ba4ed6b7f3630d3a0f8cc97463c2d7b5d722d374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450959
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2576
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:05:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:29:22 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 401F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4DC0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
vevent
ams1-ib.adnxs.com/ Frame 1518 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiQho-UBhCEmfDLyfnxn3MY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4oesDgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q29IbjlFTU9EWW9qN0JaQ2Y3X1VQdF8tOG9BMzYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RMVhRMGtqbldHOUlQOWNIS2hnUTZzdkYzN0F2S2FDcUIwZnFQV1gyd2VIdjk1OGU3ZC1CaW9UXzZVaEh3WV80Z1UyWmNqTVVHSTVFaV8zREg1NVZMU2l6N1lzelZGMURoSWZ0TW9hSnpWNlF3WWlRWjN4bmRrOHJmdlNHejJqQ3VlOVpKS1ZxajZvRU82cVo5ZEFNV1ZMX3dZRmM0eHpZaHdzbS1YWnRlbGEwdFMxUUxhM3FwQkU1RWZ2Y2VSa0RibTY0bnVDVWtOLV95alQ2aHdRRjlWMjJlUXZWVXE1Rmc5Uk9XQVoxVlFKZktpNEIzU0pYaERWbl9zQVZydDl5aVlURXltVEN2a3RmWWVWR1JqdlhDQUZZZVJRcm1fTXRQVmhhR1ZmbnA4bjZJMmt5bUtUMmtOXzZITHhlRFhvbUdRSnRvX2YtUFlpV0FHMU1NaEg0WjJOdkk1VFJ3MDR6WTdlY2txNHh4dTZBeUJuYXpnOEFFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9UW92dmJLdEM2NEUmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um8tOUYzOFBoVThqY0I0NHcwS2pFbGJBJnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM4MzA0NTc1OTE5NDU2NzgzNDkyIgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFqe2BspCc3r5QwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAeh6wPSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=125d25293252dbe7207ce812a96658d63c9b831b&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dd4d6da4-914c-4391-9f8e-7c5ab6b12584
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5D9E 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
08527037-bbcd-4f5b-9db9-3d1cbb8bc30c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B6A8 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6ff68b4b-c676-4924-96a8-dfc488f576a5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame C9CB 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiQho-UBhDyh9Kgl_GdjToY0sWY0qrvobloKjYJQl4PJsXH0z8RWZ74Szoz0D8ZAAAAIK5H0T8hWZ74Szoz0D8pQl4JJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF48b4DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q3FxUGZFTU9EWW9YcEJZaUJnUWVpXzd2WUNmclN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDeWRLSUxiU1RzVDZvQXdHcUJKY0NUOUNxTjV0V1lYeERjaXlhUVZRekFxRTkxVkxvSF9FRndlekhaYXVROUpXRVI4LU1jWnEwSVVwV3o2LWg2VTJ3V3FuSHIxdmp0VV9rOFdPZXZWVVFxLWpCYUJUd3B0RDMyaGY5THVXV0ZGblUwbUpzRVB2NHRKclBJNHpNQ1N4aVNteUprQldpUzdEcjNMTm54SDV5Ui1mcElpQi0xWjJLU0lwTk9FVUJPZ3FxRWx4dXAtNkl3VGM0VG40ck1wWTRmZTBwVTJQckpDcjViVUV3dXFvQlpGZTRJQldDcFBrNFZYSVN6aDdGQno5ZWVLN2JpdU9SelBUWDBYbVVyOVItZjZIam9TeUxuZ1BZRl8tXzdIMkxrNjQ2aTVTZk9xaEp2YzF4SEtnREFmT3F5S3JRdEpMTFc4QzRMc2dzdEx6YlhTQ2NtWDFvemg4OUV5eFFfYW11MGRQYzMwcGdLc1RNalFpRGpvQmNQbUVJajRsMXd1STZ3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F6TzRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD1sMmNzNFFPNW15ayZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb0J3ZHQwY3p5NTFOc3Q1MjU1UHh1NVEmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzQxODY3OTAyMzU4MzYwMjM3OTQiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAXatJTh9fT_zlrABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB_G-A9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=2d96844df3bfc109aac0afe09477baa9b9b8a2fd&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d4c10604-6ac9-47ae-bb75-c72e232149de
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3568 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 748A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=brjrd&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40726
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:21 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589227
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802322.596182,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame 3568 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKiBPBMIgIAAAMA1gAFAQiQho-UBhD3wtWAhYHR6j8Y0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPRIATEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF48JsDgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAW1uPqu8uWm9AbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYADTEk0AaL5QHaBhYKEAURHQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IBShEIAAwADi9BkAAyAfwmwPSBw0JEUkBRgzaBwYIBQlE4AcA6gcCCADwB4njAooIAhAA&s=bbaaea7cb75716ccb11b7542aaae29ca987bebe2&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dbrjrd%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dbrjrd%26e%3D1068016250166&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7e217b48-7a88-41f1-9d3a-93403047f746
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/ Frame 1306 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/postback?oz_pl=1&ap=&sr=13&dm=300x250&c1=4562312&pp=10264&si=5614020&ac=651871&ci=619621&ui=78d00aa7-9d48-66cd-0000-000000000000&ti=6288863528235289568&r2=&r3=&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fua.korrespondent.net%2F&pv=0eaeb631-9796-443e-a6d7-bb939c981128&de=43003&cr=6622395&ai=216536&r1=146.70.117.0&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//ua.korrespondent.net/&ui=78d00aa7-9d48-66cd-0000-000000000000&ap=&ti=6288863528235289568&pv=0eaeb631-9796-443e-a6d7-bb939c981128&pp=10264&sr=13&de=43003&si=5614020&dm=300x250&ac=651871&cr=6622395&ai=216536&c1=4562312&r1=146.70.117.0&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:21 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.mediamathtag.com/2/2.58.0/ Frame 1306 		158 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.58.0/main.js
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//ua.korrespondent.net/&ui=78d00aa7-9d48-66cd-0000-000000000000&ap=&ti=6288863528235289568&pv=0eaeb631-9796-443e-a6d7-bb939c981128&pp=10264&sr=13&de=43003&si=5614020&dm=300x250&ac=651871&cr=6622395&ai=216536&c1=4562312&r1=146.70.117.0&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0d98e830f86a78076c3e8c7fc4c55ba3af530e1f20d590412060029388ab39e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:21 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
50556
Expires
Fri, 23 Jan 2054 17:02:53 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 778D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
pagead2.googlesyndication.com/bg/ Frame 7CB4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 19:41:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
72209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 19:41:52 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6EE2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 7BEC 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b5ac96bd-2af3-45a6-9607-ebf656a6258a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 44D3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame E8F4 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
da922644-251d-42ef-9cb0-88fdcc26903e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame 1E5C 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiQho-UBhDp5vXb3pSLoBkY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF45doEgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q3NxMjhFTU9EWXZtOUR0SFBnQWV1MzZIZ0J2clN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDYTFyZFZrS3VzVDZvQXdHcUJKY0NUOUM0cnRPU0djUjA4RmJwenlPaHhxRjVTbFhRR0twdlBicjB0UVJpNG56aTZ5Ym1FZTg2eHFhX1ExZzFjSGtic19zMEFTdGtQbUluRlpMcW5BT0IxTklVOGR4ZFQyblMxSUdhZGRyeDNSMjN2d0tKZmtOVElJcEF2TVVHd0pRdjFtOXo2a0hmWTlNR294NEtSR3FhQTlXU0xhQlE5LVFDcEVZbGNLVjNCTHJ4QVpCZlBacjNIUmJSdDZ1VnlkUGNqeG1LdUJxV3MwcWtwdERfRE02bUV4d3ZwQk1DcDZjTTFmbzZwTUlLWFo3dXlReWltb3I0VXJfVG9tUkZQS0M1anRIN0tLOTRzWDhobTQyOFh2emZYREdfV0duWm5FVTltcXIwX0F0akV2TXI2LUcyQ3l3bk1pcVVBZDQwRXpheFNOOFkxMzczT25nOVNxa3lRN3NDWGdZczFGRkhyR3V6V0tZV2RSRWRUZjJYTFI0cGI2TFh3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F5LTRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD03eFJEaWtmeHQ5RSZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb3J3aTV0V3J0Zkh1RlBJZDlidDhZZHcmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzE4MTk1MDMzNDA1ODk3NzM2NzMiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAW2lsjG5aGm7nnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB-XaBNIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=a6316d278a5790c61bd437dbf1996e77f8e200fa&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f437b8c7-a7da-44c5-a8d5-838fa5d50949
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1285 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame C986 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b115ff82-a1bd-4a60-a66e-c88d03d7da2b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AAD1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D81 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37626
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652269989122821"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 May 2022 15:45:21 GMT
index.html
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 9060 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
450883
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 10:30:38 GMT
expires
Fri, 12 May 2023 10:30:38 GMT
last-modified
Thu, 05 May 2022 07:04:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2D81 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEVosyHPq7AHQGZunZvPpwkUUmvyDFkS0DzREFtGqSj-RFm8lIS8dNfwIcSP--j9R6V04pMB4Jx3WeaQjOo-Vp6wjqtmull3Sbmcyfah0_VK7SIoHaCmUUeBeYkubrrJjKegbGB3WnYWVNehuhIqA1H-8won4&sai=AMfl-YSawGRmaxhCTl5k2EUkvcrkkbvewLwDnkwS3wR_thanVubh58J8MjDKPOa9P5AGA_5B6duz-WO3d51BktbUcfDnEYj-HUaQIgk&sig=Cg0ArKJSzFx3poSr7oBTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=571&cbvp=1&cstd=569&cisv=r20220511.97114&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
vevent
ams1-ib.adnxs.com/ Frame 1306 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLQCvBMUAUAAAMA1gAFAQiPho-UBhDYncGA9MiRoUoY0sWY0qrvobloKjYJ203wTdNnuz8R_x6yBPZxtj8ZAAAAIK5H0T8h_x6yBPZxtj8p200JJPTiATEAAADgUbiePzDLiKkKOJhQQB1ICFCW2qiGAViTwosBYABotNiwAXjH7AOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC-AAwCIAwGQAwCYAxegAwGqA7MGCuoFaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUbnBvYTAxRVFtaFpWR04wVDFkUk1FOURNREpPYlU1clRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpZeU9EZzROak0xTWpneU16VXlPRGsxTmpndk5qWXlNak01TlM4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVQzFIVEdGU0xUSmlkamh5VkVOUWFtWTJRMFppYWtVdk1TOHhNeTh3THpBdk9UVTJPREF6THpJME5UUXdPVEV3T1RNdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWBHUTE13ZDAxRVFYZE1WRUYzVFVSQmRFBRA6MAAQY3ZNQzgFfAkIDFl5T0RW_ABoWVcxekx6QXZNVFl5TlM4M015ODVPVGt2TXpJIQQwME5pNDNNQzR4TVRjdQVMfGpBd01DOHhOalV5T0RBeU16RTVMekUyTlRJNE1UUTVNATzwaVRNdk1UQXlOalF2LzNDdXFKTVk3V2l4b1VMeTNiRFNESWpBWUxUWSZub2RlaWQ9MjgxNCZncm91cD1jZGcmYXVjdGlvbmlkPTYyODg4NjM1MjgyMzUyODk1Njgmc2hhcmRrZXk9NjI4ODg6HQDwfXByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9iYWhhZmQmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNS44MSZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5NSZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhM2MkKtALAaEzUzNTA5MTY1NzkxMDEwMDM0ODAiCTI4MTY4NTI3MCoGMTAxOTM2Ogc2NjIBY_CwwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBJbaqIYBiAUBmAUAoAXQkvLL6JHZ0ATABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX5yyH6BQQIABAAkAYAmAYAuAYAwQYABSUs8D_QBvmrAdoGFgoQBREdAYgQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8IAAEjRCAAMAA4vQZAAMgHx-wD0gcNCRFEAR4I2gcGCSdE4AcA6gcCCADwB4njAooIAhAA&s=6f6852995bc7c2f5aaa1ac0c3335fa699542139a&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
abf72650-da1a-4c23-9954-ce61f89d64d1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B163 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B163 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
main.js
s0.2mdn.net/sadbundle/6979732036807963214/ Frame B163 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59ab3bc73d12a95adc46cec312bd538a692c8361fbc2c6b76f8b33b96b62d4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
S-300x250.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 93CC 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x250.gif
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=67452400152568000951425011962008&a=4db25b0d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
8aa79a5d6fdffd63c26f013cd8f1bcb12ed624ef714702b5850cc30b673e6a37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:21 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:52 GMT
Server
nginx
ETag
"5b55f218-119bc"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
72124
vevent
ams1-ib.adnxs.com/ Frame 0622 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiQho-UBhCiitvB8qvosEEY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4mL4DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q1FkbDVFTU9EWW9xLUVNbWk3X1VQXzhHQndBMzYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW9PWnRtLUFwTEUtcUFNQnFnU1hBa19Rdk03VS1RV09zZEhlYnlNS2hOeVFMdFhjMFQ5UV9IX2toZGN6YVZYOEUwQXZxVXhlbmNCUFhJWEs4SGR2U044ZGV5dVZweDFSQ2NWcVRBYkp1emtOcVdKWk9JWFdoZ1d1WVdNbHJhVWRHLWlFdFJqOW9rQjhMRUMxM3AtNm8yeHZFZUlJaVhoR1lqcHhtZ0RlMGcyWFh0a0dzX0VvNUxWbUstajBBR05GX2JlNU9DcVc3YlBGQXNEUFRwWklLbjhUZnpqMEF0QmFMSGd1dVpJOE0xVFVKc2hVY2ZMSkNteTNJejl0X3BwWF9TSWx1UWdNc21Rc083QU1sdGdWbVNFdzNIYVliVTJvUmlueFVnS3IwUGNwNVZmbExYQThLUXJTODFlRTBkeDM4VFFmN2tSR1JXV01pZVN5RUlJdVdXdnY5akFjclZ4U2VTTHJra1FTemo4VGI1enQzV2VDbDExUlpSdzRsWUFhTjV0bDYxS0xRTUFFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9QUU1MFNtQ3MwLWMmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um92Qm4wc1FGb2RaOUlQajJYdkRlTEl3JnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM0NzExMjI0MTE1Mjc0ODkyNTc4IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFz5qsiIS22LMIwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAeYvgPSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=5e9d9152ccf949de4170bb90e08d264047b1bca0&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b38acdf2-abf8-4c5d-9c87-be7f26babce6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
comdirect_berater_300x250_js.png
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 609C 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/comdirect_berater_300x250_js.png
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zrffrdpel&e=1068016250166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b6d4ad67989d0d596709245696c3d3f82192ba78f2696d3a17830aae68374a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111336
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1026 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIAfm3jW7Cmk8lh1l94Ii6CFrzzFFle0OlcIpfm2EpjZDPBudN4KmG_LxN5yTrfWiVY_oyi5679SzyVok06hEWVQ1VCUs6OSCn3WFkjy90tDZeY5c767crUHNT6OrOMLCeUTr2k-fq843ahEOFnToLBUUu-fM&sai=AMfl-YT-FLYJWGZludg4N3bvrvTmXsqH_lzRfDSRUTE6h5769pmwxFgfMHsMoT_RFO-XXTNTsHwucleT6HO0EQPsDhd9UYdxEq4WDOE&sig=Cg0ArKJSzHArfqb0RKSAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1318&vt=11&dtpt=1014&dett=3&cstd=301&cisv=r20220511.98632&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 34CE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
comdirect_berater_300x250_js.png
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 54A1 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/comdirect_berater_300x250_js.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b6d4ad67989d0d596709245696c3d3f82192ba78f2696d3a17830aae68374a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111336
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5640 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrmmgj7SnWRD_Qm_rRKKrxll05ZS1Z0ECvQgFFBkAGpr2QFaj4qqqir_imGyt5QYilz2ySx092Tc-QB6l4GCATvMFgSwgjmbez8y1jREoGDRq4ZMH8a4JUjlV1oeA_RM0Hc3ZfJQ-KIvYvJfCEyKqxAGjeP2s&sai=AMfl-YTeXEIlnhLiPh6cBioWGXztJEry9WUoKFXK2BPPU_VsQSHrZxYcboKl2PkH4eYmSDR8LDsMWZTbrsYGp9kyIgk0KvBd6KM5uZU&sig=Cg0ArKJSzIfUB5vtEyEMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1350&vt=11&dtpt=1030&dett=3&cstd=319&cisv=r20220511.63223&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
comdirect_berater_300x250_js.png
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 992F 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/comdirect_berater_300x250_js.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b6d4ad67989d0d596709245696c3d3f82192ba78f2696d3a17830aae68374a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111336
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D062 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssa1TCkfWrSfnskIFmjD0y6EfnEftDbNxY60lNUj03cjeAcNdQuo4wxhwLsyADih0g5kvVlTdl_BY8eOZH1HeVv1HIJ2lD_vKQuA5DiaLMlJ4pYNHLFySBH7t8HVOAhncUgcQbPDtesQyIZ5ZCiqCm2F63a-ug&sai=AMfl-YS1jhhrieVYMd_AOrMKvLuezw_GdvvyJdmmOgKVj7jshMXEvBOMC8z86d95MImSP9GtA0i3NEMztk2H0u0OyyhlJknyYnes1kI&sig=Cg0ArKJSzFp4zRdb9Qj5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1295&vt=11&dtpt=1011&dett=3&cstd=282&cisv=r20220511.63054&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
comdirect_berater_300x250_js.png
s0.2mdn.net/sadbundle/6979732036807963214/ Frame C40C 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/comdirect_berater_300x250_js.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b6d4ad67989d0d596709245696c3d3f82192ba78f2696d3a17830aae68374a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111336
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FDD8 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-prXjT5h5BYWxXopsY_jIhiFq4-oWIg41n7NZW013QDKQovcgE5m0f8vmPcUrYawHVc2nt6xN1adXpAFkf53tXonOYEXrvmTT27YRjgWjwkw4vHZiEbSYLrlwrceq82TpTI5WahA8aEYeQ0wfTO2gdocmfug&sai=AMfl-YQ5DhFNMVOWcC19TPBRqPkcPfXksyExAIEQkKyKqTyma_Loh0PaxFvSwY6J6s_sHMbhaL6IO1dGFqRwD9Aj3IiooTu5WrA7Ufk&sig=Cg0ArKJSzBV3_rNVDWpkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1305&vt=11&dtpt=1023&dett=3&cstd=281&cisv=r20220511.97182&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
comdirect_berater_300x250_js.png
s0.2mdn.net/sadbundle/6979732036807963214/ Frame E975 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/comdirect_berater_300x250_js.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b6d4ad67989d0d596709245696c3d3f82192ba78f2696d3a17830aae68374a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111336
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E306 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4AW_-9CuVCOB8yrF-j_YHVAqgDbQSIt9Rhu33tQ4mTkcx-7S8harrjWxh_QD8hU7ZzZmTtyZtao-RJyMX2LMtHzZSg5HuAZw47BLcBE9mGSLkpdoSzE6M-sR75EDgpOaYogofrRifb8__pj1ixi4xtLgpkiA&sai=AMfl-YQjAGxMOScsHCG2zS8RJKR-bpgdkc2qdEF4kJzNX1egGBL2K9wN-SFuf1aEjUAwjacgCFfXsLD4dESx_oYYWlrWPRKVyWET2rU&sig=Cg0ArKJSzOWIrAuhKnYLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1251&vt=11&dtpt=990&dett=3&cstd=256&cisv=r20220511.93623&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 56E9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame D524 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cb32e425-e2d7-467c-bcab-d58042a09a55
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2D81 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 13:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 May 2023 13:28:20 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame C828 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ukbrjr&e=1068016250166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40726
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:21 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589232
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802322.854503,VS0,VE0
rd_log
ams1-ib.adnxs.com/ Frame 2D81 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKiBPBMIgIAAAMA1gAFAQiQho-UBhD6o9Tt3OOGpjoY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPRIATEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4kucFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAW9qv_s3pzDzAPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYADTEk0AaL5QHaBhYKEAURHQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IBShEIAAwADi9BkAAyAeS5wXSBw0JEUkBRgzaBwYIBQlE4AcA6gcCCADwB4njAooIAhAA&s=d6d3a4ac1786b8497be5ea1194bbdcc2d495e912&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dukbrjr%26e%3D1068016250166,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dukbrjr%26e%3D1068016250166&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cfe5eca9-e185-4a40-a1e5-4e63e25d1f1f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
comdirect_berater_300x250_js.png
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 1A4A 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/comdirect_berater_300x250_js.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b6d4ad67989d0d596709245696c3d3f82192ba78f2696d3a17830aae68374a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111336
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1518 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOrj6m_jypcZtF163gM2jFCpZo6dN1htSiB0QmaqHCnZ39s6-NPGJSrfJirhYMeYXrzEvn81hJiXL71c1apTUE5Ghi8uucJyRmIrfwADrYe1asSwa8tZl7XaDWMDtw74tQJwXC-TcF6m08CjsSokGHPd002EA&sai=AMfl-YT7XDZs7WD_nmnlK-0OtYPhq7QIHNrxQgluT1j0PJhQrRP1Qb8651-HZZGAwz0nJiXBuf8TWNvs2EppWXRUMSSXJkw-4Sj50iY&sig=Cg0ArKJSzOaZxJX0aHFTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1255&vt=11&dtpt=969&dett=3&cstd=284&cisv=r20220511.04914&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
comdirect_berater_300x250_js.png
s0.2mdn.net/sadbundle/6979732036807963214/ Frame A8D2 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/comdirect_berater_300x250_js.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b6d4ad67989d0d596709245696c3d3f82192ba78f2696d3a17830aae68374a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111336
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C9CB 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuX13oyeD7dKSJclM8FrvC7vhVG7Bq5C04nUFQYAxd79HQcyiPmR_Wp9OlL4P0JgGMqIFnFpCXfPEOwiABPgVv_3RE6eAVmJ27EuNqgV7vbcZcgBM-7YfVYGdz0WXbBUMg54_GNYlyMf2MdwJZd8-K3qj7VT-U&sai=AMfl-YSN-l0PK5tebavUcCZUtc53c9DvvTC1keEo_HqHugx4q0_j2nq8eTJlf-kwY6n9gjA_0q9KoDnJdDPiH74BM4gUFKb3TA4z-nk&sig=Cg0ArKJSzMKKDx44azLgEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1249&vt=11&dtpt=967&dett=3&cstd=281&cisv=r20220511.10384&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
vevent
ams1-ib.adnxs.com/ Frame 3568 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiQho-UBhD3wtWAhYHR6j8Y0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF48JsDgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q2RENnlFTU9EWW9DMEJOS0Q5dThQeGUtejJBTDYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RVDdTZFE3SEtpQlQ5Z2ttYWJ3YlVzYlh1eHJGRlJMRGtvR0x4OExnVDRjUXBqWEVrVmp4YzVIQW8yTUp1eUdURW5nY2xkSzBEVFhHLURSbC1OMzY5MjlIck9MWDJBVURKQU4xbDhSOEN6RUl2VHRHTlZfay1QXzV3V2xNazBINDlJTjJqNm1tUXprVmN0b2VrQW9WRy1nSXp1QVlocWpMTEpwMUJ1ZU9peXhHWVdodWxlOEo2M19mYXNkZDdfWVEzdVN0RklocTBhdVo1M2lTM09ZTFM4NGlHRHFQRzJjRGJNNnpuSmIyTWhBWkdLNTlhN0FUYmtnNWNCdHo3UjNfMDIyMUFKS19wc0VpN0h2aFNkSWRwWHROVWN6LU5uMFRjTTJPOWR4UXl3UzdoY2JVaHU5aDJ6dEJ3VzRNb0xlMUNfanI5RHlqRFBDN3lTeGdoR2hIYkxCT2FyZXViM0szbC13S2RwVjktVW42UVlGQ2tHY0FFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9WmlkMDRfMVpQUWsmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um9XQXlEbk5ZdmJhRkluRUtyeUJTS3RnJnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM0NTk5NjU3Mzk2OTIyODM1MzE5IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFtbj6rvLlpvQGwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAfwmwPSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=d2a57a8f5f666d43ac6c97252da02263361489aa&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ca620e22-c781-4bdc-8f3d-d8287e1eb1b5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
viewability
hal90008.redintelligence.net/ Frame 93CC 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=67452400152568000951425011962008&a=5a5b9cb1&vb=m
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=67452400152568000951425011962008&a=4db25b0d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=67452400152568000951425011962008&a=4db25b0d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:21 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 93CC 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/24i/tools/js/ Frame 93CC 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=67452400152568000951425011962008&a=4db25b0d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:21 GMT
Last-Modified
Tue, 03 May 2016 20:54:50 GMT
Server
nginx
ETag
"5729101a-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8948 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5721 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
comdirect_berater_300x250_js.png
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 8903 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/comdirect_berater_300x250_js.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b6d4ad67989d0d596709245696c3d3f82192ba78f2696d3a17830aae68374a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111336
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7EC3 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2oxr7ncN_oEOW8PyspvCRpfgZ7gJvlKGFvNcZ0onwHxE44UeJ4ZDYh_zqhsQZikGwl73OFGsrJxzMVWfmgF9rVgB85QJ6SYnNyLgwtiXOimA3lx1OTi-i24gitKPJ6qqALZ2ZqQsWUmw-MsIbWCUPa5YyvdM&sai=AMfl-YQMMyP_KBaGvJfKZfEePofaOrqo3i3mmHx3g2Cj2Smm02WhgjUy1h7KOPSLKyWaqffNq3A2GQLmNs3Hr7z62nSEOM31GZnWqPg&sig=Cg0ArKJSzBIEUdYBKu4tEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1273&vt=11&dtpt=955&dett=3&cstd=316&cisv=r20220511.99516&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
comdirect_berater_300x250_js.png
s0.2mdn.net/sadbundle/6979732036807963214/ Frame CC72 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/comdirect_berater_300x250_js.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b6d4ad67989d0d596709245696c3d3f82192ba78f2696d3a17830aae68374a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111336
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1E5C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstS9fgo6NULi7d6Va6ViYY1spHAvzij5E9-KO2_DV-FQP0-GIUPIN_A9_GyINQquTKKkDAjyfOe7oDsZj2TG9160WqUrjeJ_6aexon0o--kJy1DnRIe7sDtY6bmfnPnAKBIZqt6Y8ae4OnSqUVSbNVJ3SL-1mc&sai=AMfl-YQlGkqergyDQdWodDLVz_F4KZwGKvWJUvc0IDd3f8PTM2GutPucJE-Zr1bsNu3wcTDeyy6alevr2DpKYWRervKdwI_CEM4s6js&sig=Cg0ArKJSzIhUQqJVLJ4oEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1256&vt=11&dtpt=932&dett=3&cstd=323&cisv=r20220511.52941&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
async_usersync
ib.adnxs.com/ Frame 748A 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:21 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
205bc918-80c5-4d26-9e5d-ee123521b5c6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9060 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9060 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 May 2022 15:45:21 GMT
main.js
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 9060 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59ab3bc73d12a95adc46cec312bd538a692c8361fbc2c6b76f8b33b96b62d4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
postback
s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/ Frame 1306 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/postback?oz_pl=1&ap=&sr=13&dm=300x250&c1=4562312&pp=10264&si=5614020&ac=651871&ci=619621&ui=78d00aa7-9d48-66cd-0000-000000000000&ti=6288863528235289568&r2=&r3=&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fua.korrespondent.net%2F&pv=0eaeb631-9796-443e-a6d7-bb939c981128&de=43003&cr=6622395&ai=216536&r1=146.70.117.0&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//ua.korrespondent.net/&ui=78d00aa7-9d48-66cd-0000-000000000000&ap=&ti=6288863528235289568&pv=0eaeb631-9796-443e-a6d7-bb939c981128&pp=10264&sr=13&de=43003&si=5614020&dm=300x250&ac=651871&cr=6622395&ai=216536&c1=4562312&r1=146.70.117.0&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:21 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
comdirect_berater_300x250_js.png
s0.2mdn.net/sadbundle/6979732036807963214/ Frame D2DA 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/comdirect_berater_300x250_js.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b6d4ad67989d0d596709245696c3d3f82192ba78f2696d3a17830aae68374a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
x-content-type-options
nosniff
age
450883
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111336
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0622 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspKLgwHIccxNnq31qcIBpyAi09JbpxzmWQvv8L6CZaT_ZH55deJ8624A9bfTI-YTUZFoKChzLXHyLWOLTJFEA-2I9g-MHjT_25q599G_2oHmxCPqmGmyvz1JAGvOIBkLzJo2WK1m-HvwQabHvTaoYaIqm4BRQ&sai=AMfl-YTPTJWF_bqTCbJNPCkIVKamN-V2i3Kg-4bHfLqFZ0PLXLQ_HyNRi3kfNfufJgv585l8FeSEEX6f89x9oc8CgWT5RVYHni4TJHY&sig=Cg0ArKJSzAwvKpfNi_SsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1326&vt=11&dtpt=979&dett=3&cstd=346&cisv=r20220511.63635&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 609C 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 609C 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bba90a18481b39ff1b457148b173ea61e73632d785c84bcbcee54cd00b5018d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 609C 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa34a0a9cfab7678278925a6adc9de74f4c743f9425a219a418c0880c10faf9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
pixel
cm.g.doubleclick.net/ Frame FCAC
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAABbHfYwo3OLKzddJi9fdE&google_cver=1&google_push=AYg5qPLg-saakr1BEr8S2E4GceDTwZFYwvVidN6ki36rXnYfDk-4F2bKLD...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLg-saakr1BEr8S2E4GceDTwZFYwvVidN6ki36rXnYfDk-4F2bKLDAzCOFp7TWbcri3rRAxp3jTNPYOwtTBTSMlyscvQq9ceA&google_hm=4vF3LGz8T5...
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLg-saakr1BEr8S2E4GceDTwZFYwvVidN6ki36rXnYfDk-4F2bKLDAzCOFp7TWbcri3rRAxp3jTNPYOwtTBTSMlyscvQq9ceA&google_hm=4vF3LGz8T5RqRqmRW4UoXA
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLg-saakr1BEr8S2E4GceDTwZFYwvVidN6ki36rXnYfDk-4F2bKLDAzCOFp7TWbcri3rRAxp3jTNPYOwtTBTSMlyscvQq9ceA&google_hm=4vF3LGz8T5RqRqmRW4UoXA
pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame FCAC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECR_u3yM_FAVmnGc63Hi-Zg&google_cver=1&google_push=AYg5qPJL4CAiPHDJXzLI7jIabVA_Y0r3Rh7zllK_bbaM9EO6gXysHIqeY6ZWYq63P3YDOGwWDiWRBX-xrERTL6aBwlaoRj2izQd_&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECR_u3yM_FAVmnGc63Hi-Zg&google_cver=1&google_push=AYg5qPJL4CAiPHDJXzLI7jIabVA_Y0r3Rh7zllK_bbaM9EO6gXysHIqeY6ZWYq63P3YDOGwWDiWRBX-xrERTL6aBwlaoRj2izQd...
43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECR_u3yM_FAVmnGc63Hi-Zg&google_cver=1&google_push=AYg5qPJL4CAiPHDJXzLI7jIabVA_Y0r3Rh7zllK_bbaM9EO6gXysHIqeY6ZWYq63P3YDOGwWDiWRBX-xrERTL6aBwlaoRj2izQd_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJL4CAiPHDJXzLI7jIabVA_Y0r3Rh7zllK_bbaM9EO6gXysHIqeY6ZWYq63P3YDOGwWDiWRBX-xrERTL6aBwlaoRj2izQd_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H2
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
70cd7ad4ad4001db-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1567
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
70cd7ad14f8401db-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECR_u3yM_FAVmnGc63Hi-Zg&google_cver=1&google_push=AYg5qPJL4CAiPHDJXzLI7jIabVA_Y0r3Rh7zllK_bbaM9EO6gXysHIqeY6ZWYq63P3YDOGwWDiWRBX-xrERTL6aBwlaoRj2izQd_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJL4CAiPHDJXzLI7jIabVA_Y0r3Rh7zllK_bbaM9EO6gXysHIqeY6ZWYq63P3YDOGwWDiWRBX-xrERTL6aBwlaoRj2izQd_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame FCAC 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESECaNsJozmzXF8XdYWlhW15w&google_cver=1&google_push=AYg5qPLFqDhQ7UCtyKP53OqS-n8Ufe6s0OiLVKwQho4Nmp1_pk2ez1KhRA5U3HDE02ZEEZnnomLDqbn6RwB1G-3WKHxR4g4ar9Gi
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 15:45:22 GMT
pixel
cm.g.doubleclick.net/ Frame FCAC
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEK4B4nliOa48QujWCXqGAEM&google_cver=1&google_push=AYg5qPJMB5xzO2Bof6epTs1AAP-wEsAE7vXD8Oim39scSCAwh33gAX6UcjCJNV-jOHqFF0UgaPaIAnMRHMP6u7PbLWC0WJV...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK4B4nliOa48QujWCXqGAEM&google_cver=1&google_push=AYg5qPJMB5xzO2Bof6epTs1AAP-wEsAE7vXD8Oim39scSCAwh33gAX6UcjCJNV-jOHqFF0UgaPaIAnMRHMP6u7PbLWC0W...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJMB5xzO2Bof6epTs1AAP-wEsAE7vXD8Oim39scSCAwh33gAX6UcjCJNV-jOHqFF0UgaPaIAnMRHMP6u7PbLWC0WJVG0-HMVQ
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJMB5xzO2Bof6epTs1AAP-wEsAE7vXD8Oim39scSCAwh33gAX6UcjCJNV-jOHqFF0UgaPaIAnMRHMP6u7PbLWC0WJVG0-HMVQ
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJMB5xzO2Bof6epTs1AAP-wEsAE7vXD8Oim39scSCAwh33gAX6UcjCJNV-jOHqFF0UgaPaIAnMRHMP6u7PbLWC0WJVG0-HMVQ
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame FCAC 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEBRQELZpznvrpBv2RCY5ANk&google_cver=1&google_push=AYg5qPJ7sXfu4BQJ22qUpI96DSvpbGJD-27yNw-6OwwOe6uSaC9JqoIzkI6r5YBj6YZ2QPsVz5UtDsw63GaNNUlPAgCtbPuA08tCyQ
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:21 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
opleitnenno6d5g1jq497ucj555qdb1d
pixel
cm.g.doubleclick.net/ Frame FCAC
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL94JHC9hrUyCnbtA9uZkQ4&google_cver=1&google_push=AYg5qPI38sib1iKE569oP_Q371FuQndkd4M1y9phxJv3nuCK_qx9N-ewGMojPcWvKcZAvkVcv169IZq43pu9GeXf...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI38sib1iKE569oP_Q371FuQndkd4M1y9phxJv3nuCK_qx9N-ewGMojPcWvKcZAvkVcv169IZq43pu9GeXfiiqU0mF5jf1TtQ
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI38sib1iKE569oP_Q371FuQndkd4M1y9phxJv3nuCK_qx9N-ewGMojPcWvKcZAvkVcv169IZq43pu9GeXfiiqU0mF5jf1TtQ
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 17 May 2022 15:45:22 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI38sib1iKE569oP_Q371FuQndkd4M1y9phxJv3nuCK_qx9N-ewGMojPcWvKcZAvkVcv169IZq43pu9GeXfiiqU0mF5jf1TtQ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
RUW_SnJB1ArG3PvUW49XLWkTfatNNyk0chHnRPrF1y7opN1FXr7yxA==
dot.gif
s0.2mdn.net/ Frame FCAC 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESENcgyJzXiETtoZpx1BY2nrs&google_cver=1&google_push=AYg5qPL8L0YEVhvr_H6krCX52WpoVrTwSDdiq-a46EhCIhnedIRl0sYIvpUNoZ8tBqoT3LC_tJBhwrgMc9iaJNa6lOL_2p2O2V9_h0g
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 May 2022 15:45:22 GMT
attr
cm.g.doubleclick.net/pixel/ Frame FCAC 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KL0ITdTvvYpifeOXgrveclruFxWNQYctnwJcQSmX6tZtTbZhy8TTUZDy5T-9cq3ZZKs5lRkw
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 54A1 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bba90a18481b39ff1b457148b173ea61e73632d785c84bcbcee54cd00b5018d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 54A1 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 54A1 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa34a0a9cfab7678278925a6adc9de74f4c743f9425a219a418c0880c10faf9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 992F 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bba90a18481b39ff1b457148b173ea61e73632d785c84bcbcee54cd00b5018d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 992F 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 992F 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa34a0a9cfab7678278925a6adc9de74f4c743f9425a219a418c0880c10faf9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
comdirect_markt_300x250_js.png
s0.2mdn.net/sadbundle/862137188495136981/ Frame 786D 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/862137188495136981/comdirect_markt_300x250_js.png
Requested by
Host: 53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
URL: https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f34081974aa06e2e70a3b6260e788f57d78d5c920e759310b2e4bc0f6cc070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/862137188495136981/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:29:21 GMT
x-content-type-options
nosniff
age
450961
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137120
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:05:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:29:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BBE6 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyvnSjPk3lSC9ep9NwthEK64OollEv2W0jscFQsFVEGJO85u1vCPD14ghrrPlnMvgh3TsbeqkZjSPPHyB1kamUOWCn2wCOBCmxwgE0Kb88vSpQ2KNfYQ5LHhkeCMmUdi89vVmuH4pihn3ozGRxKS-aqcA8YjHmvM4e9vv1ENC-cjB1U4s5ZIpY6QdXV8POdh2K8feabZ2ZYgcC1bpU08uhnjuIlCNcfaPES8cw-__7e5VNqrkOeR49v8Xrp-U4j16SK3qHq8DPmyql8OZAg63eUcIwmxuHAeSleOuplWgI8Xe7k46jXqu6FenrHm_WQvw0q9ngNJ04jhyTMQVuct_nu74jZZp3maARWdgeATYDvclv9nVvIwYS2RlnH8OaRhMzsT-0a15N8Y2jdRg0zoUNBi1YHlz7mcSjbr9yBhSVCP7J1rpwgMktd-jzHfR37pKoyjls8SB9AT8E0ya3N-_sw4x0ZoYX5KTWGMa9aP6yCVthK7Inzk4jLPFJHyimchKmailOzT7MB5Cy2zGX4hrDV2DeVAyrW4of4zXaleuoIOzvrY5kaXeV4zc_q6OjJLDjJEH_A-nC5Uxby7b2aFhE9ZPu_YtDRpCuWTRKhFAyHjvR6MpuWTSHFMUPqaLEKoeL7cUvOUbuR3M8J3RJTk4_mayGh8vLceQlXKFqV014VSQkuAxn63G5LngqZaF8j10gxiooO0HbSQxMslBg70LoJiTm2Jkj040RJ3wDmlX3FXvXGGVSF0CQGcmTF1D3BdwpNG5_xGrNNJSxJfcR1CXme3FxoxccRrcG46_gyGqR2O6HSbIe9OUMARi0ft-M04CRsI56xS4arG9RyRAd_2l51A7o7cFSVBrV-VbNtzV2LLQCFQnprsGHB9eWdl0b6BhkgVRWDaOV2zcHJZvkF1TNDO5R6BISeG7DxNq6blfs8FJq1FVo3X9GFkBHkzRIHowWIg-rCRLZwXQIaVd8H1mIR8u6c37PShnCnvurQ-3ikNjCJXl0ps-sb1FvJLarBaWOQUnj8bL_i492GOlOtOqh-M7gX1kdNV2Y9LbW5laufhCqFCrfPdjW4y_0PXQtlegV4xLRsvSNpm_06Y1hsK4UoV4RqhCoMS_uhhISAE9kgWnG0B9ZK5gSxmu90HW0cFDsId94mfaashpauhebemlBDlOOyT5WJQFrm9kUILF-PyUJFM5i6yPt7Ho0GFQCLjEMtoDZMzDjJUW_lemNQvKxvYGZ62pNuhAogFjPoy-MBORuHqwxXBHCstDC4bJCS99ywtoIduozSbC_PLXOfcYDiLtF_i9F5vmvDawb0ZeiuP0gaJ0q&sai=AMfl-YRrTLWS3PIvLpz0Tuf1ZIpyyLW_ifR2xaBv2Xae-Bz1GX2nALC7JsLKhUK_SsxaXGL-nyEAcCw6lCArkHvrodBxQ4Wx10XHbe1afWEpqhuyHem2yO4H85xfXIBMna3BKQp1_tJ8VNN-DdEwFQk84gz9VK0rpWE5a-5z601WQnm4-SGrPW80SXbneAKc75jNo8qgaNNmZY7kl2DR4SFb2BJQ2NmsgqQT4CWVhzmZE5VPgaNxOwCu8rSBNohk7yc6NA2O2yrYGYAqo_JEtYO4U4limyKcv_VTzM-I9LnJLiig&sig=Cg0ArKJSzO0xPGz_77h8EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1461&vt=11&dtpt=1112&dett=3&cstd=347&cisv=r20220511.55058&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame C40C 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bba90a18481b39ff1b457148b173ea61e73632d785c84bcbcee54cd00b5018d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame C40C 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame C40C 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa34a0a9cfab7678278925a6adc9de74f4c743f9425a219a418c0880c10faf9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame E975 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bba90a18481b39ff1b457148b173ea61e73632d785c84bcbcee54cd00b5018d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame E975 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame E975 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa34a0a9cfab7678278925a6adc9de74f4c743f9425a219a418c0880c10faf9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BC5D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
vevent
ams1-ib.adnxs.com/ Frame 2D81 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiQho-UBhD6o9Tt3OOGpjoY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4kucFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q0J2ZFJFTU9EWXJLQ0VNbkg3X1VQbnFlRzRBYjYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RaExxUXl3eVpSMFJvalFfMUl1ZlNJdFZqN3J4MnE3UmZ6MzJiN3E0cFpUb193UjdIMm5pZUVpdmpBU0t2N1F3VFVzZFl0dk84WUtrN1FpdnMxbFJkRUZwZVdiUDc2RjRTNFZwYzlFMmJZSE5Kbk5OSTV4MmhUTlVvcHJCSjhmMmF6QW5aMUpSV1d2TlJ5dWFScUU5MzhJeU9YM05tcVo3X053SFRnZElMMC1uNzU2YUNsNEM1QzRXNmZvRmRXdFZYS21pLXpzWTZucThneDJUZEEyZEF3WXR0dzdfT3MxWDU2T2ZBZzB3cHlPZW15M3NCNGNRQXdzb1FTSlpRREpqcjVYVWtzOENRR2NOZkQ2bmYwc0N3TjIyMXVhakFxelM5R1ZnSXI2NzFtTHpfSVFoSGx3XzdpVWtmVl9zbVlySFB5OXczTUxFWEsxYVVMY2kwSXI4eGhHM0ZKZE1ORjM5MUtscWloVHBCWW05dHZvR3EwOEFFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9akNSUlNJeVhvRFEmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um9RZHNyYnFRWW5RSUNaNURSaTYxVmF3JnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM0MjAwNzYyMzY3MjQ5MDI3NTc4IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFvar_7N6cw8wDwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAeS5wXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=18a20c3090d8d58744a0519c5025a0cf15e922d9&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=4750367241039925270&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c17541c6-568b-4a66-b720-96a29f76d2fc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 1A4A 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bba90a18481b39ff1b457148b173ea61e73632d785c84bcbcee54cd00b5018d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 1A4A 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 1A4A 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa34a0a9cfab7678278925a6adc9de74f4c743f9425a219a418c0880c10faf9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame A8D2 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bba90a18481b39ff1b457148b173ea61e73632d785c84bcbcee54cd00b5018d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame A8D2 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame A8D2 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa34a0a9cfab7678278925a6adc9de74f4c743f9425a219a418c0880c10faf9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 17 May 2022 15:45:22 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
postback
s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/ Frame 1306 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/postback?ap=&sr=13&dm=300x250&c1=4562312&pp=10264&si=5614020&ac=651871&ci=619621&ui=78d00aa7-9d48-66cd-0000-000000000000&ti=6288863528235289568&r2=&r3=&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fua.korrespondent.net%2F&pv=0eaeb631-9796-443e-a6d7-bb939c981128&de=43003&cr=6622395&ai=216536&r1=146.70.117.0&sid=AUVLBmgFEeO_DMnU&oz_sc=8bb5b0b27d5809294117aec8&oz_df=1652802322014&oz_l=162&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.58.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:22 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=63F2E75B267F4B2F86726480FEE1AC7B&time=1652802322478&location=https%3A%2F%2Fua.korrespondent.net%2F&referrer=&is_flash=0&session_id=527415005&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm,holder&param1=~cm_timer~&param2=5&param3=1200&param4=2983&param5=7&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 May 2022 15:45:22 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 401F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 4DC0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
truncated
/ Frame 8903 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bba90a18481b39ff1b457148b173ea61e73632d785c84bcbcee54cd00b5018d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 8903 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 8903 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa34a0a9cfab7678278925a6adc9de74f4c743f9425a219a418c0880c10faf9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
yv
beap-bc.yahoo.com/ Frame 2A33 		43 B
852 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=1158415222410687145:1652802320209&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=JcJ7J-7mGSTONFtm9F9V_glF_naQPeQncniTif5iRa42ksbkPmTWwZ_q6uPO92W-J5Hv25aqiCDUMad5KxWiZBbnloAtcDpPRgKw6WfvZXheNNTaU7RsIWUjCrMnDQXPHElPRhiD7Cqr349ORkX3w69TQx6-mxJyPbPU0t64y0qKwI1yfgB1mYU03ZnKJEP5Yc5jrtsDzFgUXgBapyh6s9V0OKcC63sv9CS3pBwGpE0&iv=100&v=1&m=2&r=1652802322591&im=1&b=100&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7
Requested by
Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:22 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
x-xss-protection
1; mode=block
cache-control
no-cache, private
content-type
image/gif
content-length
43
x-content-type-options
nosniff
accept-charset
utf-8
truncated
/ Frame CC72 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bba90a18481b39ff1b457148b173ea61e73632d785c84bcbcee54cd00b5018d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame CC72 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame CC72 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa34a0a9cfab7678278925a6adc9de74f4c743f9425a219a418c0880c10faf9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
async_usersync
ib.adnxs.com/ Frame C828 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c0e3c09c-17fc-4149-9085-70d1a5e9dd5c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D062 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseV8qhuoeTKnQsQyI7_prOAadRqTW7GSmOGlyZxT_StwzIs0QFirhzM2FzjWwVO3tU29BAvqCR1okxaLb7BJzc4QphaglD9FU&sig=Cg0ArKJSzHp95AMOzraGEAE&id=lidar2&mcvt=1364&p=0,0,250,300&mtos=1364,1364,1364,1364,1364&tos=1364,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802319415&rpt=1871&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5640 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvIWu3vOiA7gUyWnNgoI0w_CmSft3a85XRCI0pg-NMuH5z7Wxv3MNDtdMBeyZoHyt7kledvabdLwJeX_rluT9i8skioAy7tGk&sig=Cg0ArKJSzEb8Y2VAW4D0EAE&id=lidar2&mcvt=1366&p=0,0,250,300&mtos=1366,1366,1366,1366,1366&tos=1366,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802319397&rpt=1803&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FDD8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbZWbmUwPX-AChtT8DF-lgzE6_5-eY3Up7-qr-9EBjVKudlyp8Qi2IOq5qcuhWjMJChRskRw3TFsKEsEblazZgzHG8EcYlZ6U&sig=Cg0ArKJSzCh0GtoRQJS6EAE&id=lidar2&mcvt=1367&p=0,0,250,300&mtos=1367,1367,1367,1367,1367&tos=1367,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802319402&rpt=1842&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1026 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPlwWg4ZgKoB-B5AkvhrF71KmAbLuq8vlLopRr8pavxIyJGcGIKZEEfKkArO-BINydepeg1G6evUAWZjCQ-PZ-iYsfr3L8z8g&sig=Cg0ArKJSzPDnynLJGoY0EAE&id=lidar2&mcvt=1369&p=0,0,250,300&mtos=1369,1369,1369,1369,1369&tos=1369,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802319391&rpt=1828&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1140 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3e8510c6-b064-48fb-8676-6d3ea133aff5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3478 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
07011854-78d3-415b-a905-efea6af7b1f1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CF34 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
88940e76-675a-4b35-ad38-b31c9f73ebd0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6AF7 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1840c87b-622f-455f-ac13-15bf3c0295e2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E306 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuo1iCKuXGtAOeNeBdWWIMXVSE39woInpLWCdHDASRMjarfe8ccoCeV8aCgpaxUwuumMsZ_wGE096yJVOuk5Rx1KU_lRmCiIbc&sig=Cg0ArKJSzJAudRZXd5FNEAE&id=lidar2&mcvt=1306&p=0,0,250,300&mtos=1306,1306,1306,1306,1306&tos=1306,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802319443&rpt=1870&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1518 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgZT3sR8fEj6XpztAYACOUH3PbivFEWG0bbglM3-XQtA2k84wCJ-XveIfqmmceK0Bfrk6k4OtLMr1cERdTLJyYJVQWtxdawS8&sig=Cg0ArKJSzPTXiRe4WeGyEAE&id=lidar2&mcvt=1308&p=0,0,250,300&mtos=1308,1308,1308,1308,1308&tos=1308,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802319451&rpt=1934&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 778D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
vevent
ams1-ib.adnxs.com/ Frame 5640 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiPho-UBhDAibKY84-4uBwY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4ub0DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q1BUNHJEOE9EWXNISU5MS09qdXdQMTRhVHdBSDYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RZl80WTZqZmdHNTlLRWZFX0h3bm5nbFA1blByWGZXMDA5OV9FWHNvaW9ScDJmd1kySlItZGlZRFJ2QWhGcFAwX2tMZkVPWXlRNWJTTTNoMmpYY09UVUxmNTNIc3pLYXFCYlhsZjMwRkQ2NEhMc2tFWU8zRXY4eVhBNno0a3JWVXl3S3RaZGRwRlUzZ2ZENEYza3lNdDVKbU5yMU41SFVVR2NHTEZWS1k3bkV3Ym5ydVl1blIzd3duRUx5ZkZ1NFJPWFR3ejA4R01YQjlXOTkxcUtQVzU2ZnU2OVdNUjQwSzRwWERud0Rod0FERE1rcEhuZWdOZmF1b1plcVI5aHJhUmZUcmxmQVEzd0pHeXZDaE5iTS16bFJqMXhtSnI4RGhqUXNkZk9iTVZocmYwWlk1OEU1V3lSMTRud1pMN0dWcjNMWGg0MmtxZEZjZ0NEQWpLTlRlTXhrWl9UcWdRWU1DNVRrdjd1VkxTV0dQWHAwQl9hc0FFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9V1hnaWlqUWlhb1kmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um9ZRG9DZ1ZnQnREVmltSzFiSFU3VHRRJnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMyMDQ5Mzg0NjY3Mzc1NTAyNTI4IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFgemjiIbShq4jwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAe5vQPSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=5cf24800d09aa81e696faee2438d4c930b5f1409&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=4750367241039925270&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9765f7e0-a1e4-4449-a20e-d5c44ad60e59
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D969 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
05aac0db-3c87-4ff1-a77c-5d1c8fb54173
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
comdirect_berater_300x250_js.png
s0.2mdn.net/sadbundle/6979732036807963214/ Frame B163 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/comdirect_berater_300x250_js.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b6d4ad67989d0d596709245696c3d3f82192ba78f2696d3a17830aae68374a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
x-content-type-options
nosniff
age
450883
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111336
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3568 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3uLuQuk76xUivC0vUefpmx83an4tR_KxbTOshUsfuO-GHPMrT9NJZgD7BRGx9fzwNXxRQL7aJZZU_HrNvA_yQ2y-2ALSSBN1u_-fMb9tHT1mPQbfl6g3eUAjlJpvKLmzwJvFF8rOgF4IfhYxzIpwLwbi94Ls&sai=AMfl-YSiJOh_9W2B0S79ETvlZ19VpXFiKZHo9D34rYWFIwvIyZPtZyj2jqtmETrMulnpolLHIh0hGDMIJ5yxkdaq4_ZFlnJRMWLgcYk&sig=Cg0ArKJSzOT4pCPvSLlCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1797&vt=11&dtpt=1302&dett=3&cstd=492&cisv=r20220511.65723&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame D2DA 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bba90a18481b39ff1b457148b173ea61e73632d785c84bcbcee54cd00b5018d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame D2DA 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame D2DA 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa34a0a9cfab7678278925a6adc9de74f4c743f9425a219a418c0880c10faf9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 6EE2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
vevent
ams1-ib.adnxs.com/ Frame 1026 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiPho-UBhDYiqiviMO4ulwY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4k_sCgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q09pR1pEOE9EWXFENk9NUGYzd082dTQ3UUN2clN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDYTFyZFZrS3VzVDZvQXdHcUJKY0NUOURnN0x3eUxVX1dpcHFzbzlDZHZvSzJsdnFZc1lDVEEwcE1pWnN4QWtLblJreXM0ZC1KMmVWVWJ6OTMxS3BzU0hXWG1aWFgyRDFRQkxLbWxZR2lNN3F1TGZ3a3VCc1Qyb25WU0trcFhIaXMtdlA3VFJhOEszMlZpV1AxcXFIWTZSWVplbXpIVG15ZUJKeHUxVnJLRFM2NGJxQndMVUZWUzgyVmdGYWRfZWYyUjVmWEF4Z3dxQnF2a1R3aDlEYjJuangyTUR0UDRLYjhaNDJYZXRGMmtoMjFBeDE2d3d5SFdXOGNwRTdRc0owX0RTTi1VSzdwM2tNdjJBM25YZXdPMDh0RmR4UGFHdXJTY0ptRlRfaDY0d0tJUmVFVUZGUkJjcnF2YmY1VXhSSGNtWWxiN2FkUV9uQ3FZRXBlcXFQSTdVYXEzVXpsWENubUFnUkc5d3lZSWg1Z2hFZUttckdwTERiRXU3cUlZWllDZGsybk04TUx3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F5LTRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD1NczBTZWJDM1NicyZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSbzZVQWpQNk15RG9RTFFsUTd2dmhVUUEmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzY2NjIxOTgzNDM3NDE2MDUyMDgiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAX9277B8o2P2RvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB5P7AtIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=893c9a66683a615d5206b29d83cdf0604b8cd7a5&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=4750367241039925270&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e76090c1-ae48-461d-b269-22de2cb05420
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 44D3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
vevent
ams1-ib.adnxs.com/ Frame D062 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiPho-UBhCnzafHnpzatScY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF40OsDgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q0Y2R1lEOE9EWW8tX09vbkpnUWZYaW9Yd0J2clN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDZzVtMmI0Q2tzVDZvQXdHcUJKY0NUOUE4emU3d1d5M19Ka3lOdC1ST28tNm9mdkJJQ1hrcnZrOG9xenBjSV8zUHV2V1dCTklWN1ZWbkgyX0VROFV6bGZHX3FZclZyRkE5WXpIYXJPX0pLbTlYank3a0VHdVU5dzFGQ0VMZWRZMGk1SFFORGxla2lHV3VBM2NobmwweXJNVFM1b3VwdjFYSVdhMVdjUzUzcEZrdThQZ1hMNV9EM0VBb2VFdEZEOTZSSHFnbm85WTY0NEtLVkxGRFJENThsUWZrQ0hvVzFWSVRuYm1aRDVYZVJSWkJzQl9sejNUVVlVcmV6M1F5YlgtQ0RINlZlUnl1Z1hOcWw5b1NGaFhWUmVNekFqX252NEhZNmVDcmdSU3BwamFJUmVDSldwanpDTFJnYTVHb2p0QlBJc0ZDamJsUEEtX0hEV1RwcXlBa0V3bWltclJvNUV6YnNQQjRvU1dYMUNERzFYWlotUWg4ZWpaTnM1QkdaUmxZZE5BLU9rb2N3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F5LTRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD11ZlZnem5HUmE2cyZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb3JCQy1wWTVBS2Y3XzZjdU1WVmVLVHcmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzI4NDA0NzkzMDk0NzE4MDMwNDciCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAWd57SEneyroGzABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB9DrA9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=a4d12cf96046dade65195211755b5192218f7f2c&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=4750367241039925270&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6e78b1df-afa9-4238-ad1b-15ccf6041af8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AF92 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
08b56bec-3fa0-467b-8ea9-3f4f731bd999
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame F4BC 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:22 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:22 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C9CB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszwWLHbZxqKK8YgT0WYS_rHhpafd9fArFSCfRNTY3QLE9i3Ok8w4NMgvRUVZkkLUjpZidXM1vkaA5nJ1XvSRZU3D2nZjJf1T0&sig=Cg0ArKJSzK4WEIBEugSWEAE&id=lidar2&mcvt=1272&p=0,0,250,300&mtos=1272,1272,1272,1272,1272&tos=1272,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802319458&rpt=1982&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7EC3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSEd3sFLw05e1xTgULmCE3Jb7aQRh_0o5qKaKtEvpmdg4DMeN7giVX59S6VPtFpPDzqQhdJjLrJHNxjvnpi-0JTs062zmgVs0&sig=Cg0ArKJSzL7Gfnj5BBnfEAE&id=lidar2&mcvt=1274&p=0,0,250,300&mtos=1274,1274,1274,1274,1274&tos=1274,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802319465&rpt=2061&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5D9E 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ff994961-6ec3-4734-9e46-edb7b9425ad6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 786D 		41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29aa34e0852c0a6ff15b303c58c95ea0636eb17ef6f9f5b4c760604bdc5301ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 786D 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 786D 		43 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed55972fafbabf4133dac52851a2001812430919a9414ec539dde1daf9cbd6b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
async_usersync
ib.adnxs.com/ Frame B6A8 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b21f3099-9390-4912-948e-e8d51d326a20
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame 2A33 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLsBPBMbAIAAAMA1gAFAQiQho-UBhDk5KbxjPOeq2IY0sWY0qrvobloKjYJEGQ2qh6cRT8Rxt_PXM6yQT8ZAAAAIK5H0T8hxt_PXM6yQT8pEGQJJPTyATEAAADgUbiePzDLiKkKOJhQQJ8XSLcBUIbJ1qoBWJPCiwFgAGi02LABeMD6AoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAh1odHRwczovL3VhLmtvcnJlc3BvbmRlbnQubmV0L4ADAIgDAZADAJgDF6ADAaoDTRITMTE1ODQxNTIyMjQxMDY4NzE0NRoTNzA4NTk4Njk1OTkzODEzODcyNCIJMzU3OTM0MjE0Kg1PQVRIMTAzMjcwMDAwOgc0NzQ1ODg5wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIbJ1qoBiAUBmAUAoAWRtsyxyKa_-ArABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXPoE76BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG6JYD2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcHMjA3NjczNLoHDwgAEAAYACAAMAA4vQZAAMgHwPoC0gcNCQANShwQABgA2gcGCAUJROAHAOoHAggA8AeJ4wKKCAIQAA..&s=a024d89b13e24a4190cc28e7fb6e465a75b368ef&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=4750367241039925270&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b359962e-1d7e-41bc-95c6-59f094f68eaf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame E306 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiPho-UBhDDoYjPravrkT8Y0sWY0qrvobloKjYJQl4PJsXH0z8RWZ74Szoz0D8ZAAAAIK5H0T8hWZ74Szoz0D8pQl4JJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4qb4DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9QzJKODFEOE9EWXB6clBOV0Y3Z09xcWJEd0JfclN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDeWRLSUxiU1RzVDZvQXdHcUJKY0NUOURLRFZrbGc4VnQ0WWZLOEFwNVdiXzFKV2xzUmFPN0pnOWZLb1VJZjlJdkZjd1RkYnY1RVRiT3g5dVVCdTZGNXRmS280WFl4dUUwT21pQ0l5aFpLdmp5WktPZFc4ZU9sc2M5cDBCWHlueXYybE8wbVZDeGY4TFR4MlpIVlF0N1FwRG9aRlVBdFZRSkVOcVRBYXI1enRBbnRnZDBvSTZjWDNkbm9Lbm9lelFPNmJIc19ic0h3N25SZ1NrZERnZ1Myd0QzRzlZYXZDQTZMcGFtX0xTaTZkVUY3emtzclhuc2htSGpSY0VBRE56U1BxcFZoMHBETHROT2QyeUJmeTZ1WmxYNHVFWDRseG9Nd1FUN1MydTA2QW9FVzVtSmVmS29GOVZzZGctcHpmU0ZQLU45SVdDRUViTV9IS0tiSWFMRkdNVW9PSXluYlF0bElmWnlEYUFka01VSHVVNEZGNDdzaDVCaTFqV1JWcHJzQW5ILTlvNi13QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F6TzRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD13dzNkVmdCS3NHTSZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb0dxaUtlV0NWdE5OaUNjR295STkwaHcmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzQ1NDk2NzA2NTQyODg0NjYxMTUiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAXTiL7k9vH7vUPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB6m-A9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=28f91dee091adfe0bd3c5e4912e005d35e19d6f9&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=4750367241039925270&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bf9b7f1e-e30f-442c-9dc0-5917cc3e8732
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7BEC 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
24bd2003-da56-472f-a3a8-2cdbcb146691
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 1285 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame AAD1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DE26 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 13:28:21 GMT
expires
Wed, 17 May 2023 13:28:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame E8F4 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fb1a5fee-c0f1-4896-b555-46092e57b254
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame FDD8 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiPho-UBhD05Omk17ek1UoY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4sugFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q1plRmtEOE9EWXVQck41eUw3X1VQN3AtTWdBdjYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RYnZiX2R4eXJIWUFGWFBrMmdOYVRsaXllclpsR0x6Y2o0d05raUItUW5mdGV4QXg4eHdiZlRkLXlUUTV5NlZycEZBLVNzYllVSHdTQVItOWY3NFduSm91V2M1VDJwamNfcnJwUVV1dk9qNDVlazF6Vi1LMlhabDVGZWlTUnUzLTc0TWFGb2ZHMk5DSzFFWTFQNGJzeEliSlVlTTdwdU9MWFFiVHhfbEZGTXg0ZDZGMEFJQl9IbF9VYXNXQnpCdlBxRklVOWJPZkh0OU51S0VPakx5NUI4WUZQM2ViYmI1bkFrSnJaV25vWXQtN2VPZEh3eWQ1TkRHT0NydGw0QTdnUFJZM0ZUWXI1ZE03OWljOFl0OXdGMHhVeVZIMFBwZG16MS1KN1FiRVdwS2xacnU4a3JRTHVwQ3BRSk9VM3BFU2V2SDVlVDhtRnlPeE9mOEo2SFFFZXQ2WV9ZSGdVR3VtS2xPZjlGaDFWczBobV9RX2cxOEFFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9cXc4WVYtTUZ3eDQmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um9XQVprOXF4OWYxYzd1UC1HR1lHTHZ3JnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM1MzgwMjcyOTQ3NzM4NjA0MTQ4IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFiIOLqMaxp-h4wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAey6AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=ebbf5776ea3eef8cc0886619470d32644b5df91d&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=4750367241039925270&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
da6f3b9e-2b91-448e-afad-39115e63ea42
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame C9CB 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiQho-UBhDyh9Kgl_GdjToY0sWY0qrvobloKjYJQl4PJsXH0z8RWZ74Szoz0D8ZAAAAIK5H0T8hWZ74Szoz0D8pQl4JJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF48b4DgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q3FxUGZFTU9EWW9YcEJZaUJnUWVpXzd2WUNmclN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDeWRLSUxiU1RzVDZvQXdHcUJKY0NUOUNxTjV0V1lYeERjaXlhUVZRekFxRTkxVkxvSF9FRndlekhaYXVROUpXRVI4LU1jWnEwSVVwV3o2LWg2VTJ3V3FuSHIxdmp0VV9rOFdPZXZWVVFxLWpCYUJUd3B0RDMyaGY5THVXV0ZGblUwbUpzRVB2NHRKclBJNHpNQ1N4aVNteUprQldpUzdEcjNMTm54SDV5Ui1mcElpQi0xWjJLU0lwTk9FVUJPZ3FxRWx4dXAtNkl3VGM0VG40ck1wWTRmZTBwVTJQckpDcjViVUV3dXFvQlpGZTRJQldDcFBrNFZYSVN6aDdGQno5ZWVLN2JpdU9SelBUWDBYbVVyOVItZjZIam9TeUxuZ1BZRl8tXzdIMkxrNjQ2aTVTZk9xaEp2YzF4SEtnREFmT3F5S3JRdEpMTFc4QzRMc2dzdEx6YlhTQ2NtWDFvemg4OUV5eFFfYW11MGRQYzMwcGdLc1RNalFpRGpvQmNQbUVJajRsMXd1STZ3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F6TzRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD1sMmNzNFFPNW15ayZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb0J3ZHQwY3p5NTFOc3Q1MjU1UHh1NVEmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzQxODY3OTAyMzU4MzYwMjM3OTQiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAXatJTh9fT_zlrABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB_G-A9IHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=2d96844df3bfc109aac0afe09477baa9b9b8a2fd&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=4750367241039925270&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7ca3cced-ce16-4485-9183-12c4d8be6362
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame 7EC3 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKC_BMygUAAAMA1gAFAQiQho-UBhC__qrU4rr10xQY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR2BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF46-gFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOnBwrwBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q0NuMldFTU9EWXZuWENkZUI3Z1B5cElDSURQclN1XzFwdjh2Y21QVVAtQzRRQVNEbWw5WWxZSlhpa0lLZ0I4Z0JDYWtDYTFyZFZrS3VzVDZvQXdHcUJKY0NUOUFYZjdFZTFqOGV6Slg2d09saC1hZTR3cnNjb2hHX0s4Zl9ZYVFuLVBTNHcydmJ0aTZjWUNIYW5KOEpjQ3VnM2J2RjFDeDN5ZGdlVUxINlhwcTNKaFhreWNUTEhxSGNkczlGMWRZUHA5VXdMdXVkNUVrYTFSbHdpT1JFSXphc2ZCNEFXSmYtTXhra2x1Yk9randpckwtblktcHpOTlg1dnFCQnNaMFpkWXROR19YTFZFVlcwWXFCdG9TbTlNUDRkYy1XMnZuSTFTRXBFMWJ3bGR2UVpWY3Z3WkZkWW1lYzhJMVV0YXNaQ2g2RkVlTDU2SlN1YUFTZWhrZVN0bXFPNXZMOWZPMFloNG5qLXlQQkFqcldzWFpfMXk3OWJna2tSTTRQU09GRzB3dXpfLVhmem1HemkwOHdBd2ZKaFJoRTZKQV9oODluNFh5RnFrWmdYaXpPUzJpRGJRdjJaMGxXUy0wQ3paYWlnMzJsRERIYkJUbEF3QVRleGItZWlnVGdCQU9JQmRlSm1POF9rZ1VMQ0NJUUFoZ0JTSVBudXdHU0JRWUlIUkFFR0FHU0JRWUlIUkFCR0FHU0JRWUlIaEFCR0FHUUJnR2dCajJBQl91YWpPc0JxQWVPemh1b0I1UFlHNmdIN3BheEFxZ0hfcDZ4QXFnSHBLT3hBcWdIMWNrYnFBZW12aHZZQndEeUJ3b1F5LTRTR0lidzA4a0IwZ2dKQ0lEaGdCQVFBUmdmOGdnT1ltbGtaR1Z5TFRVMk1UUXdNakNBQ2dUSUN3R3dFOW5laVFfSUU5ek5uT0FEMEJNQTJCTUsyQlFCMEJVQmdCY0JzaGNJQ2dZSUFCSUFHQUEmc2lnaD1LR3lCNm5Ed3dsSSZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTRXVSb296aFZpVEtfNDA2V2FWVHBmUUJveHcmdGVtcGxhdGVfaWQ9NTMyJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzE0ODgzOTMzMTc2ODI2OTE5MDMiCTM1NzYzMzg3MSoHNjEzMTQzMToJNDIyOTAxNzY2wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBM-exKoBiAUBmAUAoAXnq6rDgdbLhHbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXewAH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGi-UB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTcxNDQ2MTIwNTW6Bw8IABAAGAAgADAAOL0GQADIB-voBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHieMCiggCEAA.&s=e1d41df59ceb8be5487040956474513502b142b3&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=4750367241039925270&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e8cf8b28-0618-4a41-97b1-b8f92f0d6aae
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C986 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e2f8bda8-30ad-4919-a0ef-63443a676e60
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame 1518 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiQho-UBhCEmfDLyfnxn3MY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4oesDgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q29IbjlFTU9EWW9qN0JaQ2Y3X1VQdF8tOG9BMzYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RMVhRMGtqbldHOUlQOWNIS2hnUTZzdkYzN0F2S2FDcUIwZnFQV1gyd2VIdjk1OGU3ZC1CaW9UXzZVaEh3WV80Z1UyWmNqTVVHSTVFaV8zREg1NVZMU2l6N1lzelZGMURoSWZ0TW9hSnpWNlF3WWlRWjN4bmRrOHJmdlNHejJqQ3VlOVpKS1ZxajZvRU82cVo5ZEFNV1ZMX3dZRmM0eHpZaHdzbS1YWnRlbGEwdFMxUUxhM3FwQkU1RWZ2Y2VSa0RibTY0bnVDVWtOLV95alQ2aHdRRjlWMjJlUXZWVXE1Rmc5Uk9XQVoxVlFKZktpNEIzU0pYaERWbl9zQVZydDl5aVlURXltVEN2a3RmWWVWR1JqdlhDQUZZZVJRcm1fTXRQVmhhR1ZmbnA4bjZJMmt5bUtUMmtOXzZITHhlRFhvbUdRSnRvX2YtUFlpV0FHMU1NaEg0WjJOdkk1VFJ3MDR6WTdlY2txNHh4dTZBeUJuYXpnOEFFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9UW92dmJLdEM2NEUmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um8tOUYzOFBoVThqY0I0NHcwS2pFbGJBJnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM4MzA0NTc1OTE5NDU2NzgzNDkyIgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFqe2BspCc3r5QwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAeh6wPSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=125d25293252dbe7207ce812a96658d63c9b831b&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=4750367241039925270&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
847dc273-c3fb-4517-b0da-5413343f2997
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 34CE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
async_usersync
ib.adnxs.com/ Frame D524 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a4241bff-0488-4a0c-a7a6-1d8227789042
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame 1306 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLQCvBMUAUAAAMA1gAFAQiPho-UBhDYncGA9MiRoUoY0sWY0qrvobloKjYJ203wTdNnuz8R_x6yBPZxtj8ZAAAAIK5H0T8h_x6yBPZxtj8p200JJPTiATEAAADgUbiePzDLiKkKOJhQQB1ICFCW2qiGAViTwosBYABotNiwAXjH7AOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC-AAwCIAwGQAwCYAxegAwGqA7MGCuoFaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUbnBvYTAxRVFtaFpWR04wVDFkUk1FOURNREpPYlU1clRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpZeU9EZzROak0xTWpneU16VXlPRGsxTmpndk5qWXlNak01TlM4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVQzFIVEdGU0xUSmlkamh5VkVOUWFtWTJRMFppYWtVdk1TOHhNeTh3THpBdk9UVTJPREF6THpJME5UUXdPVEV3T1RNdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWBHUTE13ZDAxRVFYZE1WRUYzVFVSQmRFBRA6MAAQY3ZNQzgFfAkIDFl5T0RW_ABoWVcxekx6QXZNVFl5TlM4M015ODVPVGt2TXpJIQQwME5pNDNNQzR4TVRjdQVMfGpBd01DOHhOalV5T0RBeU16RTVMekUyTlRJNE1UUTVNATzwaVRNdk1UQXlOalF2LzNDdXFKTVk3V2l4b1VMeTNiRFNESWpBWUxUWSZub2RlaWQ9MjgxNCZncm91cD1jZGcmYXVjdGlvbmlkPTYyODg4NjM1MjgyMzUyODk1Njgmc2hhcmRrZXk9NjI4ODg6HQDwfXByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9iYWhhZmQmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNS44MSZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5NSZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhM2MkKtALAaEzUzNTA5MTY1NzkxMDEwMDM0ODAiCTI4MTY4NTI3MCoGMTAxOTM2Ogc2NjIBY_CwwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE0Ni43MC4xMTcuODWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBJbaqIYBiAUBmAUAoAXQkvLL6JHZ0ATABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX5yyH6BQQIABAAkAYAmAYAuAYAwQYABSUs8D_QBvmrAdoGFgoQBREdAYgQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8IAAEjRCAAMAA4vQZAAMgHx-wD0gcNCRFEAR4I2gcGCSdE4AcA6gcCCADwB4njAooIAhAA&s=6f6852995bc7c2f5aaa1ac0c3335fa699542139a&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=4750367241039925270&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:22 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
aa774f3a-a760-45c7-af53-7b4d6ea964cc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 56E9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame 8948 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
comdirect_berater_300x250_js.png
s0.2mdn.net/sadbundle/6979732036807963214/ Frame 9060 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6979732036807963214/comdirect_berater_300x250_js.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979732036807963214/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b6d4ad67989d0d596709245696c3d3f82192ba78f2696d3a17830aae68374a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6979732036807963214/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 10:30:39 GMT
x-content-type-options
nosniff
age
450883
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111336
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:04:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 10:30:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2D81 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEVosyHPq7AHQGZunZvPpwkUUmvyDFkS0DzREFtGqSj-RFm8lIS8dNfwIcSP--j9R6V04pMB4Jx3WeaQjOo-Vp6wjqtmull3Sbmcyfah0_VK7SIoHaCmUUeBeYkubrrJjKegbGB3WnYWVNehuhIqA1H-8won4&sai=AMfl-YSawGRmaxhCTl5k2EUkvcrkkbvewLwDnkwS3wR_thanVubh58J8MjDKPOa9P5AGA_5B6duz-WO3d51BktbUcfDnEYj-HUaQIgk&sig=Cg0ArKJSzFx3poSr7oBTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1789&vt=11&dtpt=1218&dett=3&cstd=569&cisv=r20220511.97114&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 May 2022 15:45:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame B163 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bba90a18481b39ff1b457148b173ea61e73632d785c84bcbcee54cd00b5018d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame B163 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame B163 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa34a0a9cfab7678278925a6adc9de74f4c743f9425a219a418c0880c10faf9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js
pagead2.googlesyndication.com/bg/ Frame 5721 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-xusYJ2at0dbS1ujZyBHkA92CrhnscK4RJsdXU_Rclk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb1bac609d9ab7475b4b5ba3672047900f760ab867b1c2b8449b1d5d4fd17259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 05:44:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
208843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13696
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 May 2023 05:44:40 GMT
01c1e650-14b2-4e9c-9997-79ad2f77b910
https://mediawoot.com/ Frame 1CB7 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mediawoot.com/01c1e650-14b2-4e9c-9997-79ad2f77b910
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ivawnoge&e=1068016250166
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
activeview
pagead2.googlesyndication.com/pcs/ Frame 3568 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGKle2fJRTr7c7s7YbN8Tj6LPvzrKr-SuikicJGqEBwkT1PoxvDYU9zs_W0C-NeyeGHqIPJ5YK3DfOgwR_OCe1Su2Nkyrl_u0&sig=Cg0ArKJSzAg8Nr_KFJPEEAE&id=lidar2&mcvt=1133&p=0,0,250,300&mtos=1133,1133,1133,1133,1133&tos=1133,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802319425&rpt=2485&met=mue&wmsd=0
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 748A 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:23 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5a426fcd-3a68-49f9-956a-33a26ddca995
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/ Frame 1306 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/postback?ap=&sr=13&dm=300x250&c1=4562312&pp=10264&si=5614020&ac=651871&ci=619621&ui=78d00aa7-9d48-66cd-0000-000000000000&ti=6288863528235289568&r2=&r3=&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fua.korrespondent.net%2F&pv=0eaeb631-9796-443e-a6d7-bb939c981128&de=43003&cr=6622395&ai=216536&r1=146.70.117.0&sid=AUVLBmgFEeO_DMnU&oz_sc=8bb5b0b27d5809294117aec8&oz_df=1652802322951&oz_l=4120&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.58.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:23 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
viewability
hal90008.redintelligence.net/ Frame 93CC 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=67452400152568000951425011962008&a=5a5b9cb1&vb=v
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=67452400152568000951425011962008&a=4db25b0d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=67452400152568000951425011962008&a=4db25b0d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:23 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
pd
u.openx.net/w/1.0/ Frame F4BC 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:23 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
syncframe
gum.criteo.com/ Frame 7325 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:22 GMT
server-processing-duration-in-ticks
3814
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame BC5D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
truncated
/ Frame 9060 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bba90a18481b39ff1b457148b173ea61e73632d785c84bcbcee54cd00b5018d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 9060 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 9060 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa34a0a9cfab7678278925a6adc9de74f4c743f9425a219a418c0880c10faf9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
generate_204
tpc.googlesyndication.com/ Frame 7CB4 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QHGguA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
beacon
ap.lijit.com/ Frame DB12 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
pd
u.openx.net/w/1.0/ Frame CB2E 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame EE21 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 16B9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40727
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589248
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802323.397920,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame AA8C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 9F8E 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0EF4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40727
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589250
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802323.411905,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 9594 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame FB3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
ixmatch.html
js-sec.indexww.com/um/ Frame AD9A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8597 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40728
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589255
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802323.471341,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame BB13 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame A82E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 8EEB 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame 3C84 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
pd
u.openx.net/w/1.0/ Frame 4FA6 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame F5CA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40728
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589256
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802324.500302,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 81A8 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame D08F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
ixmatch.html
js-sec.indexww.com/um/ Frame 313D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3DDE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40728
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 590582
X-Served-By
cache-lga13628-LGA, cache-hhn4041-HHN
X-Timer
S1652802323.492586,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 376F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 299D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
pd
u.openx.net/w/1.0/ Frame 1B97 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame BABB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 3204 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 1839 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 1A47 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 907B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40728
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 590583
X-Served-By
cache-lga13628-LGA, cache-hhn4041-HHN
X-Timer
S1652802324.500934,VS0,VE0
beacon
ap.lijit.com/ Frame 59A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
ixmatch.html
js-sec.indexww.com/um/ Frame DB62 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A027 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 4CF0 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 46A5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40728
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 590584
X-Served-By
cache-lga13628-LGA, cache-hhn4041-HHN
X-Timer
S1652802324.518526,VS0,VE0
beacon
ap.lijit.com/ Frame 7C1C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
vevent
ams1-ib.adnxs.com/ Frame 3568 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiQho-UBhD3wtWAhYHR6j8Y0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF48JsDgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q2RENnlFTU9EWW9DMEJOS0Q5dThQeGUtejJBTDYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RVDdTZFE3SEtpQlQ5Z2ttYWJ3YlVzYlh1eHJGRlJMRGtvR0x4OExnVDRjUXBqWEVrVmp4YzVIQW8yTUp1eUdURW5nY2xkSzBEVFhHLURSbC1OMzY5MjlIck9MWDJBVURKQU4xbDhSOEN6RUl2VHRHTlZfay1QXzV3V2xNazBINDlJTjJqNm1tUXprVmN0b2VrQW9WRy1nSXp1QVlocWpMTEpwMUJ1ZU9peXhHWVdodWxlOEo2M19mYXNkZDdfWVEzdVN0RklocTBhdVo1M2lTM09ZTFM4NGlHRHFQRzJjRGJNNnpuSmIyTWhBWkdLNTlhN0FUYmtnNWNCdHo3UjNfMDIyMUFKS19wc0VpN0h2aFNkSWRwWHROVWN6LU5uMFRjTTJPOWR4UXl3UzdoY2JVaHU5aDJ6dEJ3VzRNb0xlMUNfanI5RHlqRFBDN3lTeGdoR2hIYkxCT2FyZXViM0szbC13S2RwVjktVW42UVlGQ2tHY0FFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9WmlkMDRfMVpQUWsmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um9XQXlEbk5ZdmJhRkluRUtyeUJTS3RnJnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM0NTk5NjU3Mzk2OTIyODM1MzE5IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFtbj6rvLlpvQGwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAfwmwPSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=d2a57a8f5f666d43ac6c97252da02263361489aa&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=4750367241039925270&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:23 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d86385cb-9464-4b0b-b95e-cdd0d26d4ca7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame A621 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7A96 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame CC44 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame 92B2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40728
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589257
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802324.526881,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 95BF 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 0FEF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7DDB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40728
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 590585
X-Served-By
cache-lga13628-LGA, cache-hhn4041-HHN
X-Timer
S1652802324.529897,VS0,VE0
pd
u.openx.net/w/1.0/ Frame C30E 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame 2376 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
usync.html
eus.rubiconproject.com/ Frame BC49 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F2DD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40728
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589258
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802324.536378,VS0,VE0
beacon
ap.lijit.com/ Frame 93A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
usync.html
eus.rubiconproject.com/ Frame B3D3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 056D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 0DE7 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
pagead2.googlesyndication.com/bg/ Frame DE26 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ye9v6Im9tluz9H2voON4Knt27QwLK-_39wqINbvc4zs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 05:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
122079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
last-modified
Mon, 09 May 2022 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 05:50:44 GMT
pd
u.openx.net/w/1.0/ Frame E4AD 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame F308 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame 818E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40728
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589259
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802324.612493,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 95E0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CDDB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 2D81 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8eChy_E1ZFkgzKvzznsiuglTs61kBROQX-pJRNOWp_EIamyQSiTzSfb7-LN5eCFReLKU9KyJBdpCYJEY_bSPc4cZOgbAOovI&sig=Cg0ArKJSzMv7Nhj7GL60EAE&id=lidar2&mcvt=1164&p=0,0,250,300&mtos=0,0,1164,1164,1164&tos=0,0,1164,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=0.65&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802319481&rpt=2940&met=mue&wmsd=0
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame A048 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 512C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 823F 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame B604 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame E542 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40728
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589261
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802324.673462,VS0,VE0
pd
u.openx.net/w/1.0/ Frame AD4D 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 1B2A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 5A53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0876 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40728
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589263
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802324.732391,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 4380 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 83F7 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7141 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C6B0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40728
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:23 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 589264
X-Served-By
cache-lga13628-LGA, cache-hhn4055-HHN
X-Timer
S1652802324.741520,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 491D 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 17 May 2022 15:45:23 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame DDE1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 17 May 2022 15:45:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
sid
mug.criteo.com/ Frame 7325
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=korrespondent.net&sn=ChromeSyncframe&so=3&topUrl=ua.korrespondent.net&bundle=Q01WQ19CRnA4ZG9RN1c4aUpBbVlBZ3lIb0xOekxac2VmdjhSd2xib3I5NzdxU...
  • https://mug.criteo.com/sid?cpp=uaYIDnw4bEk3L2RuSnBaM0xYLzlUcGM3YVdxVHdpOXVtcm04WTFZQzlSdk8wdlNHNWl3NUxSbkxTVlYyTmhWWHp3ZXhUNjN2SUxXWUV0VjYrT2ZPZVBxZENhZktzREtJZFlQQjFweGVhZThFcnhUZEs1SytUWkVMaFJyeU...
452 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=uaYIDnw4bEk3L2RuSnBaM0xYLzlUcGM3YVdxVHdpOXVtcm04WTFZQzlSdk8wdlNHNWl3NUxSbkxTVlYyTmhWWHp3ZXhUNjN2SUxXWUV0VjYrT2ZPZVBxZENhZktzREtJZFlQQjFweGVhZThFcnhUZEs1SytUWkVMaFJyeURITjhCT2p0Q3I4bzdWcjB5dUZaVkZzTTd0aFd5M2FXT0xCQnQ5S1ZqNUwxYjJNTW1Fc2IrNmRRYUhBSmMrelZJeE12RnJyUUpYVVhDUmNXb0xzMlRyYXFoSUgrNWh1d1VPZkNwVjN6Y0ZheHpxME5nVmRPeEJlbkVLcnpoWjdJdk95Y0dET2EwUnhWclF1em52dDdGazdnNDBPOGtHb1ZQYXdXQ2VGSDQ2Rkc2cGxHWWladz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
8cedba537a98853807b9ab270a4c129ce3b27067c9aca0ec45907744beeb3612
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:23 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3350
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:23 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=uaYIDnw4bEk3L2RuSnBaM0xYLzlUcGM3YVdxVHdpOXVtcm04WTFZQzlSdk8wdlNHNWl3NUxSbkxTVlYyTmhWWHp3ZXhUNjN2SUxXWUV0VjYrT2ZPZVBxZENhZktzREtJZFlQQjFweGVhZThFcnhUZEs1SytUWkVMaFJyeURITjhCT2p0Q3I4bzdWcjB5dUZaVkZzTTd0aFd5M2FXT0xCQnQ5S1ZqNUwxYjJNTW1Fc2IrNmRRYUhBSmMrelZJeE12RnJyUUpYVVhDUmNXb0xzMlRyYXFoSUgrNWh1d1VPZkNwVjN6Y0ZheHpxME5nVmRPeEJlbkVLcnpoWjdJdk95Y0dET2EwUnhWclF1em52dDdGazdnNDBPOGtHb1ZQYXdXQ2VGSDQ2Rkc2cGxHWWladz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1235
content-length
567
expires
0
usync.js
eus.rubiconproject.com/ Frame EE21 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54017
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
usync.js
eus.rubiconproject.com/ Frame 9594 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54017
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
async_usersync
ib.adnxs.com/ Frame C828 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:23 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
80bff5e8-81c1-4b60-a876-cb86fe15587c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame BB13 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54017
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
vevent
ams1-ib.adnxs.com/ Frame 2D81 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLC_BMywUAAAMA1gAFAQiQho-UBhD6o9Tt3OOGpjoY0sWY0qrvobloKjYJFHZR9MDH0z8R3pyT3DYz0D8ZAAAAIK5H0T8h3pyT3DYz0D8pFHYJJPR3BTEAAADgUbiePzDLiKkKOJhQQLwJSGVQz57EqgFYk8KLAWAAaLTYsAF4kucFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgOoBwrxBmh0dHBzOi8vYWR4LmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc_YWk9Q0J2ZFJFTU9EWXJLQ0VNbkg3X1VQbnFlRzRBYjYwcnY5YWJfTDNKajFEX2d1RUFFZzVwZldKV0NWNHBDQ29BZklBUW1wQW10YTNWWkNyckUtcUFNQnFnU1hBa19RaExxUXl3eVpSMFJvalFfMUl1ZlNJdFZqN3J4MnE3UmZ6MzJiN3E0cFpUb193UjdIMm5pZUVpdmpBU0t2N1F3VFVzZFl0dk84WUtrN1FpdnMxbFJkRUZwZVdiUDc2RjRTNFZwYzlFMmJZSE5Kbk5OSTV4MmhUTlVvcHJCSjhmMmF6QW5aMUpSV1d2TlJ5dWFScUU5MzhJeU9YM05tcVo3X053SFRnZElMMC1uNzU2YUNsNEM1QzRXNmZvRmRXdFZYS21pLXpzWTZucThneDJUZEEyZEF3WXR0dzdfT3MxWDU2T2ZBZzB3cHlPZW15M3NCNGNRQXdzb1FTSlpRREpqcjVYVWtzOENRR2NOZkQ2bmYwc0N3TjIyMXVhakFxelM5R1ZnSXI2NzFtTHpfSVFoSGx3XzdpVWtmVl9zbVlySFB5OXczTUxFWEsxYVVMY2kwSXI4eGhHM0ZKZE1ORjM5MUtscWloVHBCWW05dHZvR3EwOEFFM3NXX25vb0U0QVFEaUFYWGlaanZQNUlGQ3dnaUVBSVlBVWlENTdzQmtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVk5Z0FmN21venJBYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTXZ1RWhpRzhOUEpBZElJQ1FpQTRZQVFFQUVZSF9JSURtSnBaR1JsY2kwMU5qRTBNREl3Z0FvRXlBc0JzQlBaM29rUHlCUGN6WnpnQTlBVEFOZ1RDdGdVQWRBVkFZQVhBYklYQ0FvR0NBQVNBQmdBJnNpZ2g9akNSUlNJeVhvRFEmdWFjaF9tPVtVQUNIXSZjaWQ9Q0FBU0V1Um9RZHNyYnFRWW5RSUNaNURSaTYxVmF3JnRlbXBsYXRlX2lkPTUzMiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM0MjAwNzYyMzY3MjQ5MDI3NTc4IgkzNTc2MzM4NzEqBzYxMzE0MzE6CTQyMjkwMTc2NsADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xNDYuNzAuMTE3Ljg1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATPnsSqAYgFAZgFAKAFvar_7N6cw8wDwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF3sAB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBovlAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE3MTQ0NjEyMDU1ugcPCAAQABgAIAAwADi9BkAAyAeS5wXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4njAooIAhAA&s=18a20c3090d8d58744a0519c5025a0cf15e922d9&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=0.65&sid=4750367241039925270&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:23 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ba06cd83-7ab6-48d9-bb42-402124f2853f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 81A8 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54017
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
usync.js
eus.rubiconproject.com/ Frame 376F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54017
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
usync.js
eus.rubiconproject.com/ Frame 3204 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54016
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
usync.js
eus.rubiconproject.com/ Frame A027 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54016
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
async_usersync
ib.adnxs.com/ Frame 16B9 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
13b0f6d1-baf5-4288-8f39-39499213d860
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0EF4 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cf434a30-45ba-433b-aee8-66af77d46d96
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9624 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
92adf95d95602bcfbd5321346cae061b7f4b9c2d321c2c2091c18aa73a6d626c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1595
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
230|39|241|73|47|46|196|41
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usermatch
ssum-sec.casalemedia.com/ Frame 24D5 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bb36be755d8da3d9800a788401ce344ea2ba840eb0a3aee39ed22758f52c3301

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1644
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
206|3|88|4|188|13|65|51
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame 8597 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f5309ce5-e52a-47a2-8fa9-2991ffceee02
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame D0BE 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
56544235f4699be5e960fe12b722dec724157b5bbbc745760ea46cf227641fb5

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1629
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
3|206|130|88|230|10|8|90
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usync.js
eus.rubiconproject.com/ Frame 7A96 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54016
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
usync.js
eus.rubiconproject.com/ Frame BC49 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54016
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
usync.js
eus.rubiconproject.com/ Frame B3D3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54016
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
usync.js
eus.rubiconproject.com/ Frame CDDB 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54016
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
async_usersync
ib.adnxs.com/ Frame 3DDE 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
862e9f1f-bb51-480a-985c-94a04650ddf0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5BD8 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9a5e191db71d39acd629e1bf5512097d244ab3d398f10833e8dc2ce47d5e02a7

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1351
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
130|111|64|90|39|46|18|109
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usync.js
eus.rubiconproject.com/ Frame A048 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54016
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
async_usersync
ib.adnxs.com/ Frame F5CA 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6fb85ff3-0eaf-42f4-86f0-530a83ede169
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 907B 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0520eee6-e0ce-4492-a9cc-31fc2005d89e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4380 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54016
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BBE6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMM-pls4icIUwr1TIeX9CsGjYb_-RpUQ6uCAEC2iHX1PUfcpl7_yfTgJlYJ23rfTTbfzN8hs3k1zAcfmgqtjUk6JXgSqxEfkq39W56U5zwmbw&sai=AMfl-YTmmowVVwbjb-Q1FuFkvFfdRS_ZwVZUMPhP4EPOt4ie3PzNe9cBApeEGN4d7CTFzbNw3xX1Wl-zKJaEupwmcYvKPmRkBNwVw2vaGTwx6VcYhN42zABJ3lvpsip-&sig=Cg0ArKJSzK4lV1y3OsUyEAE&cid=CAASJeRollwWiLxrkmLioaNgDtGbeRm-v0a9MQGFG_QRNy1TXQUb6zc&id=lidar2&mcvt=1159&p=911,1375,1233,1675&mtos=0,951,1159,1159,1159&tos=0,951,208,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=0.77&if=1&vu=1&app=0&itpl=20&adk=1907443763&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802320451&rpt=1025&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FCF4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssF6d8iPiDrm2wYsX0BS_fJXyYGNzQf_vjEoXtZnWsBDSkEUFiRiUpHsAmDUhIxfGUPsQaad2ycDeImLmDr7binj8hkCeZJDaGJF8dex-oxxp5G_BRj&sig=Cg0ArKJSzN2Iz969kyfHEAE&id=lidar2&mcvt=1161&p=911,1375,1211,1675&mtos=0,1070,1161,1276,1276&tos=0,1070,91,115,0&v=20220511&bin=7&avms=nio&bs=1600,1200&mc=0.78&vu=1&app=0&itpl=19&adk=117400872&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802318995&rpt=106&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7141 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54016
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Wed, 18 May 2022 06:45:40 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=6602&event=impression_mrc&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:24 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
/
t.cotsta.ru/v4/track/tag/ Frame 0A51 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=6603&event=impression_google&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:24 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
usermatch
ssum-sec.casalemedia.com/ Frame C76F 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bd968bafa95920075a6fdb35ba2dffef9b2f9b72e00bffd56a129d993f1f7344

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1356
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
81|176|105|57|195|8|196|191
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usermatch
ssum-sec.casalemedia.com/ Frame 9356 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82f0120f66835d4dc2f614bfa86ca8d74c6118c6e61121997563fbd2b57dcb25

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1376
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
81|176|105|57|4|156|24|191
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame 46A5 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
00e40309-5e15-4f23-b2bf-84539ff3f254
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 92B2 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
863d8a5e-77b8-4dae-ab17-fabdc53dd1ce
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7DDB 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8616fe3e-955a-495b-bfd2-5d678bddbe97
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7952 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e7cb8d2eb8aa65befe56d802a02115ce2a22a9d707091b7ec49f38cbdb88489

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1482
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
31|26|5|152|40|88|196|41
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usermatch
ssum-sec.casalemedia.com/ Frame A4B5 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dd5b2ffcb848c9ebbb3161edcc56791000d8e3b6076a3cc6c159fc41f70ec143

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1484
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
26|31|5|152|111|230|40|191
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usermatch
ssum-sec.casalemedia.com/ Frame 7BE2 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ac37566ba24affe5cd96657786cd3df70717d9a133449db70c194520a7c132ea

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1564
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
123|31|26|5|90|57|238|13
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame F2DD 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fb5c4f97-0100-4358-a16f-1d6e266c1cf8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 14BA 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b6ed773d27ddf8e69ef3a5f65bfdb4c4d8ca68313d0bd16e15b71377fd819a9f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1543
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
123|26|31|5|206|65|3|51
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame 818E 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
78cca01e-e407-4899-8321-54586898b4a1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 15AA 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9027070e08b6ef0f7b717eaed9e7c75e7e93555e1dcf8013a336df151a210518

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1459
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
123|26|10|31|46|111|17|40
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame E542 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1566929e-35b2-41a1-a404-e1a01488b196
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 034F 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0945640e0018b1ba725541a6e518f677cc417b9560c5fe62c4e53f076d58d96d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1588
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
10|218|190|17|47|26|130|24
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame 0876 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
007dc0ad-07a2-4eff-a6a8-0a4c1d8a7687
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 289A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b6ba54ad0acff6e405aadeacd6c8a411a0e4be6f51b38f55b355a2b08b040c80

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1538
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
123|239|218|190|241|57|90|130
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame C6B0 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a14df3cb-3e5f-43d4-b82d-cd6048dd3c64
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame BAD2 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a9bf9817f1e65c5dd71f61c73401bba1a5aea58622cea76d5e2817773fb0102e

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1571
Content-Type
text/html
Date
Tue, 17 May 2022 15:45:24 GMT
Dropped-Udsids
5|152|195|190|73|57|13|65
Expires
Tue, 17 May 2022 15:45:24 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
pixel
cm.g.doubleclick.net/ Frame 9624 		170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9624 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 9624
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
82C3BQSYVTVGEJH6FC1P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8RXT7HNNJHC07HZPCR6P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YoPDDVm4dy03i1pX65qZQwAABHgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9624 		43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YoPDDVm4dy03i1pX65qZQwAABHgAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a1a5:2084:5d16:63de Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 9624
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=p7KwXlvZ1NQZnU5&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=p7KwXlvZ1NQZnU5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:24 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-030b4f650890e7587@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=p7KwXlvZ1NQZnU5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 9624 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 9624
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

date
Tue, 17 May 2022 15:45:24 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
bridge
cm.adgrx.com/ Frame 9624 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-9
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 9624 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 24D5 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 24D5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:24 GMT

Redirect headers

Date
Tue, 17 May 2022 15:45:24 GMT
Server
MT3 4409 ba5503e master zrh-pixel-x10 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 17 May 2022 15:45:23 GMT
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 24D5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YoPDFAACB89MCwA2
85 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YoPDFAACB89MCwA2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
1983
x-served-by
cache-hhn4070-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1652802325.005646,VS0,VE0
content-length
85
x-cache-hits
20329

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1652802325.742927,VS0,VE92
x-served-by
cache-hhn4070-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YoPDFAACB89MCwA2
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 24D5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3189956170256689172
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3189956170256689172
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:24 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3189956170256689172
pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
CookieIndex
rtb.adentifi.com/ Frame 24D5 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.104.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-104-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
content-length
0
content-type
text/plain
indexexchange
sync.adotmob.com/cookie/ Frame 24D5 		0
0
rum
dsum.casalemedia.com/ Frame 24D5
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1652888724&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1652888724&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1652888724&gdpr=1
pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
sync
x.bidswitch.net/ Frame 24D5 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 24D5 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D0BE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:24 GMT

Redirect headers

Date
Tue, 17 May 2022 15:45:24 GMT
Server
MT3 4409 ba5503e master zrh-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 17 May 2022 15:45:23 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame D0BE 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame D0BE 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.174.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-174-52.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D0BE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YoPDFAACB5VL6gA2
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YoPDFAACB5VL6gA2&gdpr=1&_test=YoPDFAACB5VL6gA2
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YoPDFAACB5VL6gA2&gdpr=1&_test=YoPDFAACB5VL6gA2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1652802325.005624,VS0,VE0
x-served-by
cache-hhn4070-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YoPDFAACB5VL6gA2&gdpr=1&_test=YoPDFAACB5VL6gA2
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame D0BE 		170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D0BE
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=669950513289
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=669950513289
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:24 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=669950513289
crum
dsum-sec.casalemedia.com/ Frame D0BE
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8221c1bc-a49d-4ff1-b49e-221b3f7eac16&expiration=1684338324
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8221c1bc-a49d-4ff1-b49e-221b3f7eac16&expiration=1684338324
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8221c1bc-a49d-4ff1-b49e-221b3f7eac16&expiration=1684338324
date
Tue, 17 May 2022 15:45:24 GMT
server
Kestrel
content-length
0
no_match_opted_out
um.simpli.fi/ Frame D0BE
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 May 2022 15:45:24 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Tue, 17 May 2022 15:45:24 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 16 May 2022 15:45:24 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame D0BE 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 5BD8 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.174.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-174-52.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 5BD8 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5BD8 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
no_match_opted_out
um.simpli.fi/ Frame 5BD8
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 May 2022 15:45:24 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Tue, 17 May 2022 15:45:24 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 16 May 2022 15:45:24 GMT
casale
match.adsrvr.org/track/cmf/ Frame 5BD8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
secure.adnxs.com/ Frame 5BD8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 5BD8
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1668699925&external_user_id=0e2a0e45-a4e5-42a2-8823-6ec61a2b86aa
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1668699925&external_user_id=0e2a0e45-a4e5-42a2-8823-6ec61a2b86aa
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1668699925&external_user_id=0e2a0e45-a4e5-42a2-8823-6ec61a2b86aa
date
Tue, 17 May 2022 15:45:25 GMT
access-control-allow-origin
*.casalemedia.com
content-length
157
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 5BD8
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=8954e4f5923044879397095149e9a268&expiration=1655394324
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=8954e4f5923044879397095149e9a268&expiration=1655394324
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:24 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=8954e4f5923044879397095149e9a268&expiration=1655394324
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5BD8 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C76F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=y_TYKZ710HnQ_tIvzfLNIsWlhSPQoIUoxaJSZvvU
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=y_TYKZ710HnQ_tIvzfLNIsWlhSPQoIUoxaJSZvvU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:24 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=y_TYKZ710HnQ_tIvzfLNIsWlhSPQoIUoxaJSZvvU
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
113
match.deepintent.com/usersync/ Frame C76F 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:23 GMT
content-length
0
server
b
crum
dsum-sec.casalemedia.com/ Frame C76F
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Tue, 17 May 2022 15:45:24 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame C76F
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Date
Tue, 17 May 2022 15:45:24 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame C76F
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-f953fd67-8db1-4863-8f77-9c13d1296587
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-f953fd67-8db1-4863-8f77-9c13d1296587
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-f953fd67-8db1-4863-8f77-9c13d1296587
date
Tue, 17 May 2022 15:45:25 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame C76F
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=e1ce81bd-5dc9-4d02-a71a-91b5249161ba&expiration=1684338324
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=e1ce81bd-5dc9-4d02-a71a-91b5249161ba&expiration=1684338324
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=e1ce81bd-5dc9-4d02-a71a-91b5249161ba&expiration=1684338324
date
Tue, 17 May 2022 15:45:24 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame C76F
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

date
Tue, 17 May 2022 15:45:24 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
index
dmp.brand-display.com/cm/api/ Frame C76F 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.232.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-232-224.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
last-modified
Tue, 17 May 2022 15:45:25 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Tue, 17 May 2022 15:45:26 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame C76F 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9356
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=y_TYKZ710HnQ_tIvzfLNIsWlhSPQoIUoxaJSZvvU
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=y_TYKZ710HnQ_tIvzfLNIsWlhSPQoIUoxaJSZvvU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:24 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=y_TYKZ710HnQ_tIvzfLNIsWlhSPQoIUoxaJSZvvU
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
113
match.deepintent.com/usersync/ Frame 9356 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
content-length
0
server
b
crum
dsum-sec.casalemedia.com/ Frame 9356
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Tue, 17 May 2022 15:45:24 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame 9356
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Date
Tue, 17 May 2022 15:45:24 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 9356
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3189956170256689172
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3189956170256689172
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3189956170256689172
pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cookiesync
bttrack.com/pixel/ Frame 9356 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Tue, 17 May 2022 15:45:13 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rum
dsum-sec.casalemedia.com/ Frame 9356
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c2d2bfef-e169-4406-8bb8-e4b7098b587b&us_privacy=null&gdpr_consent=null&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c2d2bfef-e169-4406-8bb8-e4b7098b587b&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 17 May 2022 15:45:26 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c2d2bfef-e169-4406-8bb8-e4b7098b587b&us_privacy=null&gdpr_consent=null&gdpr=1
date
Tue, 17 May 2022 15:45:26 GMT
server
_
content-length
0
index
dmp.brand-display.com/cm/api/ Frame 9356 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.232.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-232-224.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
last-modified
Tue, 17 May 2022 15:45:25 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Tue, 17 May 2022 15:45:26 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 9356 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
setuid
px.ads.linkedin.com/ Frame 81A8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3ABTRSW-O-AHZG
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3ABTRSW-O-AHZG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 12CD7A654D724A029625A7033B177A00 Ref B: FRAEDGE1119 Ref C: 2022-05-17T15:45:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXfNwd2TDYKVPtSF+aFXQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3ABTRSW-O-AHZG
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 81A8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3ABTRSW-O-AHZG&sigv=1&esig=2~bf6532cd39ae7a1d4559d4aa63e7d314a076d743
0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3ABTRSW-O-AHZG&sigv=1&esig=2~bf6532cd39ae7a1d4559d4aa63e7d314a076d743
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3ABTRSW-O-AHZG&sigv=1&esig=2~bf6532cd39ae7a1d4559d4aa63e7d314a076d743
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 81A8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yPOQhGFOZb8N1vz6LeOcjg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5026605210834952630
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5026605210834952630
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

date
Tue, 17 May 2022 15:45:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5026605210834952630
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
ecm3
s.amazon-adsystem.com/ Frame 81A8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=92P6T8kdRuy3DpDfrp6Ytg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=92P6T8kdRuy3DpDfrp6Ytg
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=92P6T8kdRuy3DpDfrp6Ytg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9EMAZZZR6YET15PYTXFC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=92P6T8kdRuy3DpDfrp6Ytg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 81A8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 81A8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2ZmZjczOGRmNTI4MTQ3OTIzYTY4NjViYzBhMzM5YTM3NDgyMGVkMw
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2ZmZjczOGRmNTI4MTQ3OTIzYTY4NjViYzBhMzM5YTM3NDgyMGVkMw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2ZmZjczOGRmNTI4MTQ3OTIzYTY4NjViYzBhMzM5YTM3NDgyMGVkMw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 81A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 81A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFdmPhT0ejj9MUFZWc2yJi4&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFdmPhT0ejj9MUFZWc2yJi4&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFdmPhT0ejj9MUFZWc2yJi4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.taboola.com/sg/indexscod/1/cm/ Frame A4B5 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13953
noop
px.owneriq.net/ Frame A4B5
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7060887241939606019&uid=Q7060887241939606019&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-246-168.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 17 May 2022 15:45:25 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
ix
ad4m.at/ad/sim/ Frame A4B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame A4B5
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a8515a7f-b9f7-44b5-8a22-39657d094a03
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a8515a7f-b9f7-44b5-8a22-39657d094a03
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a8515a7f-b9f7-44b5-8a22-39657d094a03
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame A4B5 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame A4B5 		170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame A4B5 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.232.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-232-224.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
last-modified
Tue, 17 May 2022 15:45:25 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Tue, 17 May 2022 15:45:26 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame A4B5 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
noop
px.owneriq.net/ Frame 7952
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7060887241937922929&uid=Q7060887241937922929&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-246-168.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 17 May 2022 15:45:25 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 7952 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13953
ix
ad4m.at/ad/sim/ Frame 7952 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 7952
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=2640c686-b87d-4098-93d2-c06ec211384e
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=2640c686-b87d-4098-93d2-c06ec211384e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=2640c686-b87d-4098-93d2-c06ec211384e
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 7952 		85 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1652802325.913850,VS0,VE89
x-served-by
cache-hhn4070-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 7952
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

date
Tue, 17 May 2022 15:45:25 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
bridge
cm.adgrx.com/ Frame 7952 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-9
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 7952 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 14BA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=jNbs6ywuQPpg_58XXmxIgpJGdVU
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=jNbs6ywuQPpg_58XXmxIgpJGdVU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=jNbs6ywuQPpg_58XXmxIgpJGdVU
Date
Tue, 17 May 2022 15:45:25 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 14BA 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13953
crum
dsum-sec.casalemedia.com/ Frame 14BA
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7060887241937922929
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7060887241937922929
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Date
Tue, 17 May 2022 15:45:24 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7060887241937922929
Cache-Control
max-age=8780
Connection
keep-alive
Content-Type
text/html
Content-Length
154
ix
ad4m.at/ad/sim/ Frame 14BA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame 14BA 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 14BA
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1652888724&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1652888724&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1652888724&gdpr=1
pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 14BA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Date
Tue, 17 May 2022 15:45:24 GMT
Server
MT3 4409 ba5503e master zrh-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=08ac6283-c30c-4700-ad53-d22713a8b510&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 17 May 2022 15:45:23 GMT
sync
x.bidswitch.net/ Frame 14BA 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 14BA 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7BE2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ufHjqTSES0FrgG7630GiSJJGdVU
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ufHjqTSES0FrgG7630GiSJJGdVU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ufHjqTSES0FrgG7630GiSJJGdVU
Date
Tue, 17 May 2022 15:45:25 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
noop
px.owneriq.net/ Frame 7BE2
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7060887241665072254&uid=Q7060887241665072254&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-246-168.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 17 May 2022 15:45:25 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 7BE2 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14393
ix
ad4m.at/ad/sim/ Frame 7BE2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
no_match_opted_out
um.simpli.fi/ Frame 7BE2
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 May 2022 15:45:25 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Tue, 17 May 2022 15:45:24 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 16 May 2022 15:45:24 GMT
crum
dsum-sec.casalemedia.com/ Frame 7BE2
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Date
Tue, 17 May 2022 15:45:24 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
461886.gif
idsync.rlcdn.com/ Frame 7BE2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/461886.gif?partner_uid=YoPDDVm4dy03i1pX65qZQwAA%261144&&gdpr_consent=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
indexexchange
sync.adotmob.com/cookie/ Frame 7BE2 		0
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 7BE2 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 15AA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Yg_L79gBSj9W0DNoCC8SEZJGdVU
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Yg_L79gBSj9W0DNoCC8SEZJGdVU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Yg_L79gBSj9W0DNoCC8SEZJGdVU
Date
Tue, 17 May 2022 15:45:25 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 15AA 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13953
crum
dsum-sec.casalemedia.com/ Frame 15AA
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=669950356569
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=669950356569
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=669950356569
crum
dsum-sec.casalemedia.com/ Frame 15AA
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7060887241937922929
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7060887241937922929
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Date
Tue, 17 May 2022 15:45:24 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7060887241937922929
Cache-Control
max-age=8780
Connection
keep-alive
Content-Type
text/html
Content-Length
154
getuid
secure.adnxs.com/ Frame 15AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
match
c1.adform.net/serving/cookie/ Frame 15AA 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 15AA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 15AA 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 401F 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBmlbEMODYqmUD4mygAeLyJygBgAAAAA4AeAEAg&bg=!sLOls_fNAAZL3OSAa9w7ACkAdvg8Wv68yynlgnh7kxR69r6SQMlFdLxd0eQo5FO5U7pvMxZgZ3Ch8gIAAAVDUgAAAAJoAQeZAuTH2hoslwxVm0PMJ_hdioMuaV-wdveMMjQhgStyBZ_7Em-L8es-IosdmbOWKQiXrOILA_oMAL7RK3wojRmA_bqPk86bv9zlkv7se8FnBFSayAlyy-KB1MxsUC-mTW8RvNGWmCP0vJEFSc7_mljWHW-FUUVS-LN-t3ZbocfwzQ2hnXLdAK4VXoUKSYbeyvraW5HpLpSs6EN-RzKFubw4vNiJ-cHZVqel5nFqeXoA6t51vQ8-O3KmIPCXf4unYWFog1Fj92TSskyO0m2l4YQJ6gDt8TACFc5FAhA0Di2TPyzOVzT5JeIIanJ7l7ZizNpHOB2gb7GWnFxOAcIbtzdy7uXFS0llfxagCLVH_PoZKTWmUCuxvEyYgqwH4yWgDKfUj0jh26-Kw8wdKwh0dGYUUss8P87DaKnnJf3l8xu2lQswXNrb1CwJ16ANzDVUtSTYrIqUPfrNBM-9HiCydNRiir6Wn3PFtLRDTli_HOaLvVgnXZyHrEOMTWPoxTArtocb98Fq5h3ct5Iq9zDktwuexEMKsWwoJojHCgU7e9cPXGE0r4NAY4S9W60NYUtDp0XsBJ-f_aIFLkL9eco9nsHA5GmGRen6_S-vXLV20V_IuOKpKlHesC8nFLEwpiQ7nGR8w2MylhTmyrmm3cT2uSx9dyIc_IVyptR4Pybc-Of1uZNA8OxymEjJqiYwNkeCnkEVlZpRlArLgOIGf-j0nqPeB_qmJz5fC1NyajOzzvtolAmjYan5QBlWCA2IVgcurqImaeSsWHsYhv22nfEndW1KY33NGR9gOuCwIjpQqC8hJe3Dxz4xgcQj_9Vrorf_IwBWCGlbEZ3cQie0h7Te06HQfi5_Hl3k2VVtgleEUiO-Qcz5KE9NbCGC80qHVycpRY383GFt-fJTd6tYN_tIPjiQiRfdBcEuay_UK54-yg2XNwQSFRt1nOFI9jadXJVPhGTy5OyWKOU2oD4pmkqwvvODGhe288rPkA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 289A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=zwiYujeBQKRNFDgUPZ_8UZJGdVU
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=zwiYujeBQKRNFDgUPZ_8UZJGdVU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=zwiYujeBQKRNFDgUPZ_8UZJGdVU
Date
Tue, 17 May 2022 15:45:25 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 289A
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YoPDDVm4dy03i1pX65qZQwAA%261144&gdpr_consent=&us_privacy=&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1652802324655068-595
Expires
Tue, 17 May 2022 15:45:24 GMT
ibs:dpid=23728&dpuuid=YoPDDVm4dy03i1pX65qZQwAA%261144
dpm.demdex.net/ Frame 289A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YoPDDVm4dy03i1pX65qZQwAA%261144?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.102.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-102-158.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
getuid
ib.adnxs.com/ Frame 289A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
dcm
s.amazon-adsystem.com/ Frame 289A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NFT7QQ29VCF3GK1QP451
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7N2K2SVFQDN681TR49F3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAABHgAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 289A
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Date
Tue, 17 May 2022 15:45:24 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
no_match_opted_out
um.simpli.fi/ Frame 289A
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 17 May 2022 15:45:25 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Tue, 17 May 2022 15:45:24 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 16 May 2022 15:45:24 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 289A 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.174.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-174-52.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 289A 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 034F
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=669950356569
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=669950356569
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=669950356569
ibs:dpid=23728&dpuuid=YoPDDVm4dy03i1pX65qZQwAA%261144
dpm.demdex.net/ Frame 034F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YoPDDVm4dy03i1pX65qZQwAA%261144?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.102.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-102-158.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
getuid
ib.adnxs.com/ Frame 034F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 034F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 034F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=p7KwXlvZ1NQZnU5&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=p7KwXlvZ1NQZnU5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:24 GMT
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-0eac7293533ef1427@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=p7KwXlvZ1NQZnU5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 034F 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14327
ie
match.prod.bidr.io/cookie-sync/ Frame 034F 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.174.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-174-52.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 034F
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=16165943-0c6c-4d48-825e-2c42a3f26eb8&us_privacy=null&gdpr_consent=null&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=16165943-0c6c-4d48-825e-2c42a3f26eb8&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 17 May 2022 15:45:26 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=16165943-0c6c-4d48-825e-2c42a3f26eb8&us_privacy=null&gdpr_consent=null&gdpr=1
date
Tue, 17 May 2022 15:45:26 GMT
server
_
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 034F 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
ix
ad4m.at/ad/sim/ Frame BAD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame BAD2
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=cfcd973b-00c8-49ca-86b2-f7c61ee89cb2
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=cfcd973b-00c8-49ca-86b2-f7c61ee89cb2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=cfcd973b-00c8-49ca-86b2-f7c61ee89cb2
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BAD2
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3b6ca7a-a8a4-490f-ac39-b60fe0f17574
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3b6ca7a-a8a4-490f-ac39-b60fe0f17574
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3b6ca7a-a8a4-490f-ac39-b60fe0f17574
date
Tue, 17 May 2022 15:45:25 GMT
server
Apache-Coyote/1.1
content-length
0
getuid
ib.adnxs.com/ Frame BAD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
YoPDDVm4dy03i1pX65qZQwAABHgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BAD2 		43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YoPDDVm4dy03i1pX65qZQwAABHgAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a1a5:2084:5d16:63de Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame BAD2
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=7323113175054134207
Date
Tue, 17 May 2022 15:45:24 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
indexexchange
sync.adotmob.com/cookie/ Frame BAD2 		0
0
rum
dsum.casalemedia.com/ Frame BAD2
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1652888724&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1652888724&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1652888724&gdpr=1
pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame BAD2 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YoPDDVm4dy03i1pX65qZQwAA%261144
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 15:45:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2856
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 16:33:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DC0 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bb9lcEMODYvOzDpj03gO23qSgAgAAAAA4AeAEAg&bg=!6uml6a3NAAZL3OSAa9w7ACkAdvg8WjyDXfRNYRRTSSZh9G1VCG5i2CiU1diiFBZoJIqcddhiuBaYnQIAAAVLUgAAAAFoAQeZAtz8UG3jelcqAxSTQEmjtbsfO82LcEm__E8UWfLtowAmBBqvxa4bwVuDoCVD2HA1AOMzu6R36waclOGYAXRzSpr37QaxhpCHGvrLjcu8-ip7fgdZeWxQ3cG7q9P8KpUMKy5G0iAx_XinoU9CpYt0GVbAHn0JMWRTollzMc8b0_O71p7y2G5n-ZG9DsqmszFQ-nRZU-iGauUnJPvZQrW7VATqwd5ZfgjTL89UDE0S6rN0tex96s7Cub76gA7BOHhvzVxD5QG-FRAtEyNM3-ngXkxCkhVUG0SJQrHQ88GLR4hO9ZVCMCpN2A7cF7i3RMxDD8eKEoeUir6S4amu3kRG9CxYiQSwcT4JBAdXKkqd3C19flvZRSFZy_4q8LMJINY2AZY9FQ5PsRMvjLLBHeqhy9mMicsaOGPUuFUNsLs_Fy0W3rHISxqevNU2KvNPZ__qmddoT2spXvTrSkphm4HDmEuNNRPROuR9lFjFXjlGZYdy0_00QQRRQwtpzHULEvfvP7Q_7UHeoYoysyFVTUjB2IIG_gs3AXSkouE2B6_A58We3rxuV-A5BSj-nf-90V_EtpyvrA9uND4TlFcqVXVVbr2S3CHPDHelTBcAIXQGagGNUfU_lFWB4KTq4yND70QVi_WOpVKuCWttp-t9PgxA5OVlYLYzMHecKwndl-Z5IETDo8sweUU1safJUMF7hxRsB0XTMDMkuNREqep-GRrGywjggf1csId1n4Y1NtpWx6aWY1C_cB1AAJTq04Xk616xwd7HSPc3-6K9iwK9IV7vqoi9g2hgpJ7WTNQpgguvec3hZBjJnSfvk8ny0xjmBKTT-639ZP4ICfl6g5R-BQGhF277nQwOuXi3PfiSKfjHly2pW9cfqy2xznZCWHn0e5oiAkEm0bivB3JXLl-PT1joeQN7nUK_HIlZb2aafkZPRh_kckfJYGcfUVWqfHgt7pMxei1lJ76UA36F6AFNILY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame B5A3
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.247.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-247-148.compute-1.amazonaws.com
Software
/
Resource Hash
0f0190448b8357a09b42771763e337c83d31a3218952d31c39be4f941663c3f3

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 15:45:25 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Tue, 17 May 2022 15:45:25 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 15:45:25 GMT
location
/um/cs&eq_cc=1
cs&eq_cc=1
um2.eqads.com/um/ Frame 3600
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.247.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-247-148.compute-1.amazonaws.com
Software
/
Resource Hash
0f0190448b8357a09b42771763e337c83d31a3218952d31c39be4f941663c3f3

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 15:45:25 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Tue, 17 May 2022 15:45:25 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 15:45:25 GMT
location
/um/cs&eq_cc=1
cs&eq_cc=1
um2.eqads.com/um/ Frame F19B
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.247.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-247-148.compute-1.amazonaws.com
Software
/
Resource Hash
0f0190448b8357a09b42771763e337c83d31a3218952d31c39be4f941663c3f3

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 15:45:25 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Tue, 17 May 2022 15:45:25 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Tue, 17 May 2022 15:45:25 GMT
location
/um/cs&eq_cc=1
postback
s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/ Frame 1306 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/postback?ap=&sr=13&dm=300x250&c1=4562312&pp=10264&si=5614020&ac=651871&ci=619621&ui=78d00aa7-9d48-66cd-0000-000000000000&ti=6288863528235289568&r2=&r3=&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fua.korrespondent.net%2F&pv=0eaeb631-9796-443e-a6d7-bb939c981128&de=43003&cr=6622395&ai=216536&r1=146.70.117.0&sid=AUVLBmgFEeO_DMnU&oz_sc=8bb5b0b27d5809294117aec8&oz_df=1652802324715&oz_l=470&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.58.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:24 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
gen_204
pagead2.googlesyndication.com/pagead/ Frame 778D 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJAGJEMODYv6JEI3a3wOTzIu4DAAAAAA4AeAEAg&bg=!kpGlkdXNAAZL3OSAa9w7ACkAdvg8WhVZoHho43vV_Iq3Xkcq6TDqnh0FAe0Kvdj4aB_II1soLnxhVgIAAAWmUgAAAARoAQeZAtX78wh0sE9XxPXYwJjxyJ1TW0Vcxt9oF188z_x9cs7-BXyXPyEPly7ML3b4iZPmY8woj5azoXF3__FXChI-QQhh3FiWK9Q14pb0T_TD6g7b_7cVSqDkHeWbSAGJoL4EO-55jWy-81CV5Ec0ygPOHkLjuFFmOBtiT6kd2QBAwVz2BjBNOXWhmtcilFngxBz52pVum9BAwdT5UVWRK-hpItECt8DBM9o6kP7uG5E0yTlIeKEi9k2AevV3LbKYBYLI7Ggpd0Zd9dB6ld6S08n1-_5sIQTEactAJoHPraWTKS6NBA1DNqCmtJNDZQAS6AUZcxpR1EGkS6Mt7dF3IWA-E_dxKpnFmIoL4UoLCXjjRePW4b_06VNsXVpMJhpAn9zIIF7dSLzEB4pUEFXkz5wHDoNq-PFghK05Rw-c2uemE01EdaZaHXXatQhX2Zj89AVIP-ZnwrjKKb3NcdrJrCtAd5h7sdIJLowg9D2hlrsodMRRL8dlf4QiVHt-chnu5kxk7Lc-UZVu05C4vMax3np162GQwOgXqhwRfiH0iCyasOQpnOKsH4RZUE4qo1_q6wVHOj3baZh6pVgB3qj0daNgKcSxN0V2ADZowU1VBqr-HB0mO2RlqfHl7vJ_eXV9Uqb7aSBtz1clE2YYhL-w8c6fyO94GyGaZtwdtcprgNvhERGULhgwC25_1CATWcRNOaQu959qUEfj0hqob7bOQJqAb7X9HdjZCRRI42aFY8sUhDEYOppq6Tt36kX3YWby8Uo6eAMnnjJgrct7dNbH0bLkYV5Om156eqXYPElPpG-X72-V_EFQz2X25jV_xePFMMVqc7yzZzaeq0m81UwLi-ak2I7d2m5u8XPZO-7iig9ngFBK4rH9Fb_0N4LKWFrHVk7Cx4anKmp3yfKXcRHqDGFZLyGnMTMyw4-Zlna-m26h7qrj5qWhnHzN81Pl1ydd74xmwCmRE4_SUQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F4BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=1410699056145224&bg=!cnGlcTXNAAZX5TVhd-U7ACkAdvg8WqECYGDKphAXsUruMkC5e2hMVPIIEG1EzXGB0ruCbfQbuIuiXAIAAAdKUgAAAApoAQcKAAzs8AUyt6OTurgwpgCZAyjQE_Ul0iOTUfA91sGOJSFYT_RKYDJOwcvozg9mhCRbjal02StGZ2pCn81KCKSHG-anIh8tFg5x1dTVpADPHcVT_IaeKInTZKvQQqSLXcveL3qtdfSx_79TmLnA5AsbrN5KYaklatqypWpWusQWPum2VrPvgdMyv6tpwvxRzofNzIoSyIo3kbRl8uVLlus-M1ZYv17vz12vW6DN1S8Pd8sNMBgmS0UlfF3oNSlcQr9NkXl14X5u9H9A-Lc6RFZvDH2wJR6jBuRiM30kc6tutA_5ZByneiYHV_9LIrhHoHqN6RuxeJ6SL8VDVsRSMbPQw2QAXK4oN-0vkjeCVdw6Tcekp97z9u3uIsWJ9Xy0t65g-qQ-RbvQmQgKp6HmFXgYt9Q5U9Cv1vjZq1uibeAA4MA5KchrU5zYnPM-C0gxsQoMznIasGmRPXJ03mQq8Kl6L7I_lAKGGhJgM7yxHCsgB9GT1mSfpMj5dKrmhIBGYEeFIC6-I0A9NZG5Ho1IZNJpqHjnrK9TsYA5utCjvXVeZNeYw0FgAW1zBlQg48Ur0VEd-sv4VEYO8RgKZFmwSK3RmYWjHW6LsisVrBPqwQRU8w9eCWQQobkeBzGsxm7SW8IRE48q905cxYXEn7Jjza3PkrKjwfxO24wB1xYndG_gEl-3OUO8m7_lGI19-iMnfYcyYTN8HbBsXi_IAaDMgt7LMoOhqifhZ1dPfkvqMak0LVasZUx4nCvwbtKYMXCooGJjsjvO-4Awz-wKGRh_IGRMq3V-KKaec5oKtjamTWDkY58AVlArNJ6r-4wQQ7mGFXHlM44njLP91d2uSIYXaiAvrNe4mSFbKXC9d2klZwBuKj1WDJVvzvWF9BZIFLTDtGhTXiHdifglMnPlS0hk-CBrhcFGID-PN-GmV53dkdMkNjI3qDgI1yZwAyi8GcNTDlNV9mafztLed9w2TDhiHoSujKsus5RKlanBG_Z4R5xpfaNxJ68WDkmR0oH2Jp56Y-rZn0tMdsj8Pr-FpEgbOqCXUHw3VdDENtvpzg7sQMWw-0BmYNgRohSaSWAuqLUWTqlx5acE2W254Re7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44D3 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7fTsEMODYuP9EaStlQeol5_QBAAAAAA4AeAEAg&bg=!JCelJ2PNAAZL3OSAa9w7ACkAdvg8WuKAVPeEljFNC4LrRWtZV3j40pJpXUcDPrIx-ajeI3OgzMjrzwIAAAZVUgAAAAFoAQcKAEUQfH6upibJR911cd7DtK72XHeORnUVN4XvOiO3hkNF6a2CZIhdBnmg48cyToKP804SOZ28R-Y6uIpjSR4w0XQEwKE6K4-ZAtIx9uHDYvYKpF8Vlo36yarxRq7rGA8TqbT6C3ZvjDB6bvJm-JFy3wiThnj8cNeetCN1-ajOH8oTpqD9aTwXn_81xSlG0VmdqxoP6aozDGYnfgucygQnRaRiQYG_aReREj9ROldJO7kXvyzc-oAP3Q9_OUCZGlTHTb4YVGmO9UuKYiG5K593hL-zJJm2D3G9zRQIv8pfH4yrYD8r-eW25CPYhUojk87s70ap_YYtzXouhsnKKhC-lklPDodndpjsBc7diFrkGyF2Xrw_2vxAdxMkhcVEDZmxDRPxNptAW19f7BvHYMqnqW-VYJV_lcRVWbrgPAhzYef5LoJU-7Xi5Ibky51LS2WMFYhyFzQz1lcQrqQZlEhMQr789VVeboY-_asDbc4SDHisjfQ1-8ANnkyuJVuCPDCq5Q3OJkyMK-OhR-M4k61gkD8dUMNz9XQNWIxA_tTdHuxoQMwemj2gbW7Q2Jn0eqZ5nLRhxi2kOzmtbPRYVraWhF9UK0Kkofr8P0xmsm5dqhblL_kRfQjs4oytvVOFFQXiYn2VQhVTw6FQKSqdfBd43YM5MZgKveEqpMwSrAsjQzEy0_rjVmvvWgTbqDnSwLce9gXKVgbqagen_v3JtIMw0mAD-zFoHGf0PoPxfY5C6MxGawUXRmJMPGznjQb3Cg6Z98yCzXk49q1yPJXSc0s_nMEQcd8s2HR5lITIdBWjMwQInghBdIIVU5-NhsDRLbSTZWx44MvvpQnaqeAARuvBdeARIkP6aWP-t-yjrS9-qlhW0MsY3pgxcnxrQCeHjykLKr2PX8Oas83s0NALr-bG7DrGxBYerIEKRyxnqeyzPfBMbcc8ji4lu3a4VZDm5de0qf62vzO1JGPxTgfBLsd5oC67ZNfAyKtSErYY1FBZWoNHUocNPpom4PKMfF3qf3i-_N03RVAFM0Pp7uiwmFbhsSOJ1bNYZ4YWUOwiCg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1285 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHbRvEMODYur0FNOlrATjhJzABgAAAAA4AeAEAg&bg=!lZalltLNAAZL3OSAa9w7ACkAdvg8Wgg4ZsCVtovEHw49TeYQiwMPibxE-4jmbxr_aJUt6NwjLKasegIAAAZMUgAAAAJoAQcKALtqxu-0PcbANF-6FfBPVernUcu43UwLC5NbFq3UOXZVuHF4Dg2SwyXZUUioAkG275a4qs5fARR_A4GnYv6a4AHMYNs6bgaunMAZuNv8evTtQWwh3y43AQXGOt5SlMZQ3EUc7a0TAstGp_GufzOgqw2-pe3ln7iDLnK9Rb3HAr2pX_mMHFNVa8xPoi41cNVnrDBFcPtiBA7KVnt1rcZyrBysGyVsEFPDkDkMMQ4dz2dBHu2k145tme6IwDvjmQLW-Vs58X-TDpP87n6yDopBplqg1x-QZKkiQSCeaIUEk7-tI4A4vcq_vVIA1c4Qlm0bXwj8xsHPInk7wqJfluqrasPC0aCwlnLWBC6LEnWpM6F386HkC-CcdxZog3CR3By59pX5DyvfnqBmVTZ9-wGy2GOdoET8LbuSfIkQew9L4eN7gz9fSVeq9YXmaO8x-5dxBaii6EadjRFhV4u351MAHVsarLNNSwwRDSmi2Gc9jhNWTPGtpk2cT6bYt3_8iuxtZwf5r7LrtYiUcUF_wwbGoYeuYL0l_Qistx3QFOizjCa7Zp_hrCICkkvXumbD5zcdPqc_ZMdocqyCa0r-4buTOgKPdwf5au1J5pWKOIuQgzj1BTsSaL9z7YHLuCUWRRAQofwXlVaiOR6MQoqmNjOZGoq8w571jj0ateIPHKOSQ3tIAzcmSbjSj_fEsApQgVIqPj-ip2W2tlcF6KQpEXqbEr7RC2oh8IW6XpuO1yecWMdXrJE_CgU9itFVpsXCVJXRor6BnxoLbplXSxCYZQFgOSTzH4b6mzWkByLK1ziQSOJ1o7Pq1F8hdayeQNyUbBSFeKLJ0X1mAq7VjJ5NL0FCfnMxUsM2HyP8bBAxu7f1BFwY0I0pfZsK5Nt2HWlD6keDr0w54aGGBHV1ngm28j5CKJkQmn2lL-QDt4a6obqGoNSFVstENXK1e2mdvFnExhp9J8Z8X7lox0GCRLa1juPCs2EVBrZsyGOD8GeNhwf-kCj83ascQScn2RPZXQwPgrqo_PV2-7ZqczjHE48bd-hsXnvxfqrZPOgN5ZIGhix8-TiyKZJWCJsPlaL0QZj3-9do07ODcAwfkO3-vYWexR2UkJr9jMKEIb9J9aMKdkXKB86MgOH7ZMry0LYLNMiGJfycumKzL_EYLHRoI4-NIbcC_vF5TucbP-ytE78rkN-5StVkIUXT8bW_xR3uum-eJZKMBzqwYwgU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EE2 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYIZaEMODYvDoEI-C7_UP4pC34AoAAAAAOAHgBAI&bg=!FRalFlLNAAZL3OSAa9w7ACkAdvg8WpYJz26d5Csz0YsQXFwQ3JIbumy612le8Ig1vqV7fdizi0rVDAIAAAccUgAAAAFoAQeZAtKwE1q-_Tp6IBY0x70H19mXfOWaIzLyuXRn2rujx41OPeohULEeeHZnvbscdx_KC6WNiFlWGGxmIG2Pg1MfQj7D11k2o6pxf2MROCVvTXv-kgetrGPGQhYDlT7eQs8lnyME0ON528a8tAaYUTo1bKY96Ekz5-3fmLOHsqROdwMJnowNJZ2w_f25TXgi88Jl4dsRFEa5GfBW3FirNqdb5jus6QNHOWZcQcE0MRDjFzKSsjNIQOl_d_gJ2We6ugoG83CoC6YASybkRCu_CfzZLgZK3TjKNHWeAbaO1yDm0fPRpz1DKYkh3YdNaOqxIOwrJ4FAto2PsdoTqVEhLg7PzXORq5Z3bDg4mS4l7KSJgwuP2TGN4TSXDGDJSki5cMsRIBIl_tTj9s5_zEhuCMcaKuzYy2GXnMJQoQlsbYn66wzNM0ISKn678hSMziLlqfmZdYnnmkHUTAfu5oYysOS0Rwi0yPM2xuKHxCAgedQJCIwGGikj_1LW4wIJ-pB_8kiKtcoyK5OjDhgdYY9Ovy34L5wyS3xYULRIBZExrpwKheN1L7rlF75NzxrpqBBRYBkdZbumxn9ap8295OR3acwdJKki7SE7gsxdBbaFNDiRzdZ1gMOW_hQRTqm_gqD97EbzAMOP93guQOEhJfqgQqIsrzMr57x-gDz9i3a4me9khYPNGSwBMEDnnKXx27_xZqD-pgYuWv-yBMnPTd1pgALJ3MO7eYyCX9sd1388LdxYFaXVJu2_cpee6enlutx-BS9eQDxvVTfeMARiGYur-euDPp6fRT-pgk7NW2FE6B0mbLJfoDu5mbqTkoJ7lrxCd9jfnm86mK0UYZhoyHirPGxAQafNqP8Aw7oDILhiEG65FxjKNg0kUfmynCkcD2VwXfjQgHzCNBQCqlJZNqwzJNLV04uFUQWzb5c-6aSBygBYCuZE-wGNRdFcmbHI-kpw-q200iHU4g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 34CE 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bwq44EMODYuSCF_aR7_UPyqC_0AIAAAAAOAHgBAI&bg=!w8ClwITNAAZL3OSAa9w7ACkAdvg8Ws1mkiMEagDKq5QOIwd1O0mEzs_RomqIvfVM5H5VkETNK07w0gIAAAZiUgAAAAFoAQeZAtx3Ha328r55FetV7pkTjR3OkCY5r_TVZWsN_1wg1QQC2fn4INgokKw3vDWjysLdUOmdyNdUOG1Xy0Q2Cvt1ZKmxic8QBQUyVn_z_PwrQKU2QsZVunjYjeBbjpf7FgerA2YLJwUnvtNnS6oN3jRm0rEuQcGjE4k5eIgHyBQ3KYZlfThbSS1tOQvVQuEH0ZS10nMfEaYS7VM0e0L7YPFr3lm1iD46dSP5hUB1N14Ycoj1pcpN27YiFe20Q1SbMj864LUaxG40oaH1YaDM5R2BqVCMvQA8NDffLQ67DK6AAUp2cyg9JPqqMXuwP7tffHKo95kCDsZGDRgoTVU8nACsnpQXC6UD1uXDoe0PQLVmR3j1bxdFu9lxW7lS8I_N0FnZLIyS2u1A9dAHQ8YQHYCdPmNpVCSDcslx9oLgjIB5xJDviw1L-GoPcklUCRGaOlVlSbAGnj7oavwxeSLWzhPIFNCOwxWBsUDFkCZylWTSlIvBKTsRMBtrQiCMG6RXbzSg_-qB10oyz41o15q4xx9ukzZ_2XVxjbujGqj-kJ10bz0q8BUPgAvYY3LUX4_Br6IQWa9mt-ZWcBRo7xQu6vNttOvUcPJyhPh6C-hOaHmRQdjD0_Czpq8GkyfO4cHJR6X1b9xVBxMGBRC6GhaFJw0IwCY-qL_FLsxb4i_wWqRi22Ql1cELdZ759E7W00pUaABj5FmKhSuUAIL1LnEG26vdGIDl0iL6nWW5TTjHurh5UXQwo-bhxTMGphbGmD5Nd8VlS5TRydrzBOLqQhw2ILj21WQeizW3WFPx4GYh0mXYtJDit7zxvrrC99pDgQkWWqXeOAsOxpl0G3jAJcn2_uGa0ftsCNWilHd1yvwtCD2OQtbvxZVUjfywjQwple8u-KWfB_ic4QkbSKJQAe6iN2LSozUDGnfP2RH6JYVQq_7vnNAktRUk7juV4o7RCSurtB2b-FOEc57smnpQtfAf5lA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAD1 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUIeqEMODYpeNFoKcgQfQh5KwAwAAAAA4AeAEAg&bg=!cnGlcTXNAAZL3OSAa9w7ACkAdvg8WrY48WqrRZLzYM6_Sig_SdDnTrWke6VXjJ5Ep-6lnJ_cjjkQmAIAAAbvUgAAAANoAQcKAEHwp2yuIOPfHyIDLFib810xBb-kpuWuZt9Q5QQfYY2StXh0JoaxubQy5o9oecLT6limFBHATmoaLRll_iE6lcR7dpkCzRgNmC0r6XRL1sf5Q8UbyOHPrfhunL3t8sobdj5b4ehYvlRoF3T5zKY6tLfvnhArtkBkfzOXCLq4cdGeAXNxjytj4u3-39aMvw9Ji06MT2jb8LJ6FAfxC9ko8ThzKpXms2BkkbLTnB__kcuJReqWol1fqMqw3v1VfqFGUWDPIQBgOx2dneHE1Aby7QrYZUQB0-giHJ1Nsj1LYmIQN2DdB400qB7wOPIOTOAI1_ruoqr6UVJdT4atYWRPaIWdQ-hZH3gXA1Hyh1wviX0abj5OmE3wd91H6yiCxrYO_aksHWezdl1Gv8Zl2hcG7xZFp2_I5yRiHa8ZddtlLK9VqPdp25FKDw--hZZ8Zj0r0kecS8eVgDgcvAnJRT8K9uRU0KBYUXWq0uqjn2zu98hC1VrdzGuFfCFYKaZCTr6t4uXfUlVkvhNijhT_2SgeX7ISslQjdyNhdYi2dcPsG-otn1p3SbwKJGcrxlBcMEi3_4ainoEk0aR2SqxR1E9fmMiMGzoaPLf5cHL4wdbA2VXVaQLQT8GcJlwxC8mrRvve_ANwTMviePIPQbp4IJRhP3t3s0NqqWi7yv8V5BBrrDkBCFVo1-RGVjUD54e2zKpKs0HGNZilDa3cx9LaszGtb3y2um3c94ChHIoNnEcgHZvMRF7k8tA2o1rvSSNbn4dCKMj-8Ddj-bGRpxVIqb5kiHztDZjXzeRVjqIqi77JXu3qEcjXy6NTlGZi9t24aEMlVjJZKTOPwttcF87OzJa5l7j6tf81tzPQ-JJXYxkCG88lDMvU6l-EJhH8DUvlH5Dcuhn-5pzFOmgrdmeGzEFszYJ6qxr2pp12dlJUSs7-YvnrmKK5go9s58YuWuDDrk-Uea2iQciBk0mZVj3nbgUs4Fggib5mEpqTZlptI6Bebv5XPiRrV66UA2hXfvNgSs538fL1dMIwuJB4ZXdd4YmSsfDj7A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 56E9 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bdhl3EMODYuiyG7WG7_UP5cSv2AgAAAAAOAHgBAI&bg=!ZWalZiLNAAZL3OSAa9w7ACkAdvg8WrL_6Srm19-On2LRFqaH7Kigo1vNJ6fpA3vNahXh3K4YxCbiVwIAAAYtUgAAAAJoAQeZAt21CjUt3re8Af0wiSIb_9ZG4m_RVxNMF8wnkMQgI5aEZUAamP6MBW02XCWB-TO_OywPcGUqsY6T4d5WfJLBQeTsTOmn_gvH0ES2en0ZLGiboiVsllrlNobM-CA939Tdrdex5pSgHH5NskumvLVmppLzSvv8m7IVYGmQwN15vfDBb7iwdKP8o-viAcKI8ozIV6orwuWTX4YHXqsh4xSzgdxmTmB_qbuNHuPqao1fvqgAHaf4t5KyDW5aAyqfW8sCuactMOJ2nKxFtSGJffbGBu9lbY1gbGKI4v82BPwYhBouYcVJ_9yjjPsUWhN3ymTNQq_M7IRpkcIo31ShQnCoo4f-Yk-LxB_E9v_KEQNHnnT0wx-YEdUjLtS98yXR1WsUCzi8YWbiETxt8YfimaIbFGIQtK18jS67rYaIA7uJ1q3Nnhzc3ue1XKNOAt9pezXqLPzu5B2ziz4aFN3NzNQF1nY3bkUuln34pcuDae3GY4kgh0JjKjCCtWwYgNwPvTaCe4rLB8qPgFJkMUqtk-oMLF9r0r91Hdk2emtyBXRkgT24X12FxDtpjJTykniU4u-8I-d4BMr4AxZi_0HtuStjmVaGxHkn6r5KLugUMBsD42_8uZVjzwp9bKIGN8BQUYCIqpKlk71deEtwXeVjch1V1k6yc03-Wq7MwCKCUg-LjEE3iJvDsGsh40mPGjoHmIQ-cAy5z9YQQY9fJHAcXwrlhwne98o4LuKHHL_Qie8ch02i7es1EcljgXO-vP7LNghBVjBfd6YXB7rMo16JLPAWJyYpbu63a3AP0XUubmsQKcGBsYkrscLH__4l_LgV-FrJb7xUJvt9CbHYx6F5DrLIU3FP3e7iUYbqoctUnLNDM5RrRXuZ6juaKDpLdawncpzz-ux02fl-EY89QLYUWru39H9r3rAFdMwP8E5etlzTMQLPQXuAIIQ3ly3JiIxAGsHLNIaXiqNpJYk5o5gZYGqr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8948 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnwMcEMODYvL1Hv_G7_UPjbGTsA8AAAAAOAHgBAI&bg=!fn2lfTnNAAZL3OSAa9w7ACkAdvg8Ws6sEUyp23EnCPQQ2jiOIPMZcoWxDXwLXGfQXgW_PE0avlzFdQIAAAYgUgAAAAJoAQcKAGh_0k29l7gODK-NO1pJ5pTtlwV6ychz8o8WzVN6bKEnvamMMv6BLyZqdm7siChQuNUpnudCy1E0kLPXTC-FLwXqDL909-7Y_UpaGeId6e8H9K9eTz0SHyYmJJ7lHXUTwzRshps1d4abH5kC1bNH9etKq7y4MOQpiAfjkQirSaCAVuqSO72upz4kun7KryF7B1vQORa_qzfkUhX5PxGX4VItNjCVRuF1RbTYrfNSo7Sa1r1Luk85gDmoJs8snIPKAgvT9w4uevISdeuTqLfy0Bl1INRN3cwYWOvEmVTtvOQis57qVt6TkzmHGMbAUR7exF60cQVcTHb-v04v5JHayEWcqmVrXsE_2C9UzzoK3FwrROyfyLrhPgdfntUaQnPsgFwKzSd3TaZsH1gE3OavedFBOpSmLNL7K4bM70aCr1Chtw3h-s4bNsexMJm5ue0GP4CnXk8qT_71YqnkOevEh3BbvJrPYdtyLurl7EaKTdYwEK1RwvwD3ZmIJfKpd1y2lHRQXNehflJ_eTtvzHZAs9_RIiL0ePUrsNJ_ZUQ3kG_OxalVGI6thusQaU7gp-sY176kmfQ6CzwDwB_Cshy_ACbnchFWmJGFVppdrtz-S_gZ75CI0DOSJTsQZaYZJzGypdMO9z2-t9cFcurWrqLWMETzTn4i78LfJm-cezjPXRufKaqOIvZluJYuRajUw8I0_cNZmCiEXdwun0Ix3jWumemUPoNpPBqjW2RiI6UxX6f39dyh3y6-SavhrwuIdT78CA-_M-ys16jOVVQ04AD6SCXbgz7xdUVEhSzp5_ai3vUAFpdTRFyyky7UWQS6EUFg-9MsRGmPDEY2q5YqQqJELrw8r_8BKV2xKcNQ3C0v2x9fzc6YtsqfrsXH5bZHxDIWonXXKPt8OB7gvV1ERJ49OR_gg9g45RsLb9d_AYEW3LcHJL-EyxE22p3wK3xviIFQ1V_3S_1nPmtMCss-37XC_XMO1C_RKv8GVDEHOMig5vjza64cNrc-u7SAtEnCymmVPHPA7FWMIbGGOfhGHTn7MWNkLEAvpCtc5URLFiWf-FqUrUyhpwpiLLwNeAhwLWZyDaKhGh9ix85kBmFW1IftQ15s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 16B9 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
438a843d-dfb7-488c-9b6d-768810de37f4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0EF4 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c1936801-bc69-447b-aa22-16ddabf849df
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8597 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
99cf4ccc-9ad0-43ad-ac82-12a8d9ee3003
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/ Frame 1306 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/postback?ap=&sr=13&dm=300x250&c1=4562312&pp=10264&si=5614020&ac=651871&ci=619621&ui=78d00aa7-9d48-66cd-0000-000000000000&ti=6288863528235289568&r2=&r3=&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fua.korrespondent.net%2F&pv=0eaeb631-9796-443e-a6d7-bb939c981128&de=43003&cr=6622395&ai=216536&r1=146.70.117.0&sid=AUVLBmgFEeO_DMnU&oz_sc=8bb5b0b27d5809294117aec8&oz_df=1652802325151&oz_l=3613&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.58.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:25 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
async_usersync
ib.adnxs.com/ Frame 3DDE 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
64b6b8ce-7093-4ddb-9d69-80b9ec852108
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F5CA 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
56eb54e7-469c-4d8d-be30-d8746f4bd4dc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 907B 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
addcae8c-3a6f-4536-b502-00b6c6153842
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC5D 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXcvHEMODYu_bIoGQjuwP29SU8AwAAAAAOAHgBAI&bg=!c3ClcDTNAAZL3OSAa9w7ACkAdvg8WtC9CKep98DQORW8t72TVDee3vKiBx9WjmD8jtvSxsW8RYOk0AIAAAVCUgAAAAdoAQeZAuO5soj85AFuXfm4no80PUzGE_MqwVONVBw0-9oRi9VojdMUXe-qP2FxvkJF8X-XnUDOk5hc3i2L6Qsv_ebNcKnLauKRABWglsrZv-amGnDTWL5cg7C8HvFzKPDBdK1SP4jSGjoxE0FvSyFD0UoD37V6Kzg22BCq_s4JRNejcgvVqDPU1ZugDkPXYR79d3Ry6t0oeWWOMTi7f4y0JZvV1fdR6U6ZPwQBLCASb5aLJQfQwIoy8LY6S355CC-tvtYmpMvz8e21rXENtqcctAiRleC0lEwfxqum1kT9K-6Wlr6KSM9RuIyoLr7MX-08N30llRN_hJL5DCWyadq6Xk-Y-nvecXydvlGVxmybsLGlsz57AMf6aEo0jFuVwoWy7ks3PX5OQkphs6nVU7JP14gWlguDLSnc_BdNiEDmqgoejfF90V6ADAFaVjHcBnP7cw3t31g72EmTci-i1qkn8OZQJ-cKZy0JAx2wu9J8kyeyAcJafb8W6BNvLhwh46gc_0CiKZidrf_-fyveF5_HqLuE_nbJB4-oGhiYJxZ-1NUgmIb3M7sPumRGK1T5NyDq8iywxP52_S1oEVMTZ2x0vWpH8p7Xd73bdg9y13BqKqmEQh1Jp_wXLhsAdV95AQXVGzOtNxu-Z2EZE-avrLGk2gwClKeNooKL7xm5577ZHrGicJIVqz7EKENcK4je3ElCM4DsX0VCkZf1CtJRAoRCvKfAAeHvqUrdOnzrXu4VNJOfSIEKp9_WNdLQD29zY1QDgHNDmH1M_L1UKrtYER_s--UOftnLgP4L2XcoNhdnvU6M7VHvTQlsQSqoo6DNbPA5xOiJsKSZIzkNB8-G9c7AGOOnO7LPU3qCS6jgGxrajSGsE6rZGStkRhOfzAHF2qrquRmmbk_AKDDFxnPwpFjEFluNkveY_vEYp_Dlj_E3tVblbvrjWO0cGGPFsKKSl8oHQeB_k6VQyBlhHtVNy7LPncdYPamEE5c4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5721 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-so7EMODYofVA-uQ7_UP4dOZuAIAAAAAOAHgBAI&bg=!GBulG1_NAAZL3OSAa9w7ACkAdvg8Wm8Uym_R4J7In-6eh7k1vbOEHeY3KZTeWh4ZokwN-ue7qSahBwIAAATHUgAAAAFoAQeZA1yX1zTt5t6SLMgATtQDlC4CUNrfuteg-JZQ05ns6Sb1NjH-N0TSfybb_j_EsJky9L0Z2X8EylCWnZA-HOoTxgaA9qNIreI5nwYt29f1wkygQLXurnjHwZnNMTF7Gf-L-kRnYsT_nDjMa28vqm3OsHydfsRTCxS-FisCca3aLL8fuAwloWxz_anuc7X4wj2ax8JC3MqaML8EJX_aPCOcsrooNhfbh0FgP9M26qDphPzVQ3fsI2XyDIPm2k22Qbae_wL8X4FxqrXiSl4NkSg-g8LCgNQW4iLHk-MiXzcZ7PpBxA0lWwdjcvRV3qS3KJEN1piQWPucTyoOYimxAiva2zjghsMIPm-Fe1EqMgfGpWLxa7xhttBCIAWit7fUs0KZi0_XaYmZsZZU41qjVvZWNzCeenGNmlSV2IRFbqMfUuCigAGY8G4eGLOG7_hEze3_YD5amlpe3OkZP7zN85qc8YaD0Q_22itTnD4MVJfpCipRPUOPSYwvFh6tO29-m6Wwzv1z7ywBDOxlVqREp0siV9_aP83lDWUq2BJhDiakyAB8HubnMFKWaNq5ALUXd64eUIwaiTt0cZVcakBjaInl83pBSiNWmip9IRG-fcDfu2RcvSlOcBVPBJwCFKit5IZf3HZCvYz0s7G7pG2s0s6R7oilxfDohubqjcPd2j-YYR0dkC3jMsbZjJuUV4POdILRVYIAmLPj8U9veHonfpzRq4P5donDkTZ9pVOiaQIxhP_hGsW8Q9pKvFDEKGk7bN5F3bsIgF5VHAJzqdGddb0CrhFmnNtIlDKhav9Sh8euHIn56ju_SkzWHeUq2172NDzpXUqi4jY4vJ5ZLEZ0-CpysuYCJuDiM8fUw92gwzEmXIUXI2h3f625m5pW__PxVqNio1rwumQK9TbcYywK1rMzX9z9JBd35qirDzK8ieOX4mkpoxIorxNkkMOKrraZGPJmL1g4iKOWB-qZ-6UWO9_Q2U_CA-R68nEBEv9z-lu1UDRaUEXL3bguvsGEY8Yh8w6qomarXZ6Zn7BDszomiu0oZ5PNkdVoMsiX3LN7OoQqNVZUQfWfjbP7zng7gWlE-aH89JhKyvLLtKOJ5MqE2a6emKpyrTU4lSoL6KL9Ty46f8TbJXBfL5jVallxocUmpw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DE26 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuFg3EMODYsbkLNOlrATjhJzABgAAAAA4AeAEAg&bg=!RkWlRQHNAAZL3OSAa9w7ACkAdvg8WsAnytcDw632KoQn0p-Cu7tAva86kepGY9XZfPDJ1S4-YLYRfAIAAAOzUgAAAApoAQeZAtCKHZT7bO3a8g9V9X449Vhd8DHDfoQlAI_S9hd-BC_JuXxcM4sOAcEuDSqhIwq4vMl4lbMbS9vmiVqWsNH73ncLwaKw0Nj-OrSR_kOffP-JaK6s4bmxOxsxbf9ar9DmzfXWu_Y-geaf3Elq4KIN0nbbo3CkLZNRypEg8fsRZWQjg2jPkiW93QIF9vt_eFS_uds-Mer_wliv0tjVzuoRoB1iqRzOVe3d_TUKbncAGaTssVg3N-TT_GPq2S9w7XmZJMRSXqHXSMIA5L6tBhMFtUykkuqUGvOn4tvzZygGaZ-XZXvJv5CEjYYU4RIMK7sgT2dlHUdUqhy9asx1QX6jejMLEvvaxDwEFECvRSa6wPd31BP274QrNOWrFT8qiIQyJOKbP60lWE07mLdFnwv9f3czwKO9rQacubmfXdsoZHQ5ku1kOLqo9amc6_jiwPag_FOcmdKrBmSFIlzYinElwyiHIa4VbBXiZivCAQbCIgFDkSO1nLCc3E9NP7XdVDisueFU4xEfPo0HqPLWDRNiNqmy5PmNF4JZDVX5mLqQ7aeRWtnpBiIweJNbLgtapeWxb0XMlevbf1DYvPwhwwgXupSLbwU_E_K-6WFpoSUtsw8H8RWNnU_AFs-m5GfJagh4AsKVNLGgF-j9ablu3Fq-oB4ygX05UjRzO9bMBL9SRW6l_HFwkYa_AGYk0w7-5Azb_PjnnWewPLLNR7mgcvAA7l3nXQH8uAEt6yXToSsDOhLrkFklDMTFLlvKWqISJvPXmOaSwiVmXxv2FDkfnkybniLWpVG67kyUDV4g1tqLyRmYRp1oIb7zK-yDgFpW3cg8czdHz8M3AUy9eL3RKwrY-C8_e8ricj5tgJqxo_SF_y7rh_8-QYqu62mL9z06ZvkdzgqMzpDmuS_9agPcwrAmX_Ovez-4xYS8tVUcm0lQWlJd21onvRbJgolU0Jk35P-qPqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 46A5 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
149561f5-f437-4675-8ac6-561528e047da
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F19B 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=5d4267f8-3d86-43ab-bef7-fb89c73afa73&expiration=1660751125
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT
async_usersync
ib.adnxs.com/ Frame 92B2 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8b262f91-2536-4d2b-a29e-9eb09262b53f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7DDB 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4255b3be-f41a-44c9-b61d-285ecaeda2b7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3600 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=5d4267f8-3d86-43ab-bef7-fb89c73afa73&expiration=1660751125
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT
async_usersync
ib.adnxs.com/ Frame F2DD 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dc6cc648-e4d1-49c1-9c5f-4d29fb383309
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B5A3 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=5d4267f8-3d86-43ab-bef7-fb89c73afa73&expiration=1660751125
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 May 2022 15:45:25 GMT
async_usersync
ib.adnxs.com/ Frame 818E 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
65306751-79d5-4119-9924-df95af131b16
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E542 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
34b47465-1fae-4edd-84cb-712de49756cd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0876 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
82e669b0-22bd-4361-91bb-d4dc5c10b6ca
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C6B0 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 May 2022 15:45:25 GMT
X-Proxy-Origin
146.70.117.85; 146.70.117.85; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6584538c-f853-4193-963d-d5dbd4c18d36
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/ Frame 1306 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/postback?ap=&sr=13&dm=300x250&c1=4562312&pp=10264&si=5614020&ac=651871&ci=619621&ui=78d00aa7-9d48-66cd-0000-000000000000&ti=6288863528235289568&r2=&r3=&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fua.korrespondent.net%2F&pv=0eaeb631-9796-443e-a6d7-bb939c981128&de=43003&cr=6622395&ai=216536&r1=146.70.117.0&sid=AUVLBmgFEeO_DMnU&oz_sc=8bb5b0b27d5809294117aec8&oz_df=1652802325379&oz_l=212&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.58.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:25 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/ Frame 1306 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/postback?ap=&sr=13&dm=300x250&c1=4562312&pp=10264&si=5614020&ac=651871&ci=619621&ui=78d00aa7-9d48-66cd-0000-000000000000&ti=6288863528235289568&r2=&r3=&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fua.korrespondent.net%2F&pv=0eaeb631-9796-443e-a6d7-bb939c981128&de=43003&cr=6622395&ai=216536&r1=146.70.117.0&sid=AUVLBmgFEeO_DMnU&oz_sc=8bb5b0b27d5809294117aec8&oz_df=1652802325544&oz_l=399&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.58.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:25 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
27fc63b4-92e8-4eaf-9b5f-4d20cf562505
https://mediawoot.com/ Frame 1306 		772 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mediawoot.com/27fc63b4-92e8-4eaf-9b5f-4d20cf562505
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adf1f64499f499da08f9d8e6cfd962a5687642d9a5d3ae1db0843657e42e517a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
772
postback
s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/ Frame 1306 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/postback?ap=&sr=13&dm=300x250&c1=4562312&pp=10264&si=5614020&ac=651871&ci=619621&ui=78d00aa7-9d48-66cd-0000-000000000000&ti=6288863528235289568&r2=&r3=&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fua.korrespondent.net%2F&pv=0eaeb631-9796-443e-a6d7-bb939c981128&de=43003&cr=6622395&ai=216536&r1=146.70.117.0&sid=AUVLBmgFEeO_DMnU&oz_sc=8bb5b0b27d5809294117aec8&oz_df=1652802325714&oz_l=496&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.58.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:25 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/ Frame 1306 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/postback?ap=&sr=13&dm=300x250&c1=4562312&pp=10264&si=5614020&ac=651871&ci=619621&ui=78d00aa7-9d48-66cd-0000-000000000000&ti=6288863528235289568&r2=&r3=&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fua.korrespondent.net%2F&pv=0eaeb631-9796-443e-a6d7-bb939c981128&de=43003&cr=6622395&ai=216536&r1=146.70.117.0&sid=AUVLBmgFEeO_DMnU&oz_sc=8bb5b0b27d5809294117aec8&oz_df=1652802325908&oz_l=3987&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.58.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:25 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/ Frame 1306 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/postback?ap=&sr=13&dm=300x250&c1=4562312&pp=10264&si=5614020&ac=651871&ci=619621&ui=78d00aa7-9d48-66cd-0000-000000000000&ti=6288863528235289568&r2=&r3=&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fua.korrespondent.net%2F&pv=0eaeb631-9796-443e-a6d7-bb939c981128&de=43003&cr=6622395&ai=216536&r1=146.70.117.0&sid=AUVLBmgFEeO_DMnU&oz_sc=8bb5b0b27d5809294117aec8&oz_df=1652802326113&oz_l=855&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.58.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:26 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
dc_oe=ChMIkqiDuPDm9wIVI-G7CB14AQSEEAEYACCb5LxR;met=1;&timestamp=1652802328257;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 8FF1 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkqiDuPDm9wIVI-G7CB14AQSEEAEYACCb5LxR;met=1;&timestamp=1652802328257;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI-v-DuPDm9wIVouG7CB1ASw5_EAEYACDbhb5R;met=1;&timestamp=1652802328259;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame FA20 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-v-DuPDm9wIVouG7CB1ASw5_EAEYACDbhb5R;met=1;&timestamp=1652802328259;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIvsiGuPDm9wIVFOG7CB3SzAsiEAEYACCb5LxR;met=1;&timestamp=1652802328261;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 4AD3 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvsiGuPDm9wIVFOG7CB3SzAsiEAEYACCb5LxR;met=1;&timestamp=1652802328261;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8FF1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstypL4RZ_B4aza5bg_y4vLaWPkUe9C5VbhokdK3_xEiOptlppIo3L7IXDS_OLMjO11OAvMpCRbiuBWuRqizdcr5aWlvUXHFADDicWi7gNhBd5g&sai=AMfl-YQdjsSH1BXYmNlAgGGwNCgPcvYxX6YRw-rXIStpH-R-9oil2aHDITd3PzqHlILyyZwU3j5fEjGi2VvQNJrgOb01PekgQ7s1dpz4RV3XdLqz2xa8kDE5frEVcA0&sig=Cg0ArKJSzHdd6ix2E7L2EAE&cid=CAASJORoXVJm2hg8nb7Hs6RYd8-EnTuqcwPXX_l2P92AImpsBc78bw&id=lidar2&mcvt=1001&p=911,1675,1233,1975&mtos=0,818,1001,1067,1067&tos=0,818,183,66,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&vu=1&app=0&itpl=20&adk=476880845&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652802317553&rpt=354&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame E1DB 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 33F4 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 745B 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 331A 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 3E27 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 5907 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 87CE 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
syncframe
gum.criteo.com/ Frame 1670 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:29 GMT
server-processing-duration-in-ticks
4914
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3E27 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
syncframe
gum.criteo.com/ Frame 8E0D 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:29 GMT
server-processing-duration-in-ticks
4472
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 33F4 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
syncframe
gum.criteo.com/ Frame 58D7 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:29 GMT
server-processing-duration-in-ticks
3484
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 5907 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
syncframe
gum.criteo.com/ Frame 9FB9 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:29 GMT
server-processing-duration-in-ticks
3864
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 745B 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
syncframe
gum.criteo.com/ Frame 6EE0 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:29 GMT
server-processing-duration-in-ticks
3871
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame E1DB 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
syncframe
gum.criteo.com/ Frame 10C2 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:29 GMT
server-processing-duration-in-ticks
4463
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 331A 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
syncframe
gum.criteo.com/ Frame 77D9 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:29 GMT
server-processing-duration-in-ticks
4112
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 87CE 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 91CC 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:29 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 47C8 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:30 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:30 GMT
sid
mug.criteo.com/ Frame 1670
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=5XWSNHxiQklrSUlzajNNeVZSTWNLOWNGT2tTVHdtdVlWMlFGcldac281aW0zOGVwb09OZUlNVVJ2bU12RGtMSHVLb2FhMkZQMTZsZFZRUGpIQWpUWTQ0dXRNWTViVWRscTFWMUdReTVhUGNmTnpQSEozQUNIQ1dNbnRKWG...
443 B
641 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=5XWSNHxiQklrSUlzajNNeVZSTWNLOWNGT2tTVHdtdVlWMlFGcldac281aW0zOGVwb09OZUlNVVJ2bU12RGtMSHVLb2FhMkZQMTZsZFZRUGpIQWpUWTQ0dXRNWTViVWRscTFWMUdReTVhUGNmTnpQSEozQUNIQ1dNbnRKWG0zbUYvUzdvY3ZMdHJ6ejBzOXdONENHOTRBUkk1YVhyS0toUmxIQjRsd3haejVmaEw2VVNGVU9xbm0vR3NjbjQva25YMzlBT1NTVnljZ0lHd05vdnM0M3Q1d0d6bTEra3pkTHd4SXUxVGpkclhXMTZCRlF3NUVTYkhycUM0dlBDT2ZRdzFlVmoxT2J6clVpMkpZSWRkN3ExamtXM1pnNXV6N1dCSTREZ01POFF6ekZhTVlEUT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
53ef4c15641d1ae87d61393bf81cf6af89c3b9fe28ab8ee85dffbb4e1cb5f2bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:30 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3604
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=5XWSNHxiQklrSUlzajNNeVZSTWNLOWNGT2tTVHdtdVlWMlFGcldac281aW0zOGVwb09OZUlNVVJ2bU12RGtMSHVLb2FhMkZQMTZsZFZRUGpIQWpUWTQ0dXRNWTViVWRscTFWMUdReTVhUGNmTnpQSEozQUNIQ1dNbnRKWG0zbUYvUzdvY3ZMdHJ6ejBzOXdONENHOTRBUkk1YVhyS0toUmxIQjRsd3haejVmaEw2VVNGVU9xbm0vR3NjbjQva25YMzlBT1NTVnljZ0lHd05vdnM0M3Q1d0d6bTEra3pkTHd4SXUxVGpkclhXMTZCRlF3NUVTYkhycUM0dlBDT2ZRdzFlVmoxT2J6clVpMkpZSWRkN3ExamtXM1pnNXV6N1dCSTREZ01POFF6ekZhTVlEUT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1640
content-length
567
expires
0
sid
mug.criteo.com/ Frame 8E0D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=UqAHDnx0ZU5TSlJCQ25IODY2WmZWaWZYZkxuY2VsUDF5QkNqT2lHWUI1ZXBoNzVpQm1uajl0SlppWEZLVUt3ckRXditvNGh4NTR1bEV1Mm9pVVdBV1cwS0VhTEdwQURhK2dzY3ROZ2hqblJlT01jOTgxT1hnUE0wcTN6Kz...
462 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=UqAHDnx0ZU5TSlJCQ25IODY2WmZWaWZYZkxuY2VsUDF5QkNqT2lHWUI1ZXBoNzVpQm1uajl0SlppWEZLVUt3ckRXditvNGh4NTR1bEV1Mm9pVVdBV1cwS0VhTEdwQURhK2dzY3ROZ2hqblJlT01jOTgxT1hnUE0wcTN6KzVuUlJpWlJuWjhDb094emxkNHVJTWwrSmxaU0JybStJZVVQVlpUVDdxWGxFTTR4TjRPT25IVk4zVTdtLzVHWXcrLzEzUEFROU5lckdaSE9KL2Y3WCtTTG1JYzNrSkgzTjZDYnlYYlM5ajhTSE9FaXlHQUt2S3g5YUptckhCREJYMjNrUG5iY283NTdsOHNCajNDUXJmVTNVU0VkeVdkUG9CUU9meWhIKytqajF4dU8vdi9LYz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
55b23ad01694a94c3a778125a798b0fd9b5e5996ed5a841a745994391af79218
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3661
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=UqAHDnx0ZU5TSlJCQ25IODY2WmZWaWZYZkxuY2VsUDF5QkNqT2lHWUI1ZXBoNzVpQm1uajl0SlppWEZLVUt3ckRXditvNGh4NTR1bEV1Mm9pVVdBV1cwS0VhTEdwQURhK2dzY3ROZ2hqblJlT01jOTgxT1hnUE0wcTN6KzVuUlJpWlJuWjhDb094emxkNHVJTWwrSmxaU0JybStJZVVQVlpUVDdxWGxFTTR4TjRPT25IVk4zVTdtLzVHWXcrLzEzUEFROU5lckdaSE9KL2Y3WCtTTG1JYzNrSkgzTjZDYnlYYlM5ajhTSE9FaXlHQUt2S3g5YUptckhCREJYMjNrUG5iY283NTdsOHNCajNDUXJmVTNVU0VkeVdkUG9CUU9meWhIKytqajF4dU8vdi9LYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1302
content-length
567
expires
0
sid
mug.criteo.com/ Frame 58D7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=TtYTaHwzNVRLS2RJTjZqR0dZWGRSSWV6Rko5THltNVFwcjFQRVpFYmRxSTk3S25YNmxJYThFK2dVOXFrdE9pZTVGNHlpNkdxcm0zK2tnamZNUmpVNldIMHR1RGYya2xxR09vaURzVHVzL0tXRXZ6bEE4NDhCOS9yRW9lQl...
457 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TtYTaHwzNVRLS2RJTjZqR0dZWGRSSWV6Rko5THltNVFwcjFQRVpFYmRxSTk3S25YNmxJYThFK2dVOXFrdE9pZTVGNHlpNkdxcm0zK2tnamZNUmpVNldIMHR1RGYya2xxR09vaURzVHVzL0tXRXZ6bEE4NDhCOS9yRW9lQlprMlNSWHRLN0dRQlB3ZnIwMzYzNUhQaFhvMmpMek5UUUJOTW1QQjVzMnRsZTlKUktVV2MyeG9laDFra1FBSVM0OVdaYVlSbzFiZlBXNWFhZmorYmQvWFQ4ME4vK0FWbUZXQ3FpMHp2SUhsVFg4VVNFYUlsQVl2UGxUeWZaSTZwNHJUUVV5NEFlVWN6cFhMMmVZb3hJeWtxNS8zNjRLbUVNcGxOTEQxNzljcmNvTW8rUFpTYz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c59a7ce6b94bef63ee401a33a6541aececed3d7b28878d6c274ea37357142900
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3886
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=TtYTaHwzNVRLS2RJTjZqR0dZWGRSSWV6Rko5THltNVFwcjFQRVpFYmRxSTk3S25YNmxJYThFK2dVOXFrdE9pZTVGNHlpNkdxcm0zK2tnamZNUmpVNldIMHR1RGYya2xxR09vaURzVHVzL0tXRXZ6bEE4NDhCOS9yRW9lQlprMlNSWHRLN0dRQlB3ZnIwMzYzNUhQaFhvMmpMek5UUUJOTW1QQjVzMnRsZTlKUktVV2MyeG9laDFra1FBSVM0OVdaYVlSbzFiZlBXNWFhZmorYmQvWFQ4ME4vK0FWbUZXQ3FpMHp2SUhsVFg4VVNFYUlsQVl2UGxUeWZaSTZwNHJUUVV5NEFlVWN6cFhMMmVZb3hJeWtxNS8zNjRLbUVNcGxOTEQxNzljcmNvTW8rUFpTYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1337
content-length
567
expires
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame E20C 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:30 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:30 GMT
sid
mug.criteo.com/ Frame 9FB9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=-Gl12nxvYmpObC9iSVFNdnVNT1VaT0poVzFZQmgwRHJrNDUyV0JzaVcwSktFWjNtMmZWNG5LUnFnRG93b1F2Q00rNnRGZFdJVHBsRXZGK1B0cmNZdDVvb3I5RlFyQXR5NEpJRVE5dHIxL2FvRVNXVmdsVEpPWFhQWE1JZW...
446 B
644 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-Gl12nxvYmpObC9iSVFNdnVNT1VaT0poVzFZQmgwRHJrNDUyV0JzaVcwSktFWjNtMmZWNG5LUnFnRG93b1F2Q00rNnRGZFdJVHBsRXZGK1B0cmNZdDVvb3I5RlFyQXR5NEpJRVE5dHIxL2FvRVNXVmdsVEpPWFhQWE1JZWFEeDA2WjVHQUJaMTF1eXdYeG9pTGhsSDdhSTl0WGZlaEZpRVJmcHdwOC9hZlZjODlFUEQ2UG0xOXZIVDVZdDVJcVJ2bW9GdDZqVzEzTHJyL054U1lZek14djgwYksyRzJ3V2hsdE50LzBsWTI5TDBQSWpmYnFmRzduQ2REak9FQTN2TkUydlRvOHhYOVkvUWxLd3FVZ0VDRVpqOG5ZWGJhK1k1R1c3Tll5TTRlNEx2UiszQT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4424b066a0c7334a029edd65eea685322336fbd0dc5dff7913ef4046eb4025ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4537
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=-Gl12nxvYmpObC9iSVFNdnVNT1VaT0poVzFZQmgwRHJrNDUyV0JzaVcwSktFWjNtMmZWNG5LUnFnRG93b1F2Q00rNnRGZFdJVHBsRXZGK1B0cmNZdDVvb3I5RlFyQXR5NEpJRVE5dHIxL2FvRVNXVmdsVEpPWFhQWE1JZWFEeDA2WjVHQUJaMTF1eXdYeG9pTGhsSDdhSTl0WGZlaEZpRVJmcHdwOC9hZlZjODlFUEQ2UG0xOXZIVDVZdDVJcVJ2bW9GdDZqVzEzTHJyL054U1lZek14djgwYksyRzJ3V2hsdE50LzBsWTI5TDBQSWpmYnFmRzduQ2REak9FQTN2TkUydlRvOHhYOVkvUWxLd3FVZ0VDRVpqOG5ZWGJhK1k1R1c3Tll5TTRlNEx2UiszQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1873
content-length
567
expires
0
sid
mug.criteo.com/ Frame 6EE0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=-_qfeHxPZS9hVEN5ZmpXSU1NZGF5OU80OEFRUVZBVmFhZnVxajIxekpRM1k1RFMwRjJyOG1LNVlrUEtDV2d6ampPaENHd0N5KzlGeDBYcWFndmczdndtanNSZy8yQ3VNNzRvSWtIekRydmpmdzJvbit0WkFmYlp3WXVYb0...
452 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-_qfeHxPZS9hVEN5ZmpXSU1NZGF5OU80OEFRUVZBVmFhZnVxajIxekpRM1k1RFMwRjJyOG1LNVlrUEtDV2d6ampPaENHd0N5KzlGeDBYcWFndmczdndtanNSZy8yQ3VNNzRvSWtIekRydmpmdzJvbit0WkFmYlp3WXVYb014bjhlbndGQU5SR05NM2xWYnJ2TDFVamhYZUJjZTc3Zkp5Z2VzajdIcys0NEZDRW9sMVVVSXNUVG9LN0JQM1EzWFpSVHhDNk1Lc08vRXFnUGljWUtmeWJ4ZWc4MnUwUitmR2o2UENHTUF6akdTb1IySTFSLzltVmtWNTViRkpheEduWTJROFFDNXUvWjV0cWRZbGVvTWhXYU9DbnlLZER2SUQ5K3JHN0RJSXlyQy9WcEhVdz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e1a05191fea65421cd32ba990be78639e183fdea2c975c9dd2d1282a99fff4b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3865
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=-_qfeHxPZS9hVEN5ZmpXSU1NZGF5OU80OEFRUVZBVmFhZnVxajIxekpRM1k1RFMwRjJyOG1LNVlrUEtDV2d6ampPaENHd0N5KzlGeDBYcWFndmczdndtanNSZy8yQ3VNNzRvSWtIekRydmpmdzJvbit0WkFmYlp3WXVYb014bjhlbndGQU5SR05NM2xWYnJ2TDFVamhYZUJjZTc3Zkp5Z2VzajdIcys0NEZDRW9sMVVVSXNUVG9LN0JQM1EzWFpSVHhDNk1Lc08vRXFnUGljWUtmeWJ4ZWc4MnUwUitmR2o2UENHTUF6akdTb1IySTFSLzltVmtWNTViRkpheEduWTJROFFDNXUvWjV0cWRZbGVvTWhXYU9DbnlLZER2SUQ5K3JHN0RJSXlyQy9WcEhVdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1564
content-length
567
expires
0
sid
mug.criteo.com/ Frame 10C2
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=sfgG5nxvakF0L3ZOaUFRbEduQ0VsMEkvVkFvQTJBMG5FQkIvR0ZWK0lkMDlnb0FUNldLajAzTmFDQnp3LzZJSjNyMTFzS1cxYkU5dTNjc05lNkNqVEprZk90cm43c21rTkNCNnNQODJrY0ZSV1JUejczVU9zdFovckM4en...
457 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=sfgG5nxvakF0L3ZOaUFRbEduQ0VsMEkvVkFvQTJBMG5FQkIvR0ZWK0lkMDlnb0FUNldLajAzTmFDQnp3LzZJSjNyMTFzS1cxYkU5dTNjc05lNkNqVEprZk90cm43c21rTkNCNnNQODJrY0ZSV1JUejczVU9zdFovckM4enBHZkExM3ZkSGdHM1J5c2JTZlJyb3ZEZWYyNnhtZnV1L05qMHlQMmRsM3U4c2Y5NzBkZlFvQlB0aHlqdFB0cmJaaVowSldrcTlSbU16Ykx3YWZnUXVrTWR3V2RrZ3UyV3pjcjdFRjlqNzVIeVM4Y3JxbjNBbjRaK3ViZUh0a2FlM1QyVWRONVE2bE1EcmRLcmtJL1pYTXNMRXc0U0Y2eWhMV2pBY09kMHdsQy9QYitSSEhUbz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7360bac4381b5aec661abc991c355ea84bc97b33a10dd8499856f206a648f913
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3390
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=sfgG5nxvakF0L3ZOaUFRbEduQ0VsMEkvVkFvQTJBMG5FQkIvR0ZWK0lkMDlnb0FUNldLajAzTmFDQnp3LzZJSjNyMTFzS1cxYkU5dTNjc05lNkNqVEprZk90cm43c21rTkNCNnNQODJrY0ZSV1JUejczVU9zdFovckM4enBHZkExM3ZkSGdHM1J5c2JTZlJyb3ZEZWYyNnhtZnV1L05qMHlQMmRsM3U4c2Y5NzBkZlFvQlB0aHlqdFB0cmJaaVowSldrcTlSbU16Ykx3YWZnUXVrTWR3V2RrZ3UyV3pjcjdFRjlqNzVIeVM4Y3JxbjNBbjRaK3ViZUh0a2FlM1QyVWRONVE2bE1EcmRLcmtJL1pYTXNMRXc0U0Y2eWhMV2pBY09kMHdsQy9QYitSSEhUbz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1619
content-length
567
expires
0
sid
mug.criteo.com/ Frame 77D9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=y8PqmnwxYndRUlhXd1ZPT2pzUXB1Nmw4VllMU1ZvdktSS0pEb2F0MCs4YXNiclRkNU9lZWxJc2xmeCtubWZ0Q3JzWnVSRzRZNHZUMkJmZTNrcFZnSXhmbk96SHpqWDU2UDljTnZXa2h1VC9zSUUwM2owV1pwd053L3dZVU...
449 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=y8PqmnwxYndRUlhXd1ZPT2pzUXB1Nmw4VllMU1ZvdktSS0pEb2F0MCs4YXNiclRkNU9lZWxJc2xmeCtubWZ0Q3JzWnVSRzRZNHZUMkJmZTNrcFZnSXhmbk96SHpqWDU2UDljTnZXa2h1VC9zSUUwM2owV1pwd053L3dZVUFBL0pCd1dQQWNuS0NMRGFhbkIyaTJuQXIxekhIMGE0MG9NakI5OFlkWXBzRmlUdFBRaXc0SnlDRkNoTzJEb3dkV2dTbzhOTVhLcGVPMExSYSsxeVd6d0lTb3FuOGEzK2sybXkwSTJDcHpMVG41a0lNYjVDMWNPQmE3SEoxbzk4eDRua2ZZVjYxTHFMUG9qQ2lTMnZYSnJHcGxEL29ZbGtLTzFpd0szeFRrYk05d2YrZUJLTT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
fcfd604ea050e592eed00321c909b458706a39be6a48fdc75a78c694451f4ccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4053
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=y8PqmnwxYndRUlhXd1ZPT2pzUXB1Nmw4VllMU1ZvdktSS0pEb2F0MCs4YXNiclRkNU9lZWxJc2xmeCtubWZ0Q3JzWnVSRzRZNHZUMkJmZTNrcFZnSXhmbk96SHpqWDU2UDljTnZXa2h1VC9zSUUwM2owV1pwd053L3dZVUFBL0pCd1dQQWNuS0NMRGFhbkIyaTJuQXIxekhIMGE0MG9NakI5OFlkWXBzRmlUdFBRaXc0SnlDRkNoTzJEb3dkV2dTbzhOTVhLcGVPMExSYSsxeVd6d0lTb3FuOGEzK2sybXkwSTJDcHpMVG41a0lNYjVDMWNPQmE3SEoxbzk4eDRua2ZZVjYxTHFMUG9qQ2lTMnZYSnJHcGxEL29ZbGtLTzFpd0szeFRrYk05d2YrZUJLTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1815
content-length
567
expires
0
syncframe
gum.criteo.com/ Frame 23AF 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:30 GMT
server-processing-duration-in-ticks
3220
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 5CC0 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:30 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:30 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame DBBD 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:30 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:30 GMT
syncframe
gum.criteo.com/ Frame 883F 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:29 GMT
server-processing-duration-in-ticks
4140
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame 47BB 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:29 GMT
server-processing-duration-in-ticks
3897
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 23AF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=vJWGrXxWWS9sdmM4NUJHNXN6cm5lWldTQWpwci8wS2F0QzdXQUd0OUxaOCtNdWdGU0k3N3JtUEdIQXJETi9Vem04WnFJRUcyNC9WeUpDaDU3Rld5UDlIWXdLWjFJbGFaTHE3UllXNXFzQXQrM0tKVHM2TGc2VnQwZExCRV...
455 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=vJWGrXxWWS9sdmM4NUJHNXN6cm5lWldTQWpwci8wS2F0QzdXQUd0OUxaOCtNdWdGU0k3N3JtUEdIQXJETi9Vem04WnFJRUcyNC9WeUpDaDU3Rld5UDlIWXdLWjFJbGFaTHE3UllXNXFzQXQrM0tKVHM2TGc2VnQwZExCRVhqd1JIYjhIZjFPUlAwUXFXc3BvVGlPU0w4U053VktEZmlzMzhYRmx6dENha1dsSkxTZEhYc3VZc280YVVKcHd6MTBaYXdDMXZLYVhJRHhjKzM0UWRkQVVEUlZob1pxTzlWWmZOWkJOa1gvVXlCaXA0S2U2dytSdkd1TG1odGh4M1l6VHRwMDhnZkFPT1VwWjYzc2JpZzU1RE9VTkJFTEcvZjRkb3VBd3czNXlSU2piLzg4cz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
493bb3ce14990cf373ee4ab299f3dfcf185a6c4b8068eeb108e95bc62e96d7fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:30 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4159
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=vJWGrXxWWS9sdmM4NUJHNXN6cm5lWldTQWpwci8wS2F0QzdXQUd0OUxaOCtNdWdGU0k3N3JtUEdIQXJETi9Vem04WnFJRUcyNC9WeUpDaDU3Rld5UDlIWXdLWjFJbGFaTHE3UllXNXFzQXQrM0tKVHM2TGc2VnQwZExCRVhqd1JIYjhIZjFPUlAwUXFXc3BvVGlPU0w4U053VktEZmlzMzhYRmx6dENha1dsSkxTZEhYc3VZc280YVVKcHd6MTBaYXdDMXZLYVhJRHhjKzM0UWRkQVVEUlZob1pxTzlWWmZOWkJOa1gvVXlCaXA0S2U2dytSdkd1TG1odGh4M1l6VHRwMDhnZkFPT1VwWjYzc2JpZzU1RE9VTkJFTEcvZjRkb3VBd3czNXlSU2piLzg4cz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1550
content-length
567
expires
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 4BCC 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:30 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:30 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 3DB4 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 15:45:30 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 May 2022 15:45:30 GMT
syncframe
gum.criteo.com/ Frame 7949 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:29 GMT
server-processing-duration-in-ticks
3618
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 883F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=nw-FJXxJclhGZFhGUDhUUFhZK0l1bmhFdVZ5OXY4TlVHZVVtbWlMQ3Rqb282dkE4QUhnM3JCYmExN0drOWpsRGE4dlNRYk11amQ1clhBZnByNFpqOXZ4YXljZFkzUXJqWDN6M0dZSGNLSS9LMW5IQldKbTBPb3QyUzdwNH...
454 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nw-FJXxJclhGZFhGUDhUUFhZK0l1bmhFdVZ5OXY4TlVHZVVtbWlMQ3Rqb282dkE4QUhnM3JCYmExN0drOWpsRGE4dlNRYk11amQ1clhBZnByNFpqOXZ4YXljZFkzUXJqWDN6M0dZSGNLSS9LMW5IQldKbTBPb3QyUzdwNHIxdmdtelV3NTFydVpwU2tjclU0ZVEvaWNWS2p6QmVLQWRXbzZkQi95ZUVYSzEwK1djemMxVlNKRFlaZmVqMFQ0ZFExamFzbHBBYlFteTFIdUtreWNqZE5Yc1NyWDQ5SlpjVW1rYTkwenVDc3AzVVdnQ2hTUmZLNjhzVVV5bmpxbFF5dzhNZHZBcUlJRisva1NldGZ6TEpVNkV3ZVI1ZDRMU0l2THhEam9qUXJCNWJhTVVhVT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7556004a1ae5bbbe6cd24f51e8ea5aeb371d47ea81d27c488849ef377bc0f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3905
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:30 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=nw-FJXxJclhGZFhGUDhUUFhZK0l1bmhFdVZ5OXY4TlVHZVVtbWlMQ3Rqb282dkE4QUhnM3JCYmExN0drOWpsRGE4dlNRYk11amQ1clhBZnByNFpqOXZ4YXljZFkzUXJqWDN6M0dZSGNLSS9LMW5IQldKbTBPb3QyUzdwNHIxdmdtelV3NTFydVpwU2tjclU0ZVEvaWNWS2p6QmVLQWRXbzZkQi95ZUVYSzEwK1djemMxVlNKRFlaZmVqMFQ0ZFExamFzbHBBYlFteTFIdUtreWNqZE5Yc1NyWDQ5SlpjVW1rYTkwenVDc3AzVVdnQ2hTUmZLNjhzVVV5bmpxbFF5dzhNZHZBcUlJRisva1NldGZ6TEpVNkV3ZVI1ZDRMU0l2THhEam9qUXJCNWJhTVVhVT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1168
content-length
567
expires
0
syncframe
gum.criteo.com/ Frame CF34 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:29 GMT
server-processing-duration-in-ticks
4420
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 47BB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=ophcoHxKcTZzT0xZcHIrSWRBMnliYWZtMWthOVh2Q0Z2UkpnYVg0WnYwV2txSHJoWTcvbERHeEtjbGpGbWZyazhTUlZMZHpjU1lERTlBNVZkeGdBSnFkbzFienhUSWJKODBzSEVmTGZRcU5EaDVHeCtwN0o5SDZTRDZ1Zl...
449 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ophcoHxKcTZzT0xZcHIrSWRBMnliYWZtMWthOVh2Q0Z2UkpnYVg0WnYwV2txSHJoWTcvbERHeEtjbGpGbWZyazhTUlZMZHpjU1lERTlBNVZkeGdBSnFkbzFienhUSWJKODBzSEVmTGZRcU5EaDVHeCtwN0o5SDZTRDZ1ZlBMb1dYanlzNWJHVXo1QUgxaUlyWXM3MU10eFdRVG96Q1NnM1ExOHRaTzNyd25weG9BeXZrM1M2d0kyMWJHcW94QXVHOE9UQkU2VllpRmNaZy96TWxnQTJUWDllNGlDdDZGTzYzYmhZSDJyOTBkSXhvN0pVMFlFV20vOW9yQlc3b0pzTVl2ZzZDYVZQSzFYVm0yekoxTG5WNjNPeVlMSmVWZFgwMGhrWlVGNW5VUnh0ekQwQT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e96448a9787e47bbf404be2b8cf53e152983bd3ef624ebc44ececfbd7eee35fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3987
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:30 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=ophcoHxKcTZzT0xZcHIrSWRBMnliYWZtMWthOVh2Q0Z2UkpnYVg0WnYwV2txSHJoWTcvbERHeEtjbGpGbWZyazhTUlZMZHpjU1lERTlBNVZkeGdBSnFkbzFienhUSWJKODBzSEVmTGZRcU5EaDVHeCtwN0o5SDZTRDZ1ZlBMb1dYanlzNWJHVXo1QUgxaUlyWXM3MU10eFdRVG96Q1NnM1ExOHRaTzNyd25weG9BeXZrM1M2d0kyMWJHcW94QXVHOE9UQkU2VllpRmNaZy96TWxnQTJUWDllNGlDdDZGTzYzYmhZSDJyOTBkSXhvN0pVMFlFV20vOW9yQlc3b0pzTVl2ZzZDYVZQSzFYVm0yekoxTG5WNjNPeVlMSmVWZFgwMGhrWlVGNW5VUnh0ekQwQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1464
content-length
567
expires
0
syncframe
gum.criteo.com/ Frame 6D46 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:29 GMT
server-processing-duration-in-ticks
3429
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 7949
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=NVWBB3xWTHNOWGNobXhPd3cxcmRDTDVTOExLMVhCenUvamx6eGMvNGVvcThMS1NJNGVHNldCak93ZXhDaGFmNW1mSk9zOXVFa2xRUklZL0pxWHU4SWd4d3hNZXBEcEpuczdjTUVOd0VPL3V2NVVENE9hZk1sa204dU1MZX...
443 B
641 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=NVWBB3xWTHNOWGNobXhPd3cxcmRDTDVTOExLMVhCenUvamx6eGMvNGVvcThMS1NJNGVHNldCak93ZXhDaGFmNW1mSk9zOXVFa2xRUklZL0pxWHU4SWd4d3hNZXBEcEpuczdjTUVOd0VPL3V2NVVENE9hZk1sa204dU1MZXVYZ00wQkVtK3RWTlk2Q1FKdzRLSm9JTEpXRzJNSE16a3VMdlIzV1pxYlJHNmpPMmZUQS9lSEI0K2xBVnJTdVRqbzAxUDBueTlVL1Y0NWJydlQyMlpKNmcvVkcwTll6NVozRjNFQThkTytjcHZwbERHcEhiQ1RGTWN4NTdtbW9VQVJaRVNQTTJ3Znk4WXhiQ1lvZ1dXMzBPUDhpZHBhcE9tZWZpRWRWZXN4NUkrb21uQTNxdz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
77cdfc33bb0a384a716af7aebc16370bee38aa63ce670afbe61a9a3812193627
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:30 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3537
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=NVWBB3xWTHNOWGNobXhPd3cxcmRDTDVTOExLMVhCenUvamx6eGMvNGVvcThMS1NJNGVHNldCak93ZXhDaGFmNW1mSk9zOXVFa2xRUklZL0pxWHU4SWd4d3hNZXBEcEpuczdjTUVOd0VPL3V2NVVENE9hZk1sa204dU1MZXVYZ00wQkVtK3RWTlk2Q1FKdzRLSm9JTEpXRzJNSE16a3VMdlIzV1pxYlJHNmpPMmZUQS9lSEI0K2xBVnJTdVRqbzAxUDBueTlVL1Y0NWJydlQyMlpKNmcvVkcwTll6NVozRjNFQThkTytjcHZwbERHcEhiQ1RGTWN4NTdtbW9VQVJaRVNQTTJ3Znk4WXhiQ1lvZ1dXMzBPUDhpZHBhcE9tZWZpRWRWZXN4NUkrb21uQTNxdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1487
content-length
567
expires
0
syncframe
gum.criteo.com/ Frame 633C 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 May 2022 15:45:30 GMT
server-processing-duration-in-ticks
3413
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame CF34
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=2&topUrl=ua.korrespondent.net&bundle=vUMZTV9ub2dZZUJOU24wMXNWS3R4eUVyNFNCNVJ3QU9NZ3JXbU55V2dhZ1UxbTBNd...
  • https://mug.criteo.com/sid?cpp=dFPonHxsMUhhOTNxb3p4cGM2VmxWZllNMVREcVVVYW9zZkpWVnlycng3TVhDWVJCS0RzL2NZY3YxMGtUakp4Rk1GNTBvaHFoSURvYUlZMlVEVzhvT1B3RmJQRnlPMTBYeDhFUjcySjU1OTdzSnpzUnFhZXFqZnFWUVIvVG...
471 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=dFPonHxsMUhhOTNxb3p4cGM2VmxWZllNMVREcVVVYW9zZkpWVnlycng3TVhDWVJCS0RzL2NZY3YxMGtUakp4Rk1GNTBvaHFoSURvYUlZMlVEVzhvT1B3RmJQRnlPMTBYeDhFUjcySjU1OTdzSnpzUnFhZXFqZnFWUVIvVGxQRys3aDkyVnpTSWpaN2MxV2dhNnJPSXRSVTdwZWpUMGpUWlM0UFNMNzBqTjM4QXJTZjAwd3NxT2hMMmVNMDFzVmRyMjZNK2h4Sk85ZmVOUndLaUdxTXFRSjErZWc3ZWNTQ2lmTncxQ0M4MzZlTm1UbmNFYTZjS21LRmNZeHJ3cGsrMGxvM0MzTEx6TFFGYjdwbU9lZ2xOVUlyUmdFaWdWYm5WRjR0VndBZFd0a1k4WmVpTy9QaVdXN3pmSGtLZ0dVS2kyVXZZWnw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6056aa1718fa608adc4dc72b73adef9c61d0cccd5863a02a908157d91f5861dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3334
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=dFPonHxsMUhhOTNxb3p4cGM2VmxWZllNMVREcVVVYW9zZkpWVnlycng3TVhDWVJCS0RzL2NZY3YxMGtUakp4Rk1GNTBvaHFoSURvYUlZMlVEVzhvT1B3RmJQRnlPMTBYeDhFUjcySjU1OTdzSnpzUnFhZXFqZnFWUVIvVGxQRys3aDkyVnpTSWpaN2MxV2dhNnJPSXRSVTdwZWpUMGpUWlM0UFNMNzBqTjM4QXJTZjAwd3NxT2hMMmVNMDFzVmRyMjZNK2h4Sk85ZmVOUndLaUdxTXFRSjErZWc3ZWNTQ2lmTncxQ0M4MzZlTm1UbmNFYTZjS21LRmNZeHJ3cGsrMGxvM0MzTEx6TFFGYjdwbU9lZ2xOVUlyUmdFaWdWYm5WRjR0VndBZFd0a1k4WmVpTy9QaVdXN3pmSGtLZ0dVS2kyVXZZWnw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1516
content-length
594
expires
0
sid
mug.criteo.com/ Frame 6D46
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=2&topUrl=ua.korrespondent.net&bundle=vUMZTV9ub2dZZUJOU24wMXNWS3R4eUVyNFNCNVJ3QU9NZ3JXbU55V2dhZ1UxbTBNd...
  • https://mug.criteo.com/sid?cpp=Qlkpy3xvOFBGSzlrWWpMc3YwS21OTjVtVlJvVkYxWXZ3RG9vVWNRUnZZdkRiSWlUdzh1dG9XSlkrZVIxalp1RHpreElKTTN1LzhQUmdSMGRWM3ZPeWRHeCtpSGhyNjdlaEJMM2xORmpXRDhPbkZTTC9NUEJpL01xcXcxQj...
452 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Qlkpy3xvOFBGSzlrWWpMc3YwS21OTjVtVlJvVkYxWXZ3RG9vVWNRUnZZdkRiSWlUdzh1dG9XSlkrZVIxalp1RHpreElKTTN1LzhQUmdSMGRWM3ZPeWRHeCtpSGhyNjdlaEJMM2xORmpXRDhPbkZTTC9NUEJpL01xcXcxQjlUK3p0UWZUQVJ5Q2RoRWFVbTQ3NThPWFdvb2JYSHZIMVF3RitPTnltV0E4QVd0Y284OGxpTWtKayt6eHhnam9RUHFIWG9BSHBMUTJXTTZuWGVReVZMSnRjWmJ3Zit2em1HUHY5eVkvUUZEbGpWcitqeHdkcWN0S2ZtWk1RU25GZnlUVXhNTVAxVFNKMmpReWRXOXpsN3V1azhMWkJCQUdUVHBZak83MGFXZFRoUUZVNWVhM1Vyd0x4a0hBaTFNR01CWldIT1dreHw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d637841a183e7c3aa31d5d7da97880fb94a3161bfcebd693a43b92920dbb8b3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:30 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4437
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=Qlkpy3xvOFBGSzlrWWpMc3YwS21OTjVtVlJvVkYxWXZ3RG9vVWNRUnZZdkRiSWlUdzh1dG9XSlkrZVIxalp1RHpreElKTTN1LzhQUmdSMGRWM3ZPeWRHeCtpSGhyNjdlaEJMM2xORmpXRDhPbkZTTC9NUEJpL01xcXcxQjlUK3p0UWZUQVJ5Q2RoRWFVbTQ3NThPWFdvb2JYSHZIMVF3RitPTnltV0E4QVd0Y284OGxpTWtKayt6eHhnam9RUHFIWG9BSHBMUTJXTTZuWGVReVZMSnRjWmJ3Zit2em1HUHY5eVkvUUZEbGpWcitqeHdkcWN0S2ZtWk1RU25GZnlUVXhNTVAxVFNKMmpReWRXOXpsN3V1azhMWkJCQUdUVHBZak83MGFXZFRoUUZVNWVhM1Vyd0x4a0hBaTFNR01CWldIT1dreHw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2270
content-length
594
expires
0
postback
s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/ Frame 1306 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.58.0/619621/AUVLBmgFEeO_DMnU/postback?ap=&sr=13&dm=300x250&c1=4562312&pp=10264&si=5614020&ac=651871&ci=619621&ui=78d00aa7-9d48-66cd-0000-000000000000&ti=6288863528235289568&r2=&r3=&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fua.korrespondent.net%2F&pv=0eaeb631-9796-443e-a6d7-bb939c981128&de=43003&cr=6622395&ai=216536&r1=146.70.117.0&sid=AUVLBmgFEeO_DMnU&oz_sc=8bb5b0b27d5809294117aec8&oz_df=1652802330289&oz_l=402&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.58.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 17 May 2022 15:45:30 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sid
mug.criteo.com/ Frame 633C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=2&topUrl=ua.korrespondent.net&bundle=vUMZTV9ub2dZZUJOU24wMXNWS3R4eUVyNFNCNVJ3QU9NZ3JXbU55V2dhZ1UxbTBNd...
  • https://mug.criteo.com/sid?cpp=BIPoI3wrL1dPK1pVN1psZitNK1NxeGlwaVBOUkJVKzg3WVFjN1hva0ZCaGlHaFl2QU5KTWxOVXdNTVhrSUJ3UGhyOGdndk9INHpDUXRkV2VHNHpRNUpIVTFnM0NxU2o3WW9GZS90Vkdlcm1MMVZEZlRJMEsrSUpQRHhLNj...
455 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=BIPoI3wrL1dPK1pVN1psZitNK1NxeGlwaVBOUkJVKzg3WVFjN1hva0ZCaGlHaFl2QU5KTWxOVXdNTVhrSUJ3UGhyOGdndk9INHpDUXRkV2VHNHpRNUpIVTFnM0NxU2o3WW9GZS90Vkdlcm1MMVZEZlRJMEsrSUpQRHhLNjhzYlBsWHZ4ZEtmdi9uWTlkWE9KTlhzRDlqcVpPRzR5R1NLRlVacE83dXJVNTNtQWxZZEVQb0R1NUFoQjNGdldGSGdvb3NlQk8vTUZxYmZCMzJtaXg4VWtXNWg0cTN2WE1EMUNEQk9CZ091SXFNN1N2QlR4eU1vYUJDajhGaytRTEY5QnJIejhoVmxCY0VnNEJDWFRhMHVxbGhWWGJSRWJTK055Y0N5bVBLZ0FiRWEyb0IyanY0Z1pybGc3WUhwSEZiUkFkUEF5MXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d7aba018e145b6d46cc80c7de50acc0120c6160b064fd01a0d26798657103a09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3285
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 17 May 2022 15:45:29 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=BIPoI3wrL1dPK1pVN1psZitNK1NxeGlwaVBOUkJVKzg3WVFjN1hva0ZCaGlHaFl2QU5KTWxOVXdNTVhrSUJ3UGhyOGdndk9INHpDUXRkV2VHNHpRNUpIVTFnM0NxU2o3WW9GZS90Vkdlcm1MMVZEZlRJMEsrSUpQRHhLNjhzYlBsWHZ4ZEtmdi9uWTlkWE9KTlhzRDlqcVpPRzR5R1NLRlVacE83dXJVNTNtQWxZZEVQb0R1NUFoQjNGdldGSGdvb3NlQk8vTUZxYmZCMzJtaXg4VWtXNWg0cTN2WE1EMUNEQk9CZ091SXFNN1N2QlR4eU1vYUJDajhGaytRTEY5QnJIejhoVmxCY0VnNEJDWFRhMHVxbGhWWGJSRWJTK055Y0N5bVBLZ0FiRWEyb0IyanY0Z1pybGc3WUhwSEZiUkFkUEF5MXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1612
content-length
594
expires
0
events
bidder.criteo.com/csm/ Frame DBBD 		0
215 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 17 May 2022 15:45:29 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.outstream.today
URL
https://ad.outstream.today/delivery/sync?userid=ca49a378-5442-4763-8228-9207153d0f0f&inner_redirect=1&inner_uuid=4dc5fc1e-c63d-45de-99c8-8dd4845a7fda&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw==
Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbxx?pid=266&go=244276&m=&google_gid=CAESEMrpckr889aQ5AvYXdus6ks&google_cver=1
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| gtag object| dataLayer object| Domain object| korr function| $ function| jQuery function| movePremiumBeforeTagOnMobile function| changeClass1 function| changeClass2 function| foundMistake function| FormDefaultButton object| jQuery191013709773478723974 object| selection number| H_DEV object| holderPlaces function| holder function| loadWeather function| FixScript1055 function| ajaxNews1055 undefined| rubrics undefined| href string| iS object| iD string| iT string| iH number| iI function| ABNS string| ABNSh object| ABNSl object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| setUMHBibbCode function| loadUMHBranding function| admixerLisBrndMsg function| runZoneJS object| UMH function| ABN object| pr number| pos string| k number| v object| e object| b object| regeneratorRuntime object| mwayss function| UserNotification function| loginWithFB function| ShowHiddenTop object| mql function| changeposition function| ShowHidden function| SetLocalStorage function| ajaxNews1064 string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| __CF$cv$params function| _jqjsp object| adsbygoogle boolean| admixerLisBrndMsgSet object| globalAmlAds object| googletag object| timeout object| gemius_cmpclient object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt object| s object| p object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad function| setImmediate function| clearImmediate function| Achernar object| pbjsChunk object| pbjs object| _pbjsGlobals object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| gemius_gsconf function| Swiper object| hb_dmx_res number| tns_already object| tnscm_adn string| tnscm_pak object| cm_events function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| idCoreOnReady function| tnsOnStatResult object| IDCore object| __cm function| html2canvas function| _open function| CrossDomainStorage object| GoogleGcLKhOms object| adpnExecutions object| aliveChecks boolean| adpnLoaded object| google_image_requests object| criteo_syncframe_state

185 Cookies

Domain/Path Name / Value
.korrespondent.net/ Name: dcw
Value: 44
.korrespondent.net/ Name: _ga
Value: GA1.2.590111183.1652802316
.korrespondent.net/ Name: _gid
Value: GA1.2.2060306892.1652802316
.korrespondent.net/ Name: _gat_gtag_UA_1609229_9
Value: 1
.cdn.umh.ua/ Name: AU
Value: e59700ae64819646
.i.ua/ Name: __cf_bm
Value: wCNr_gZISLYkMyaF24scp95jRVEnwkyA.1.MR8oTG2I-1652802316-0-AZ+9kKuAAanfzkrmlzF+IGL6DRDQQ9ha6yWDYG1CbuVv0l3syxsK29diT05D/6g+GXOdA4hGnkwWIUMUg5CYc3Y=
.ua.korrespondent.net/ Name: _ga
Value: GA1.3.590111183.1652802316
.ua.korrespondent.net/ Name: _gid
Value: GA1.3.2060306892.1652802316
.ua.korrespondent.net/ Name: _dc_gtm_UA-1609229-30
Value: 1
ad.mox.tv/ Name: moxuuid
Value: 4dc5fc1e-c63d-45de-99c8-8dd4845a7fda
ad.mox.tv/ Name: _mwayss_zone_imp[1554][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[1554][frequencyPeriodEnd]
Value: 1652888716
ad.mox.tv/ Name: _mwayss_imp[15493][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15493][frequencyPeriodEnd]
Value: 1652888716
ad.mox.tv/ Name: _mwayss_camp_imp[4849][frequencyPeriodEnd]
Value: 1652888716
ad.mox.tv/ Name: _mwayss_imp[15495][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15495][frequencyPeriodEnd]
Value: 1652888716
ad.mox.tv/ Name: _mwayss_camp_imp[2822][frequencyPeriodEnd]
Value: 1652888716
ad.mox.tv/ Name: _mwayss_imp[12260][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[12260][frequencyPeriodEnd]
Value: 1652888716
ad.mox.tv/ Name: _mwayss_camp_imp[1946][frequencyPeriodEnd]
Value: 1652888716
ua.korrespondent.net/ Name:
Value: store.test
.quantserve.com/ Name: mc
Value: 6283c30c-82504-88ce9-fe28d
.korrespondent.net/ Name: __gfp_64b
Value: J4cl7T2tpccWLrHwPF5JNK1zJS9L8K0KKQnEIo0GevT.A7|1652802316
.korrespondent.net/ Name: __cf_bm
Value: WPVOv.a4dUjRuKWxQV3VI.txq06XJH0swZK.2TRTLsw-1652802316-0-ARA3rT1Hp3bHutE5uXkM31c1jndmAGKuo1ri8VosJgEB+dwdF66tC1BGU8Ya7Ev8gEnW6j8j5zVojKB0zbWwQHZTn1dPAt7X2P/DlBHYkICPynuY+xhuZaKJds2LpmZnPFLDsp+pROIw1eW8SqN/KJVd2IaztYktxFftOAf0d+TM
.bidswitch.net/ Name: tuuid
Value: ca49a378-5442-4763-8228-9207153d0f0f
.bidswitch.net/ Name: c
Value: 1652802316
.bidswitch.net/ Name: tuuid_lu
Value: 1652802316
.hit.gemius.pl/ Name: Gtest
Value: KlxryRXGQMQG-RQZy5MlkHGissGMXP8c25nSGFVszGLBXBG.
.hit.gemius.pl/ Name: Gdyn
Value: Klx7TMXGQMQG-RQZy5MlkHGissGMXP8c25nSGFVszGLBFRxSG7RrGS6GrgEBFlM1YH8PlexaG0F6Sssa
.admixer.net/ Name: am-uid
Value: c9b047619ee64f96964eee1b07fb77a0
ua.korrespondent.net/ Name: am-uid
Value: c9b047619ee64f96964eee1b07fb77a0
ad.mox.tv/ Name: _mwayss_zone_imp[6798][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15627][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15627][frequencyPeriodEnd]
Value: 1652888717
ad.mox.tv/ Name: _mwayss_camp_imp[3084][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[3084][frequencyPeriodEnd]
Value: 1652888717
ad.mox.tv/ Name: _mwayss_imp[15390][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15390][frequencyPeriodEnd]
Value: 1652888717
ad.mox.tv/ Name: _mwayss_camp_imp[4849][count]
Value: 1
ad.mox.tv/ Name: _mwayss_imp[15656][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15656][frequencyPeriodEnd]
Value: 1652888717
ad.mox.tv/ Name: _mwayss_camp_imp[2822][count]
Value: 1
ad.mox.tv/ Name: _mwayss_imp[15650][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15650][frequencyPeriodEnd]
Value: 1652888717
ad.mox.tv/ Name: _mwayss_camp_imp[2821][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[2821][frequencyPeriodEnd]
Value: 1652888717
ad.mox.tv/ Name: _mwayss_imp[15725][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15725][frequencyPeriodEnd]
Value: 1652888717
ad.mox.tv/ Name: _mwayss_camp_imp[1946][count]
Value: 1
ad.mox.tv/ Name: _mwayss_imp[14085][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[14085][frequencyPeriodEnd]
Value: 1652888717
ad.mox.tv/ Name: _mwayss_camp_imp[4140][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4140][frequencyPeriodEnd]
Value: 1653666317
ad.mox.tv/ Name: _mwayss_imp[14277][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[14277][frequencyPeriodEnd]
Value: 1652888717
ad.mox.tv/ Name: _mwayss_imp[15719][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15719][frequencyPeriodEnd]
Value: 1652888717
ad.mox.tv/ Name: _mwayss_camp_imp[4599][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4599][frequencyPeriodEnd]
Value: 1652888717
ad.mox.tv/ Name: _mwayss_zone_imp[6798][frequencyPeriodEnd]
Value: 1652888717
.yahoo.com/ Name: A3
Value: d=AQABBA3Dg2ICECUgJE1gTcfINamDld7O2A0FEgEBAQEUhWKNYgAAAAAA_eMAAA&S=AQAAAii_a5Ro5kclJ3RwsPu5Ykc
.mathtag.com/ Name: uuid
Value: 08ac6283-c30c-4700-ad53-d22713a8b510
.adnxs.com/ Name: uuid2
Value: 7526226888202003154
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1274270525133315898
.onetag-sys.com/ Name: OTP
Value: -5qdNVWl0Xk8OOV_4m5rCW5SBrgaXXniteJKEIDhqlI
.doubleclick.net/ Name: IDE
Value: AHWqTUlNaebxmAGVdubHBLWf7kfjwq04OKRjogpq1cTGgwo2zvAFx26PU6_moT65Ypc
ad.mox.tv/ Name: bdswtch_sync
Value: ca49a378-5442-4763-8228-9207153d0f0f
prebid.a-mo.net/ Name: __amc
Value: 1_1652802317_1652802317
ua.korrespondent.net/ Name: user_hash
Value: YlR5cGU9Q2hyb21lJmJWZXJzaW9uPTEwMSZyV2lkdGg9MTIwMCZySGVpZ2h0PTE2MDA=
ua.korrespondent.net/ Name: initRef
Value:
ad.mediawayss.com/ Name: bdswtch_sync
Value: ca49a378-5442-4763-8228-9207153d0f0f
ad.mediawayss.com/ Name: moxuuid
Value: 4dc5fc1e-c63d-45de-99c8-8dd4845a7fda
.casalemedia.com/ Name: CMPS
Value: 3171
.yandex.ru/ Name: i
Value: 7qHl3KH9E6GYOaJkw2K+NAqzD+WOf5oA7CEd8caXJNiNLyuvNr1dx8UWuJEgSMUFsls+stsA3u6MQxLV1yESJC/OQ10=
.spotxchange.com/ Name: audience
Value: 59eb8bc5-d5f8-11ec-9efa-1e1d47870506
.casalemedia.com/ Name: CMID
Value: YoPDDVm4dy03i1pX65qZQwAA
.advertising.com/ Name: APID
Value: UP59f078a7-d5f8-11ec-b16c-02080fde3794
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mail.ru/ Name: FTID
Value: 2IHdLL2jrVIA:1652802317:0:::
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%<FERy>!@wnfH8K6pQK`!5=E<*L5?%M-^P8=^4]MELdYpR]iT@?o/?%r]A1r'+MlZ^N9RFMZ9T5_m!x(E/)_P.U
.casalemedia.com/ Name: CMPRO
Value: 1144
.korrespondent.net/ Name: _ym_uid
Value: 1652802318158155463
.korrespondent.net/ Name: _ym_d
Value: 1652802318
.korrespondent.net/ Name: tmr_reqNum
Value: 0
.korrespondent.net/ Name: tmr_lvid
Value: 6faad76f8cdde686169ec95815156b77
.korrespondent.net/ Name: tmr_lvidTS
Value: 1652802318118
.yandex.com/ Name: yandexuid
Value: 2437076411652802318
.yandex.com/ Name: yuidss
Value: 2437076411652802318
mc.yandex.com/ Name: yabs-sid
Value: 2013101941652802318
.yandex.com/ Name: i
Value: zriWFEwGHewo0EjXImTPGLe+XImjTF0wdgBMqNpDzHh17mR3YjtXvSbV/o24XcxA4mfsYws2yMrxx52A35v/YfG+L5g=
.yandex.com/ Name: ymex
Value: 1684338318.yrts.1652802318#1684338318.yrtsi.1652802318
.rlcdn.com/ Name: rlas3
Value: 6X0kmbi0wdMcNR6Hr9LaeN/HdWbgmN8JXAaWvsqvOTw=
.3lift.com/ Name: tluid
Value: 2790696890853775468636
.adfarm1.adition.com/ Name: UserID1
Value: 7098731902568691861
.w55c.net/ Name: wfivefivec
Value: p7KwXlvZ1NQZnU5
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.rlcdn.com/ Name: pxrc
Value: CI6Gj5QGEgUI6AcQABIGCOndKhAA
.w55c.net/ Name: matchgoogle
Value: 5
.korrespondent.net/ Name: _ym_isad
Value: 2
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjc2MjY0NDY0NzUwNTE0NjEyMBfiM9QNTc52Nk-KjC8MSTOT4jU0MzWyMAAqtDAyNQAAlDR5qDQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjc2MjY0NDY0NzUwNTE0NjEyMBfiM9QNTc52Nk-KjC8MSTMDANEfbCklAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAOOSMXR2dA12DfBIN0j19fSN8DbyqiooDTMrDwgw8wUAGEGhEx4AAAA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2AC89880-5EFA-4E07-B752-B8F354D0EF67
.innovid.com/ Name: uuid
Value: 0a7ec613-0d93-4829-b0ba-26b656acd063-20220517 11:45:18
.yandex.ru/ Name: yandexuid
Value: 1159593071652802318
.rutarget.ru/ Name: userId
Value: hDTyAz_OdB2f
.otm-r.com/ Name: mpid
Value: NjI4M2MzMGUxMWM1YzdiZg==
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 2e77eea3-1c72-5289-8c89-033fee0ac031
.betweendigital.com/ Name: ut
Value: YoPDDgAL2yjH_36GcxXcHHIb7Ze7gIc1LZmv4A==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.korrespondent.net/ Name: __gads
Value: ID=b0151d092b68d7a9:T=1652802316:S=ALNI_MamwyTwnoVjZgP7AtBrIpaADixf-A
.rubiconproject.com/ Name: khaos
Value: L3ABTRSW-O-AHZG
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/Ehku9BmurYmWfsKGGM1eolu5vVtDhgOVUPmRNeXP/he0blZFBVGG8x3LvUXc3wL4Jyp/4cE1c81ZQ7DMcu1h88EaVlRwbFEgPfQD5U7tEfUTQ==
.adnxs.com/ Name: icu
Value: ChgI4ZVvEAoYAyADKAMwkIaPlAY4A0ADSAMQkIaPlAYYAg..
.analytics.yahoo.com/ Name: IDSYNC
Value: "194o~24xr:1762~24xr:18yx~24xr:18yl~24xr"
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 1ad28e168b76d2b5
.criteo.com/ Name: uid
Value: 03705de7-9c7b-4827-8ac6-c8056c6e254b
.sxp.smartclip.net/ Name: uuid
Value: 3cee0675-10c3-8362-7774-113b1cb87002
ads.smartstream.tv/ Name: DID
Value: 89fdb0afdb09333069244c7a665ea9ef
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.sxp.smartclip.net/ Name: dspuuid
Value: 10.CAESEOmQ3t_9DQGwNr9C0EwHADY
.sxp.smartclip.net/ Name: psyn
Value: 19129.10
.lijit.com/ Name: ljt_reader
Value: EqARuDZHEpi8EG25QPicow2l
ads.stickyadstv.com/ Name: UID
Value: b4df9751d4b590841b13c7f9c09139e
ads.stickyadstv.com/ Name: sessionId
Value: a3ba6c799fa24fb3daa3a186eca03b
cm.adsafety.net/ Name: UID
Value: CM12022051715487de6820c215a5e0ef
.adsafety.net/ Name: cm_uid
Value: CM12022051715487de6820c215a5e0ef
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvdi93blFNSGxMRUFKaituajREa2Rya0pjZEJpMk1kOUg2NmMxZmdIVUpseUJ3WXppU2hxelNIV1VYY2xkeTJCbjRXMDhpNHVEWVdRVUxGVGU0VmJQVHh6OEJsNTNNampMaEx2ZnJRbGFWenliaENiclpyOWliU1BycXQrZTVPa3U5aTY4ZWxxbmNwcmlreTNYZ1pObmZsU1IxN1Y3cFVCUVFzRUVQN3IyQ0p4NWE3RlBISDNMdTVQWkxla3FxVjRhZXpteG91OE9jQTc2ZHhDNUV3WmQzV3RFV1pFcVhNMklHWWxQbllyRkVrdlVuc2hZRlluRXVodnRuMm5tYy9WRDVCam94SzFRYitTRlN5dlVyMEJhdUptTTBKbiswU1ErQ0t6bXpQUUFOWHNOeE0xU2Z0OWRvbjRJc014SFpmM0hnPT0%3D
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGiizcAg4IasV3_AgUBao2I&KRTB&16514-CAESEGiizcAg4IasV3_AgUBao2I&KRTB&23025-CAESEGiizcAg4IasV3_AgUBao2I
.pubmatic.com/ Name: PugT
Value: 1652802320
.demdex.net/ Name: demdex
Value: 30582156169531413172410332060657136383
.360yield.com/ Name: tuuid_lu
Value: 1652802320
.pubmatic.com/ Name: PUBMDCID
Value: 3
.bluekai.com/ Name: bkdc
Value: phx
.360yield.com/ Name: tuuid
Value: 929217fd-dadc-427a-8699-e48cc379f15a
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESENVvHjSZYY70M3Y8l06N0eA
.krxd.net/ Name: _kuid_
Value: O189C1m5
.dpm.demdex.net/ Name: dpm
Value: 30582156169531413172410332060657136383
.bluekai.com/ Name: bkpa
Value: KJpEnXTLu5DlLgxy+121LPPnpX2wp6ZBEyK07HN5QNl5xL6B60vzLFlzy2B0zAh0U//zX600Rz3u0Nvnq96OT5zVxx==
.bluekai.com/ Name: bku
Value: oxL99OeeQtvnLFyk
.360yield.com/ Name: um
Value: !55,qbBubNT7-4p6vWHhFvwyTR.QYghd19fG.ypfTeQx.td8sYa2gsTipv4=,1660578320
.360yield.com/ Name: umeh
Value: !55,0,1715010320,-1
.exelator.com/ Name: EE
Value: "37df350de3875c853dc58ac064e3e704"
.fwmrm.net/ Name: _uid
Value: "l0fb2_7098731915447990598"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHYPCXN2NQgJdXYwtw02cLUOCXZ1CIx2cDMJNU41dzAZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAcEl%252BUWb6InenxUUpaQyLSopPBR%252FIjAQAlQQp6g%253D%253D"
ua.korrespondent.net/ Name: tmr_detect
Value: 0%7C1652802321223
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: a027fd4d73a6aabb
ads.stickyadstv.com/ Name: uid-bp-36033
Value: l0fb2_7098731915447990598
ads.stickyadstv.com/ Name: MRM_UID
Value: l0fb2_7098731915447990598
.de17a.com/ Name: guid2
Value: 1.2566544701116057248
.tribalfusion.com/ Name: ANON_ID
Value: aknseFtlix88qyTAZbCqykGcSZbLn9KCd03NbHS1FHZd0cKnPsOsRrqqFXLvDwC8eK9feVgyHMIcmVdY7ZbsxLt2
.quantserve.com/ Name: d
Value: EC8BEAGUJoEK_fsQ
.w55c.net/ Name: matchcasale
Value: 5
.turn.com/ Name: uid
Value: 3189956170256689172
.owneriq.net/ Name: p2
Value: cc
.owneriq.net/ Name: si
Value: Q7060887241937922929
.ctnsnet.com/ Name: cid_8954e4f5923044879397095149e9a268
Value: 1
ads.stickyadstv.com/ Name: uid-bp-34673
Value: YoPDDVm4dy03i1pX65qZQwAA&1144
.acuityplatform.com/ Name: auid
Value: 669950356569
.simpli.fi/ Name: suid
Value: FE2CFAF00B134F92AB8444DDED102AD9
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YoPDFAACB5VL6gA2
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBQDRWIE6CmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUA0ViBOgo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAOOSMXR2dA12DfBIN0j19fSN8DbyqiooDTMrDwgw8w3iNTQzNbIwMDI2tDAyNXjFiMr_heAbmVhamAIAtYYuC00AAAA
.korrespondent.net/ Name: cto_bundle
Value: jhK8B19CRnA4ZG9RN1c4aUpBbVlBZ3lIb0xIS01lNzdoaTVsdVU5YlByd09MN1MlMkI0MnEyaGFWRFRaNFM2bEl0bzhSTEdUNzhVVEd6bnBNcmJwdTZ1S3Rib1Y5VSUyQnFNTldzSm1XZEVzTFZtVEFDenVsbk1qcmVta0ZvU0JLeDE2SEdvaXRnNzJHeXE1YzRlTTQ0eVNGTUhsMzB1N0ElMkZMa1c4SVNuRTklMkY1OUtwNEszMCUzRA
.casalemedia.com/ Name: CMST
Value: YoPDDWKDwxUA
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&970b988a-5d81-408f-8d93-0b760ae27cba"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTI4MDIzMjQ7MjswMjEqG0TZz/hSpeHQL3jauubkHvxz5zX0KJ/qTCvICr50hw==
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2726:u=1:x=1:i=1652802324:t=1652888724:v=2:sig=AQH-k4HqYh7ry5wtg0DsjThwUe5fBqhN"
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 8221c1bc-a49d-4ff1-b49e-221b3f7eac16
beacon.lynx.cognitivlabs.com/ Name: ss
Value: m7nNAd3lY6lEgxp5MONf2ZE0N1zp0UjZmIB0OPkXqVK2SnGl%2F8ArFxg4bndar0sLH%2FO8vsGt0HrsFUJ7fDi2Wg%3D%3D
.company-target.com/ Name: tuuid
Value: 0e2a0e45-a4e5-42a2-8823-6ec61a2b86aa
.company-target.com/ Name: tuuid_lu
Value: 1652802325
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-cf0898ba-3781-40a4-4d14-38143d9ffc51.YvPqrYDz%2F5JXLCw1gSd4RptvL9NYE4Gd1az31bhFct0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AzwiYujeBQKRNFDgUPZ_8UZJGdVU.Nb3nXpF%2BwFe1nkoJ8w7iML7VNeX8jNAjun4kOdNVMP0
.amazon-adsystem.com/ Name: ad-id
Value: A49NyVcEtk2tjjpGNfdxSZ8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.eqads.com/ Name: EQUser
Value: UID=5d4267f8-3d86-43ab-bef7-fb89c73afa73
.casalemedia.com/ Name: CMRUM3
Value: 826283c314a8c0&2d6283c30e05a0CAESEHOzHwVPv1CLTPXettispnM&186283c31405a0&be6283c31405a0&406283c31405a0&bc6283c31405a00&f16283c31405a0&0d6283c31405a0&296283c31405a0&126283c31527600e2a0e45-a4e5-42a2-8823-6ec61a2b86aa&6d6283c31405a0&276283c3140b40&516283c31405a0&e66283c3142760&2f6283c3142760p7KwXlvZ1NQZnU5&416283c31405a0&586283c3152760YoPDFAACB5VL6gA2&286283c31527605d4267f8-3d86-43ab-bef7-fb89c73afa73&046283c31405a0&6f6283c31405a0&c46283c31405a0&bf6283c31405a0&7b6283c3152760Yg_L79gBSj9W0DNoCC8SEZJGdVU&496283c31405a0&b06283c31405a00&c36283c31405a00&2e6283c31405a0&116283c31405a0&1a6283c31405a0&ce6283c31405a0&9c6283c31405a00&986283c31527602640c686-b87d-4098-93d2-c06ec211384e&5a6283c31405a0&0a6283c31427600&336283c31405a0&396283c31527607323113175054134207&1f6283c31405a00&696283c31405a0&056283c31405a0&036283c315276008ac6283-c30c-4700-ad53-d22713a8b510

20 Console Messages

Source Level URL
Text
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6795&height=250&width=300&tld=korrespondent.net&ctype=iframe
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pixel.advertising.com/ups/57304/sync?_origin=1&redir=true
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pixel.advertising.com/ups/57304/sync?uid=CAESEEQwifTi-Ge8E79osgrOysY&_origin=1&google_cver=1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://global.ib-ibi.com/image.sbxx?pid=266&go=244276&m=&google_gid=CAESEMrpckr889aQ5AvYXdus6ks&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
worker error URL: blob:https://mediawoot.com/01c1e650-14b2-4e9c-9997-79ad2f77b910
Message:
Mixed Content: The page at 'blob:https://mediawoot.com/01c1e650-14b2-4e9c-9997-79ad2f77b910' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://mediawoot.com/01c1e650-14b2-4e9c-9997-79ad2f77b910
Message:
Mixed Content: The page at 'blob:https://mediawoot.com/01c1e650-14b2-4e9c-9997-79ad2f77b910' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://idsync.rlcdn.com/461886.gif?partner_uid=YoPDDVm4dy03i1pX65qZQwAA%261144&&gdpr_consent=&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.code.cotsta.ru
1f2e7.v.fwmrm.net
3262393d8824fac4ca60baed50c430f6.safeframe.googlesyndication.com
53c9010c079fbccb3d34bf67a3144106.safeframe.googlesyndication.com
a.cotsta.ru
a.rfihub.com
a.tribalfusion.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.360yield.com
ad.mail.ru
ad.mox.tv
ad.outstream.today
ad.sxp.smartclip.net
ad.turn.com
ad.yieldlab.net
ad4m.at
ade.googlesyndication.com
adpone-d.openx.net
ads.betweendigital.com
ads.smartstream.tv
ads.stickyadstv.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
adx.adform.net
ag.innovid.com
ams1-ib.adnxs.com
ap.lijit.com
b1sync.zemanta.com
bacc82f26ee0bd89c6d3f68b45a0fffd.safeframe.googlesyndication.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
beap-bc.yahoo.com
bgstats.mox.tv
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cb96c9e9812ef27242bd13711791acc7.safeframe.googlesyndication.com
cdn.admixer.net
cdn.adnxs.com
cdn.contentspread.net
cdn.js7k.com
cdn.jsdelivr.net
cdn.umh.ua
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.adsafety.net
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
csskor.ill.in.ua
csync.loopme.me
d.adroll.com
d5p.de17a.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
gaua.hit.gemius.pl
global.ib-ibi.com
google-sync.rutarget.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
h.holder.com.ua
hal9000.redintelligence.net
hal90008.redintelligence.net
hb.adpone.com
htlb.casalemedia.com
i.clean.gg
i.holder.com.ua
ib.adnxs.com
id.korrespondent.net
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
js-sec.indexww.com
jskor.ill.in.ua
kor.ill.in.ua
loadm.exelator.com
ls.hit.gemius.pl
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mediawoot.com
mug.criteo.com
nep.advangelists.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pr.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prg.smartadserver.com
px.ads.linkedin.com
px.owneriq.net
r.i.ua
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s.update.mediamathtag.com
s.yimg.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
source.mmi.bemobile.ua
ssbsync-global.smartadserver.com
sslpagestat.mmi.bemobile.ua
ssp.otm-r.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.extend.tv
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.teads.tv
t.cotsta.ru
tags.bluekai.com
tags.mathtag.com
token.rubiconproject.com
top-fwz1.mail.ru
tpc.googlesyndication.com
u.openx.net
ua.korrespondent.net
ui.ill.in.ua
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.dlx.addthis.com
yandex.ru
yastatic.net
z.cdn.umh.ua
ad.outstream.today
global.ib-ibi.com
sync.adotmob.com
104.111.215.191
104.111.242.245
104.18.3.81
13.248.245.213
135.125.160.160
138.201.63.145
138.201.63.150
138.201.65.75
139.162.159.252
141.226.228.48
141.95.98.68
142.250.181.226
142.250.184.194
142.250.184.226
142.250.74.194
143.204.215.116
145.40.89.200
146.0.227.109
146.59.10.80
146.59.30.96
15.197.193.217
151.101.1.108
151.101.130.49
151.101.193.108
151.101.65.108
154.59.122.79
167.71.9.19
168.119.79.239
169.50.137.182
172.217.16.130
176.9.4.243
178.250.0.157
178.250.0.165
18.134.84.21
18.156.0.31
18.203.96.5
18.204.53.248
184.72.100.245
185.119.59.4
185.180.220.208
185.184.8.90
185.29.132.241
185.29.134.249
185.33.221.13
185.33.221.15
185.33.221.53
185.64.190.78
185.64.190.79
185.64.190.80
185.86.137.122
185.86.137.131
185.94.180.126
188.42.196.115
188.72.107.228
192.132.33.46
193.0.160.128
193.29.200.140
193.29.200.151
193.29.200.157
194.247.175.26
194.247.175.38
198.148.27.139
2.18.233.201
2.18.234.233
2001:678:cb4:bbbb::11
209.54.180.3
213.155.156.185
213.19.147.44
216.52.2.30
216.52.2.39
217.69.133.145
23.205.235.133
23.32.59.34
23.35.236.247
23.75.246.168
23.88.75.186
2600:1f18:612b:4232:40ff:2de3:a398:119a
2600:9000:2057:1c00:1b:5138:8a40:93a1
2602:803:c003:200::61
2606:4700:20::681a:b19
2606:4700:20::681a:bd1
2606:4700:4400::ac40:98f5
2606:4700::6810:5814
2606:4700::6810:7eaf
2606:4700::6812:1fb6
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:21::14
2a00:1148:db00::17
2a00:1288:80:807::1
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c0b::9d
2a02:2638:1::13
2a02:2638:1::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8:a::a
2a02:fa8:8806:13::1400
2a03:90c0:41:2801::254
2a05:d018:d29:3601:a1a5:2084:5d16:63de
2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468
34.196.247.148
34.254.143.3
34.255.218.80
34.95.69.49
34.98.64.218
34.98.67.61
35.169.163.246
35.186.193.173
35.186.194.101
35.186.253.211
35.211.178.172
35.244.174.68
37.157.2.239
37.157.3.28
37.157.3.29
38.91.45.7
51.89.9.251
52.1.216.129
52.206.177.106
52.208.103.128
52.213.153.112
52.59.40.31
52.59.71.183
54.149.232.224
54.171.137.8
54.171.37.193
54.209.104.147
54.36.108.3
54.75.174.52
63.251.232.165
64.202.112.159
65.9.66.173
66.155.71.150
69.173.144.138
78.159.118.240
79.125.102.158
80.82.217.90
81.17.55.113
85.114.159.93
91.198.36.26
91.198.36.35
96.16.132.239
99.81.121.75
006636a3dab8be5d11b6574e9aaccd503876c184617f9b2a4d0bda608d06543a
018370cdea1810ad5387e8a6f4ea890e03221d4d87b0d412968a23ba0948af98
01c7b190dce2dd486038743d83021384c4361a6eeac7003aa3461a8e29919dfc
01ca2b9eced577b462ba2297b15afb231c8d8bebcfc9102de0104cb771a68034
02cca5b1b107d83d87f92d6418987e95686603e5603dd63e88fa4df978e70bd9
03e62b611d0cc4ae0043306a29f2db89af57a5531cc964777f7e3f2cfeaa4bde
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
056074e8b8ac7c0a335761641b02e052628913eeab13e20c1a63b8e5011a58b5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d7c1d12483d4ac9708512167d58e302584f5ccaa39cfeb72777b62ac56c729
073de888dafda4239fb98116dba9ef48e1bd318cc353b7b88ecd4d98818ef5f2
07551816dea2f38b7f556eaf77f2b3fa230a41c939b1c17554c00f4eaaa58396
08741e9fed7a6b3507e4c4c2d9ba841aac9e2f81b72840a5f5203d07ab97fd72
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da
0945640e0018b1ba725541a6e518f677cc417b9560c5fe62c4e53f076d58d96d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5afd153c7ff1d95c9d85013a341481423f056e668060a5459daf893d36746d
0d98e830f86a78076c3e8c7fc4c55ba3af530e1f20d590412060029388ab39e2
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708
0f0190448b8357a09b42771763e337c83d31a3218952d31c39be4f941663c3f3
0f685911674c0e8a0defee67886fcef19b04cd3edb3365a7ed48453950479b0f
100509b468d82dc9928946bcadb81f5e728e9ac60381b6567c6475532219b3c2
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10cef860cadbf2d7390d3ac7a03229cdd4f2027cecac984448e17d334a4ac142
11449813770e57069d077ac0ad5beb3f7406204c87d961ba1b53c30dba58b3c9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
16505f38e730970522591a4f68a1faa6cd2b7eeba98a99bbab49aaac8eff701a
16b71c76d319bc7418cb1f850239d4c6cbe2072d6e2ee3e51f10df9798f635ed
170d5265950f3f6e41ed96698a3434415c5887ce6a4d98f3df3643282e57f01c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1850f222fe5b645320d99369f297008a251daacb0eb5775d66fe7853c1983a0d
1885450c0476075437b5f7356ec5dc33fa5179e850cc4dbf59c29f37744818f5
188d7650f2e55ca05d93025ca708c8c1dfc19fa283c5d8f61a66808040ea0f9e
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1b06b1213594a49cf6e6ce42a2ce34831f1c0f769492b13a05060906513f6ca0
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
1bb81774370c658a1ab9f1d3229d25cefe24fe07caa3d763cec7f7d121503f3a
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cf2d75769a67fdccddf5ef7f2bd800e3093f0bac91d30c69880cd22fcc561c2
1d66b0316883e5a2e72413b94d5635a1f7367c0bbb3b2f53c5e4d01cc9df43ca
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46
1e8ef02ab6bf16eb833ed1a7a6eb98ed2b7876995d63b437b5f8743d5c4b6798
20654cacd8e8a745c47b379e36214de8b8f36caf7686f30c53635104117c754c
20709fceb4f6a192c0be6394c7b871f8ea06b3e2e68a94cb20385b6c00806a93
214227a16b4ff571023cbfabe1a74a46b33fb30abbcd8d1a722ae12e3afeb794
2199e443adbcbf3b139be995709b8f12298bff3ea51680c32504be6d4f52c001
21c90ef4fea1ff114e43128bf0c90130967592b07114e2f707fb2ff3335d15e7
22f49eb7330f44c8d55ed33655173c93957287695fe70ad5fa91709959b42c0d
2356de1d2ca4b622f2949c68f0659a08d577e86204c4700c439132c5164d17ba
2623a709e861cf87f1214947d635159f9119d1684a9e35dd0ca949bf6abaadd5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26dc9aca8f2ab8bbb58b5e9e5918988475e42f7cffad974698a71b2addc6ec5b
2791dcb76821658dce3165022548a9d1032f4c99efe7acfaafdd6327cbd88129
281490b867b88c9618b8b12e1d1a50197d4d0cdb5e936102f695bdbf314ace0a
28ecd64dc4c2143d4d94a0ec8630b3ed5018f1e46f6665627546f1a7bc099b0b
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29a0a1ab78f6b642d13cd03b37042748690fecfb751ced06e1cbd99b63cbeef3
29aa34e0852c0a6ff15b303c58c95ea0636eb17ef6f9f5b4c760604bdc5301ca
2bf2371d0cf337df79a495eb1eba6a249e30d3b141dc80952f72c320780ad583
2cde2dbf249ca548606136a33465d51203701dfce627f65d3685903f505643ff
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2d73dc25470ec39e6d94f36c63ab86d87ac5f2396114a69e28514bdb39b3e63d
2db957374545b2c32e4402d4d5abf5fcb216cacd3a5db090f681b5b1ea14815e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e44441746df68a95ceb9424b855cca69c6c5095b3399eb1ad306adbb92971a1
2f027321b44909e60a1d55b151050edc557341df591a1820f0492332d4d9dcb2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
30c5af0bf597201deaefe81ec3f32d1d49b940712bfc2663599c2c9619ba1f69
30ff7103f39d276069ccd30caf50eebbbcd34fe8627347ad77569148390229b8
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d
31aea49db59161e38957338260ccf19a6ad4255e4fb15768ec4a91ecc27695bb
31f0e61e590f64f62cf1a31ccc4e06c0b97cd24b63a9f8b7f1957301f197e69c
3224cd51f4161d44547a1f5a57a5566582c3d6a690d2212af8a0a8739d0c8e0e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3310414f9302d194574a6637aba3f1b9b0c2ef8b209343f6c81376c24c551709
334ff4c8e9f20c31bfe49e4f097a08ab9a249180d04b2939832f45eb594eb835
33dee44133a9ba2a40d4b7bfcde4b4c6bcb28459ea666784c860fd287c9e76dd
341d5b7148d9012ab3d5cb6d3078f65a9112b0d8b081c217860d7edabac73f79
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
350d9bab3c54cd09958b9d95e7882f3c5e88c2323ed19babeb77aa0db79f8620
360a720ac17ed5ade4796a5d512785e8a1691bd41a03ed352b19bc61e8708f46
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
365e832d17bc4a34ffb01f8efebe4e69b4349ef6f1164e8e574aaa20cc125bb0
376c33f66aa93b7175101c8b60fdf2aeec312a8b47aad53a3139656fe9ae29d8
3820579e3e595ef429b8f5bb133af8011a02dd00a1465e1f10f09e20741027a7
3823f2dde505d1689755ccccee9bb05b63815a306fbf5d0149ae0134bb583ec1
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b
3c7520cb45201586cd8dbf12a8c6af22bbe549e2a6a2e8d6725fa6de5fa7ea46
3c7fcc20311b75a3428bd70f0abf6ea8dae98a0c646ecf1ba837397f485b285f
3c914c5ec7768654dc4f35534b46d2da72708c4db16148a833ce1847b893f60a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7c7efab021e9e62bc332cdffc52226ac5bb888cfa76bfde4a3a183159b4bce
3e8fd1a017d2f97b51a6d913bf169614650057ccf90a14a28e1ffd91241bef7b
3f5fce810a506822eedbf33946b50aac5c1898f3789343a7f3ca5008270ce0c2
3fca7574c4d3fed80225f1b2689eee405b056d61ea559639317d32a1890ba585
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401326e10a9b41c8b89fd0e33bfe54f1888453561c01ba11b0a0134131ad9bb7
409101c7f92c8873fa29c2ccfffac7631efca3f69a735ac60c6acbe1dbab861c
415e3c4982104db9fa994ee5228ae4fee7bbf30bc0102eb848c1c673f5010f85
42211ebbea82542a6f45ab273a9cbb369a47efecbdc062890440a8e91b5e747a
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
42d6bd1ae33583571053a66dff105cdf8e752a30c4bc64d28b6679d07cd8782c
4373f01790de4633d4f8c1a0c41d9433ff1340b747e3e2b66b5a10e01bf3a251
43759f0464c3d509ebc17613c94fecdecdb67e95ccd22d04b8c17f14d53523af
4424b066a0c7334a029edd65eea685322336fbd0dc5dff7913ef4046eb4025ed
45306671a9b3d4d1a3a96aecc974d4df0ad542531ee13be0d5a402f88a154430
45a90e8f949aa477d2b2e8defc40eb87ba0f28d80e7a69ffebec47eaa74452c7
4629d0b183da48a1475d36a5c1842c7b39d94affc1522f802472410ee84e3b85
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4833219e20cf14e95286657ed04dcbbad990a1b6fc3a8d7eac27ddcab7fc63aa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a6f5412ca2a1f5973d757b6bf56d9fcc8ce71bfd96583810a3894385730276
493bb3ce14990cf373ee4ab299f3dfcf185a6c4b8068eeb108e95bc62e96d7fb
4b0588e897a8f8df8291323fc59acd612680fdd1128d6fa1abf4dc59364e5bd4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e116d848d1e92cc4bdabac68198c7fc4685a28dedfd6f5fd1cf097e239e4b20
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5136442fb8b8553eab91008ed21f7bbf5eb3dbd22b6a4db9499b4652a145be60
52843d80d9ae9d8b68ec95209a51d1cf09949d770d786ac40a859a4dd92e1188
53ef4c15641d1ae87d61393bf81cf6af89c3b9fe28ab8ee85dffbb4e1cb5f2bf
5404158b417ec369621fc553149a985782368cb836bc8b6d96877aaded50892f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b23ad01694a94c3a778125a798b0fd9b5e5996ed5a841a745994391af79218
56544235f4699be5e960fe12b722dec724157b5bbbc745760ea46cf227641fb5
566f947370152934604bbb3901ae16de7d39b6d0eeb608faf146938819098a6b
57966fc56f47234552b7fcc383e13d2c6f9316b3af2199fb5454ee48d1223bdd
5822873f5c5d5430660f2972ce5a178d7c063da38e737061d86791434f41dcdc
59ab3bc73d12a95adc46cec312bd538a692c8361fbc2c6b76f8b33b96b62d4d5
59b2e3a6bc9a00d8b70935c05868961ee1a28a5cbcb5464866be294b35f8f289
59b7f3bff218252c356e1b38ae9289a63b4f16a2d8196ea2222e0418b90cfdd6
5a8c21a2959dcfce2e8bff6ac33f6b76d8215ceb3820aa208b0242f53c08baf6
5b988afafb0c8079cd95c03d753ec9b18013cfabffebfc423354fd810416a997
5bfe17d03c4fa3a3c5d162b60567f7b5f376df577767ca2fbfe3b9fdcc25993c
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
5f447e92a1506f46e085d52551c5cedf164b485a206a5b1f1253d7d7a0b1c8f7
6056aa1718fa608adc4dc72b73adef9c61d0cccd5863a02a908157d91f5861dc
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61035d17b30b46efaf132ea0023fb6546149f815be4ad9b3de54a34e50420790
618865ff3c0bfd77007b84470e9183c201470fdbb27da471dcf8ad5675f28cbf
61a007cdbf155c10f81d3e192be0746301588f226860f28df2af7689cb42c9b3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dfa015dfe7c190d2698ac0043e3283073ae93a63ea3be4323c6c384d762395
61ef6fe889bdb65bb3f47dafa0e3782a7b76ed0c0b2beff7f70a8835bbdce33b
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6610617562e795baf33fcac433f1a89af9a3911e78fc5dc34584271cf576d572
66bfcdd8d1f402fd444580bb1678fe9850fba8ce62054823ab0c5ca8b76f8e50
66f7e91cfe55242ef1f35490ef3c43445430ce919d97ab7a1a8cd8dfaa2808e4
674b31ffd0e0bdd2cd40ec67fd273a6b8bdd38807453dd662106eadf67b635de
67886b28d90c1245d2cb1b26da3dc8c3c47f56b2bb5c8060fbe8398765281adf
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
68296cc58f7f938d6e936e42cb7dec961ce1fa18f3c82c5a6f6ef32a03043317
69757d069494651b4015ee7f2a2ff3b1c70043bab4c65f5ec627bf65d4294a36
698501f11b36a327c270eb27836e542a38de7b80217b15f4996bd8d12fd7a198
6acfec8f46038e93fd59ac6af902189740650453ced7f31aa1e86949c81080d8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c288ff9874a992ad5021f7197dbcae181ccbc9b1ced648acd5d9efa6ca51f7f
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6cc3da9ffeb3e78541ff0a57f51c5059b5b5a7fc4918dbd727b3de7b50998206
6cfdb12134e60431b42ffaa342921359a46a95b717488f2e71d9ceeb3404f871
6d63997c367ca1c932f48189579892c685eb6dc680ffbe2cb9b653f692156d59
6d88067ecac60b1595d17558694a488a752749969de224456141cfef8ae07998
6e1e6299b667f2846ab9229cbaa1ffc9c0d6d1c5fbf7797d7180928413f44406
6ffbb4c6100e795393a8490047ec6c8c1d6ce1891931da4e2024bcd985b26751
70b4893455dae4e0d66e418d1ac7a529e033bff29644e04db9af631f7bd1b7aa
70b775de2cebe6b5a7dfcdc1632a57ada3f2268aa518b57e156844d6ffe32fdf
713cbfdf4f9df462e02ae8b2467ec7a72cc3de72946dd309da48c236bffb1e87
72c646a8cf993cd2078ffa7f21550b71538fec109ee6891a1702e69f05b9637a
730fa969cf7402b26778d3e0b24149f1a439f0e8ac5863ae518d069e383b167b
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
7360bac4381b5aec661abc991c355ea84bc97b33a10dd8499856f206a648f913
750ba934ff752a7b8302c0e7dad6945bfae670de702c4c75dfaa63e8918ac283
7556004a1ae5bbbe6cd24f51e8ea5aeb371d47ea81d27c488849ef377bc0f3fe
76c9dd763cd846c0fb9f09376e07e7bf2ba3280b249dd0a4e098f52dd9d59622
7782aa4d5b8ba20dccfcb05f6c4ac975766ade3f78c78733aa7fc1a79ccb52c2
77b1332c0394c83625516b21a3e9e7ad11aa4f0b942a9a2f1a583dfd58637d69
77cdfc33bb0a384a716af7aebc16370bee38aa63ce670afbe61a9a3812193627
77fb22b43c39770d38a1aaed6d65e80c8f00d817e9ff803421677e56d23016dc
795c685c734b5c93605fea6453957ff1b2df5f232cc1e72198eac0555a943c21
79ab1bb4e84e3875c6ac1258af0f34f807306a6dbe4a946a46726e73d2609a8a
7b4fd23233a18efd29d67d6cc9774db285019a145345cc77fd7420ee7e4e6669
7bc6fef827aa7f88d62e98cfd829fb47732fad974b68bfc79716d492fe1bb4c0
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7c8670dfa90770f990bcc5cd14965168dcaf8ebef89427eb3e5dfbdcd822834e
7cb745c1c8cffe3edddd856464e624896014f9b980629890b3986c6da3f056f3
7dcf24ec0e4867f333bc53d82bfb558761f188efde235b9692e0d9a90f66826c
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
82921adeca16b1bdd69e7ff5a188b9b7f27193029b0f5505c5d1cac693222e97
82f0120f66835d4dc2f614bfa86ca8d74c6118c6e61121997563fbd2b57dcb25
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ab5047e820c4c9edf0823374a8a31e0119fae38f345a88caa81b46184dfe5d
83cb7f810bda6b1257e48d07c0e1c2b20c871b3b87a60375c82008c09e8f9f33
84510fffe17fea544ae340bc9373b62106bfccc148f93e8ac4bbed045c64e9a2
8451158575b1accddddf37304bc536c4a554c43ff400a3c5e0a337523c2149a8
845cf130f99729033fce99a3a8ccc29728a85f49bb012227ab0c67e42ba10e1c
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873717f5315c799c66b3651ad2c3205c6d1f17027d007af1ecd054ee14dfe811
87f34081974aa06e2e70a3b6260e788f57d78d5c920e759310b2e4bc0f6cc070
898e180e28f0d79507e9383a6f58303043c24013cca819f7451381562f323093
89e0c888f3370962831869b407034daafaa6c60858e9f27b95275439c18697c9
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a76e6c4d6dc5bfe0c96b2515e545c1c3862ee28ca9448cb33e5ca73138bda90
8a9c5fcb19e6fcd28a891cdaf109711a7c543dd02fca5cf477d7006f91966256
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aa79a5d6fdffd63c26f013cd8f1bcb12ed624ef714702b5850cc30b673e6a37
8ab26f24b5a77ada773b5f5c2b91cc3fc914262ab8f74d7e6221d9bcaaf9315e
8ad5579ff46a845583e2ea7c42141e827f17de5cb47598bffeb398286dcd0313
8bba90a18481b39ff1b457148b173ea61e73632d785c84bcbcee54cd00b5018d
8bc5e3a82ab9aa0055b32cde22b467e9c343f24c3407d9d39abdce9b25b97670
8c05cadb863d5152927200bcd5662b6a717ccd398cc0f079f76c2c93048de1a3
8cb8b1066f52418e8d7cb17f8c879479d7de0de840d45b16bc3f4b5fce204fca
8cedba537a98853807b9ab270a4c129ce3b27067c9aca0ec45907744beeb3612
8d3d9a7c016606c027e6a2bff558abbc183fd6685eed4c18f23c250dabf406dd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8e7cb8d2eb8aa65befe56d802a02115ce2a22a9d707091b7ec49f38cbdb88489
8f50e13300811e9c2844d6bd9ac5c5b2f914db113ec68b737483f346f07bec79
8fc2d2ec6b00399c458036af0176a7dac1d7f439a3b100c68fdf7ac3358cfa5d
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
90102a5b0d498a0928a1923216a5e922fa4dd138a5c7ecad85c6f5b6cdd6bdab
9027070e08b6ef0f7b717eaed9e7c75e7e93555e1dcf8013a336df151a210518
90b6d4ad67989d0d596709245696c3d3f82192ba78f2696d3a17830aae68374a
90c79e03fa35d95fb6b353892fc989a88101c18797ab9a973fa21e25986f97f0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91c8e5073d68f88148cf4f94162d9621cb9d3c17143fc5b5a5dc147b429ce9f7
92620614cc40133a6b34f0a1ff30bc7d2188e9645c548666b2b61206782937be
92adf95d95602bcfbd5321346cae061b7f4b9c2d321c2c2091c18aa73a6d626c
93ed15a0025114bbfdc04ee2983984ee4b28890aa66be6f545c0428df0954a8b
946331547881086c3139e74bb4ec5c3408d69a234959b7afc88e5d42db31e701
94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc
962e4d27ab1f8b2e0d9d7a2579399478cc47b4dec2923bb7ad6cdab8d6e241cd
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96b5e932006850d28519d73f21bb3181a2d7bdbaef79dbb949388c688c1c0e3f
97cb426b07a50b994eb79c3e0b49d747c69bbdaf5587f55fe6a8f6b5b2e08929
98729141ace23eae16771414a64284d02115cae978ab1449e59f968ad386f42e
988502ceee54e2030d6c9b74ac9624570a632211a0835d7b857c481c6b7a42e8
98deb7ae6374c26152fee7f2a1ada6115b0b69b105f27cfdd56dd29c0223ac47
9a5e191db71d39acd629e1bf5512097d244ab3d398f10833e8dc2ce47d5e02a7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9cdef11bdfd5caf3e8311cb3f38e522bf265eb01d5447ae6d88cf715c3f22083
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9d2ae8c80a6f17e7068957051ed9b2de5217215c2741b2671f3ae1a1e9ea4922
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
9d929d0768d8e1e18f2873c1d0e0ca3419fae7e33b48aa6707d58472e5ca7d3a
9dfe5e005c857bd2f9eac3278e18483a9e663c41c250c05e64d527b83f8f84ae
9ed325bb4e1bd9f76da8039c87602d63b91e6963d6bf830e62d938a1b90cd133
9f039d70664972cf903f5b4a855889345bde351da767980018d2eb2250b204dc
9f774258fe6cd767d6737d1828e8b693a94a0be3f575caac1dfb442ca2f82255
9fd7cb2426f6a2028628aab09ec4d1e6b1101ae94a5d388fb3f341115e6ff69f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11aa99dce9700e6870716a8f26f6285cde56dadad384ab1bc59058b7bba25d4
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a228cd66abee213a149a72841b3033ddad4d159635ac52a28999a43208c8686a
a4341bb8ee3b9a7e74046a9c02d788404d3a490f580431b0f06320c077b02635
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50f51de69f8e06c4012182dd7696e68d9fbbb2c4bd510480148152823f0c359
a58c45b495338481a91c73729bf3916ce6c7d8e9f0566c0e731a7a3da7dba81c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7bbec6924c29f79cdb9af96e46a94007ba4a533221187fd567d1fcc6fdcc4dd
a9a91c544e33d4ac8f55a7e8ce951445f383c7f1e7fcf19a3a3976b9128b0c5f
a9bf9817f1e65c5dd71f61c73401bba1a5aea58622cea76d5e2817773fb0102e
aa850796db9400b694644339634f8708ffd14e3ac9843972954dcb4571dcb939
ab21256b0fee24a9396d78685a709e2edd14fea375edf027c77ee91fc017144f
ab4f28f76e75e183fbb508feae1c2b5763e8c30ae5b2c85a092ffe4e9e3b2340
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
abcbead6c9a1d352d7902929d6c01bdb095412f2d1f0de17f0d95f841f13a3da
ac37566ba24affe5cd96657786cd3df70717d9a133449db70c194520a7c132ea
ac449f75ab7336c99ac2e2212656968ba4d0424992b1100bb178f86114b7ed58
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad260de90173b251cce3dd4389c5b65fc5922b639dc89a06ca40beb0b4ff80a4
adf1f64499f499da08f9d8e6cfd962a5687642d9a5d3ae1db0843657e42e517a
aee72ba4decb77a11f961dc8208b8fae272533e494a6b3a4c93d3ddb51c1bfcb
af6592d435a34ae2cbc384c908b2000e3a33f3c3d7bace1a84ba7880a8a80d9e
af832497634cb3531c1a8cd5fde46d9574ca98bfc323ab36043b6cc8b0b83c59
aff3ed80f54d644de675767310cee9d3859596d0c29e32ec71beb2d740d6ff68
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
b3379b8da32e28c0677a8b54f02920880eb8c22d7e5aeb3f55113b0bb734b6cd
b35f733585d06975a6242dae18c828949a60fd621a8208e9ac24838a0ffd7dd5
b6ba54ad0acff6e405aadeacd6c8a411a0e4be6f51b38f55b355a2b08b040c80
b6ed773d27ddf8e69ef3a5f65bfdb4c4d8ca68313d0bd16e15b71377fd819a9f
b8716d4a21b5bf1b3d9e2523fa7bd2b78e491fdb966caf7faf074977d3374aad
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
bb10a5efad83c3357587316549392cce6f08b7a116ca74475c01aa23d6479e07
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb36be755d8da3d9800a788401ce344ea2ba840eb0a3aee39ed22758f52c3301
bc485c60c1e0395cf0c58a2a9bcc80550b8f289f5be78594484b3eeed36c37d9
bc6ee94750f6dae36ba54099beb18a3a69531be7815242af611866320d0f4bfd
bc788950c34406808d0a6d40ee7d7a0a585a3cebcd266cb72b1a4a8a252f1331
bcab73e79e54f5f8b0cf77546f937aaf4aed60947fc1e4a7801813ed34728c4f
bcb2af46f36601d7db84a81d1e770cc11ca811479ff5dcbd776cac6d79788aa9
bd968bafa95920075a6fdb35ba2dffef9b2f9b72e00bffd56a129d993f1f7344
c1312287cffef5fc276fe120a58ffd0911c77f84c7b6ff263ab01e612fda6751
c132e4adb7d1b48cf56e99ac17f4b1b3447ad0dc02503123d18102eee976892e
c1603a9203087182ded58421ef7b1c6c93e51ad7b9f219f017fb58e79491c452
c16d2e0a2b653bb50db8f77d431706a8e308cb77077bdf279e661d190449fb4f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c363958668849930c9a1236e47a50a9965ffc5456e67d40e80abec20597bcb19
c3b13148ea39097906d2b3216f32a7db8077a1e4cc657543b9a490ea54cf3c6e
c59a7ce6b94bef63ee401a33a6541aececed3d7b28878d6c274ea37357142900
c5cad78844631f748de4f5526652f08ae1504dce421b6e8dcd796af07e639ac5
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4
c82e63e36f3d41964e6a2f87675047998033312acd50feac5f28613959f5df6e
c92ee2460b4063f46ccd0ad0e0a68d212c6b756c4a0ef3a7fdf0afe0989781b1
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
cafe2ccc723f38d12406fdcc2b9777f7f89363a39bbd09c91bb75876f24141fe
cc34b5228224caef0a37f0c9ba4ed6b7f3630d3a0f8cc97463c2d7b5d722d374
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399
cca361f1064a7ec856c20f4a92212371fbb8e9670eeb8fce1f315197bb2db060
cde6f97f123790494370d0e0d172dbfb42473cc0e050ef14bc93bdd92d91da22
ce4df91778184d3e16d8ac96ec54f2224975e2356e11f6a724eccd088d26dc0b
ce88e7d75016cf4b26ccc3eeb67171b111571dc92178b23bf2ea6abd3cf92de3
cefac0898ee1d19ff1fc498113e6f7b81a0f5a6e63b3ae72106cde5d0454bc01
cf23530df2c7b13e742838cdaf8c753e412985bccf9cc1a4e4e0b6be14d81a9f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbd51ac2af699c5852924136c66b15ed62fa15b9b9fc6c52c3be371417430e1
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1285227b6621ab93e1bf41b92bce3a8cf1bab06c4a7ecc73d76883c4c548993
d169a4b4bf7e00787e12931b5c2040d76f6995b3ba3f06050274b28644b47d86
d2b7efa589a2fcc71549eafcdddbb08fca3005cd1937f71c4d8e882855786b19
d2fbad9636c1fb1ddc3e083984f2b5d3a955a32fdb6247876aabee203958e7dc
d3813995b4ae43ff33a91686d9a113f37aa2e4d9e1b513fcf64b1499a29f4cfe
d4509d94a92dfdf5ea4f0b6109c4ea20a245af466a5ab9ff5dd57fbb5f2b38df
d637841a183e7c3aa31d5d7da97880fb94a3161bfcebd693a43b92920dbb8b3e
d71640d70655b29c65977ccb7e822e4e6e0da61d56a43d73cbda7e8f2841ead4
d7aba018e145b6d46cc80c7de50acc0120c6160b064fd01a0d26798657103a09
d979043c48cf13e1b033cfabe1aaa1188263ff138c04206fbd057a5c4f572b48
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
daa9c1c00563b973df8c5dad719b8670a599a9465ba9bbac4d222c586b538571
dbfa88af4b40ae505cd0434f9639e9226fd906834d09d5082c6c905074050389
dcccfc795c98ea2a307307ca4bdbbe6cb36800219ef4471f1118f47570cf210b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4fb84ef463207662efa03dbd05515afb3aee6a71fa7c5e56e7b0b13504a7b4
dd5b2ffcb848c9ebbb3161edcc56791000d8e3b6076a3cc6c159fc41f70ec143
dd89c698f5518b8e74892fd52085772390a4cb078ff04939584650c0d3507c67
dd909c181b293f4a20f86b2b4b869a437381a04c562b3f82384bf9f13f20e575
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3f6d94bd092f4756fcb83a462855317d91ca61ae33847651ec6d9da1af6b32
df6e47f3dead15c7aee83b385619b44bd4d41cf4012df3e34d5e29f511eac6b0
df9df41904b3fd286051e97d31bc4abe45df6b12fd446e8758c67d74958e5049
e12a82b3eac077498c3dd1ae1cc436d38fb596308fc49df55c6726fc3031f3e6
e156a61a00ea7d4c72d19a295a2ac7622a45aa9b2464b1d9a937843801b6e980
e1a05191fea65421cd32ba990be78639e183fdea2c975c9dd2d1282a99fff4b5
e1bf77100e7012bdf727aafef1f1fefb22edec04e850108c460eea3daa8905cc
e246e715bf18a12050854d34e3775a6aa263a988d74779b58694f5be7c4ecfdb
e26e40b195c610d312241af44b4364351ac2ba3fe9d78adb48f5390aee321aa6
e3016ebc21a753c1a83fd8de45134e2824a330d46f0473cc5f4f124e6333ef8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4689d8b5d0ea3e6bfe47e3edaaf9b221cf7c24f5ea2cefd4b188f2d66934dd3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5eac7089417f76b4d3fffb3eefa6f18005b22a4bab1b2a3d016cc3c34355142
e6cb24788beb80768c1088bb0ab66da02ee37eab8d650ddaedb8f771919efc49
e6d0e4c0b09906b858573f6ff4f1dd3918583945e160b64152928aba0219b441
e70792957a2d6b9fe4f3b638d557b304e23215b8031d9e14e2f61be37f008399
e89af8424b5973762e03632b5682f496deb95e90d2810a15720b97a03569b4cf
e96448a9787e47bbf404be2b8cf53e152983bd3ef624ebc44ececfbd7eee35fc
ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042
ead57b4a59e7d890408606fb6a388db8691e840a538d2b673b6a826ead64455e
eb6238bd370c0803ba276ce0e785f0098fabb4dc750a33e46d9454dc9cbcd326
ec8108d5d4fdef74c3659603b1c911f49133f04d6b59c4b5fa2a7cb0565c51a8
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed55972fafbabf4133dac52851a2001812430919a9414ec539dde1daf9cbd6b2
eda53a126b9ad636ada21bc74b0e54c5dfa526083e7a876b17eb90061254d275
edaf7ed3f21396bb8a6e178d46c5b811c19546619d23fa6256c46bc245018735
ee63a08679eb42e840fae6c822a5ebf8511af62ecdcaff6298a7af884e5f7bb2
ee83c984c733b9c55a91f42e6cf39ba90c22bc0789296f4b7a5ec189ef24afbc
ee93dc8d1013f506af8ca9cf3f19d7e3c574a7182505aa568975459949c590f2
eec1dec8dac7635e9fea6ef66bf06253ee83a40d71c9b3b1e5afb09bbffeba07
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef491d1d9a3c4cb158c1081ae6d386279a598eca65ad85af9ebe3efcd9288f81
f00767a372eccf98ee0a2d035ce6ebe8fcf4fbe73bb945e4ef32e53521e8f8f3
f092792429d25d71773736aae4a2cc2e28d5ddde94faa0550793e773680d5478
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
f2688cfce6737668af724081900a94bfdcf6437cf8372189005178964e7d1831
f2fb4ad12177603c34fc866a5278b982ad90f9a6a6464516a09fb1357d78b6cf
f30477c42f896fc40c43e8f76f3f511eb3174db236085efbb1398136ac2f3c1f
f33f1bdc9a50e30cf25385e60f566bc63bf2af2931b58283f1db01d5174ffc62
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f468676d36b467d4ff505a4bf3b5a7b8dac85b750c3d1b8bc852cfb4f11423b4
f4b0ca2e36432abb08eee18706726531563e168b0bbf469f1e67c078a618d2d2
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
f5522c565532fe12314aa7212b0f8b74ca6dd29928fa8bc81466843c5f6b55ce
f5d298c1020c7fe8ecd374ea8690088305178aab62725346a159b49ed57ebe17
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f741e9b4a915275a70423886415479f3829d83de5f384cf916eb734ddb4bba12
f8ce82dec3625d073adccd48a25e3be8c1dd1f81c8168c4fc402f1424786c5ea
f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f
f90d9a9060e9457a9419f170312e450c97edf2747b647243e15e5d5aa7315627
f97715fb5d00253be6c3e95f63ff036b7aa2e548b0eba2ea40f3e9bf1f021bfb
f9a785df8c064ce8df30054cd03b53f84dcc735f9abbd90da7d68bcf036b6d55
fa34a0a9cfab7678278925a6adc9de74f4c743f9425a219a418c0880c10faf9f
fb1bac609d9ab7475b4b5ba3672047900f760ab867b1c2b8449b1d5d4fd17259
fb900881cc83a4c2d257c3b177739e28b3ad73fcca1c07b39bf3b7f310fc5bd0
fc479777461be30c9ce37a8105fda097014f91687a457a6a814a1e62a891bb6d
fc5eb13bc7f1ce47c755a457a0c236e42a3fe66be41db2d2b917dd028eb24ef7
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fcfd604ea050e592eed00321c909b458706a39be6a48fdc75a78c694451f4ccd
fe5d9f2d55123ec93199abf0e69784c8de8c7322997556df78e830e389d5a301