Submitted URL: http://www.zdg.md/
Effective URL: https://www.zdg.md/
Submission: On May 08 via manual from RO — Scanned from DE

Summary

This website contacted 94 IPs in 20 countries across 103 domains to perform 404 HTTP transactions. The main IP is 116.202.113.159, located in Aachen, Germany and belongs to HETZNER-AS, DE. The main domain is www.zdg.md.
TLS certificate: Issued by R3 on April 29th 2023. Valid for: 3 months.
This is the only time www.zdg.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 109 116.202.113.159 24940 (HETZNER-AS)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
29 2a03:90c0:41:... 199524 (GCORE)
1 4 128.140.224.226 5606 (GTS-BACKB...)
9 146.0.227.109 20773 (GODADDY)
13 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 146.59.30.104 16276 (OVH)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
4 23 146.0.227.110 29066 (VELIANET-...)
1 3 193.3.178.3 399668 (E-PLANNING-)
2 2a0c:5c81:516... 55081 (24SHELLS)
2 8.2.108.175 46636 (NATCOWEB)
2 63.251.14.3 32475 (SINGLEHOP...)
7 9 185.89.210.46 29990 (ASN-APPNEX)
3 3 54.38.197.123 16276 (OVH)
4 193.200.65.6 6681 (GIVEME-CLOUD)
2 2a0c:5c81:515... 55081 (24SHELLS)
16 17 172.217.16.194 15169 (GOOGLE)
3 3 199.115.119.227 30633 (LEASEWEB-...)
12 12 35.157.238.50 16509 (AMAZON-02)
4 4 18.202.160.70 16509 (AMAZON-02)
1 1 51.68.39.188 16276 (OVH)
2 2 3.127.82.251 16509 (AMAZON-02)
8 10 198.47.127.18 62713 (AS-PUBMATIC)
4 8 185.64.190.80 62713 (AS-PUBMATIC)
1 4 198.47.127.20 3257 (GTT-BACKB...)
1 8.2.110.206 46636 (NATCOWEB)
4 4 3.71.149.231 16509 (AMAZON-02)
1 3 194.247.175.26 196831 (BEMOBILE-AS)
1 2 176.9.79.218 24940 (HETZNER-AS)
2 2 188.42.196.115 7979 (SERVERS-COM)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
1 183.110.238.136 4766 (KIXS-AS-K...)
3 18 185.80.39.216 27381 (CASALE-MEDIA)
2 82.145.213.8 39832 (NO-OPERA)
2 4 52.18.203.230 16509 (AMAZON-02)
2 98.98.134.243 21859 (ZEN-ECN)
2 2 8.2.110.24 46636 (NATCOWEB)
8 193.3.178.4 399668 (E-PLANNING-)
2 193.3.178.2 399668 (E-PLANNING-)
2 2 3.216.245.41 14618 (AMAZON-AES)
2 2 23.2.229.193 16625 (AKAMAI-AS)
4 23.37.42.132 16625 (AKAMAI-AS)
2 205.234.175.175 30081 (CACHENETW...)
4 51.89.9.254 16276 (OVH)
23 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
3 5 37.157.2.234 198622 (ADFORM)
6 3.33.220.150 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 5 185.64.189.115 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 3 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.83 24961 (MYLOC-AS ...)
1 1 34.254.125.132 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 3.64.198.28 16509 (AMAZON-02)
1 34.160.236.64 15169 (GOOGLE)
2 63.33.146.223 16509 (AMAZON-02)
1 138.201.8.249 24940 (HETZNER-AS)
2 3 151.101.2.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 34.204.254.129 14618 (AMAZON-AES)
1 3 52.94.223.37 16509 (AMAZON-02)
1 69.192.160.219 16625 (AKAMAI-AS)
2 2 54.76.40.199 16509 (AMAZON-02)
3 69.173.144.139 26667 (RUBICONPR...)
2 15 185.239.172.77 55081 (24SHELLS)
3 23.35.236.201 16625 (AKAMAI-AS)
1 67.202.105.33 32748 (STEADFAST)
2 2 35.227.252.103 15169 (GOOGLE)
5 5 213.19.147.45 26120 (RHYTHMONE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 4 52.46.143.56 16509 (AMAZON-02)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 34.237.236.228 14618 (AMAZON-AES)
2 2 3.121.104.116 16509 (AMAZON-02)
2 52.223.22.214 16509 (AMAZON-02)
2 2a04:4e42:200... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 37.157.5.132 198622 (ADFORM)
2 69.173.144.165 26667 (RUBICONPR...)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 1 141.226.228.48 200478 (TABOOLA-AS)
3 3 193.0.160.130 54312 (ROCKETFUEL)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 185.29.132.241 30419 (MEDIAMATH...)
3 12 185.64.189.110 62713 (AS-PUBMATIC)
1 50.16.198.19 14618 (AMAZON-AES)
1 178.250.7.11 44788 (ASN-CRITE...)
2 2 213.155.156.168 1299 (TWELVE99 ...)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2 46.51.163.206 16509 (AMAZON-02)
1 1 34.111.129.221 396982 (GOOGLE-CL...)
3 4 34.192.88.152 14618 (AMAZON-AES)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
4 185.46.149.20 44600 (GT-AS)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 5 54.229.164.197 16509 (AMAZON-02)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 185.86.138.151 201081 (SMARTADSE...)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 35.186.193.173 15169 (GOOGLE)
1 1 35.214.153.92 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 173.231.180.197 32475 (SINGLEHOP...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.242.204 16276 (OVH)
2 2 141.94.171.212 16276 (OVH)
1 1 52.220.229.2 16509 (AMAZON-02)
1 157.90.40.26 24940 (HETZNER-AS)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 51.222.80.231 16276 (OVH)
1 98.98.134.241 21859 (ZEN-ECN)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 185.89.210.141 29990 (ASN-APPNEX)
1 1 164.92.213.94 14061 (DIGITALOC...)
404 94
Apex Domain
Subdomains
Transfer
109 zdg.md
www.zdg.md
test.zdg.md
8 MB
65 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 59056
prebid-inv-eu.admixer.net — Cisco Umbrella Rank: 346893
inv-nets.admixer.net — Cisco Umbrella Rank: 2151
content.admixer.net — Cisco Umbrella Rank: 223064
1 MB
42 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 643
image2.pubmatic.com — Cisco Umbrella Rank: 786
image4.pubmatic.com — Cisco Umbrella Rank: 937
image6.pubmatic.com — Cisco Umbrella Rank: 699
ads.pubmatic.com — Cisco Umbrella Rank: 493
simage2.pubmatic.com — Cisco Umbrella Rank: 679
simage4.pubmatic.com — Cisco Umbrella Rank: 1206
43 KB
27 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 74
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
172 KB
23 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3364
mwzeom.zeotap.com — Cisco Umbrella Rank: 2757
6 KB
18 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 444
ssum.casalemedia.com — Cisco Umbrella Rank: 1278
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 523
dsum.casalemedia.com — Cisco Umbrella Rank: 1228
15 KB
16 gstatic.com
fonts.gstatic.com
www.gstatic.com
530 KB
15 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 10623
sync.adtelligent.com — Cisco Umbrella Rank: 5367
8 KB
15 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 5729
u-ams03.e-planning.net — Cisco Umbrella Rank: 92827
s.e-planning.net — Cisco Umbrella Rank: 11642
i.e-planning.net — Cisco Umbrella Rank: 10789
8 KB
12 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 299
4 KB
11 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1018
eus.rubiconproject.com — Cisco Umbrella Rank: 577
pixel.rubiconproject.com — Cisco Umbrella Rank: 318
token.rubiconproject.com — Cisco Umbrella Rank: 566
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2208
23 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 211
secure.adnxs.com — Cisco Umbrella Rank: 406
9 KB
9 googlesyndication.com
86a9c597c660c80aec232756ee38fa18.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
tpc.googlesyndication.com — Cisco Umbrella Rank: 137
41 KB
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1035
s.amazon-adsystem.com — Cisco Umbrella Rank: 274
5 KB
7 adform.net
dmp.adform.net — Cisco Umbrella Rank: 2929
cm.adform.net — Cisco Umbrella Rank: 1211
c1.adform.net — Cisco Umbrella Rank: 573
3 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 4365
adservice.google.com — Cisco Umbrella Rank: 70
48 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
2 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
cms.analytics.yahoo.com — Cisco Umbrella Rank: 982
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 428
2 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
3 KB
5 gemius.pl
gamd.hit.gemius.pl — Cisco Umbrella Rank: 209402
ls.hit.gemius.pl — Cisco Umbrella Rank: 16514
22 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1935
3 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 530
2 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 31700
cr.frontend.weborama.fr — Cisco Umbrella Rank: 27749
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 437
2 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 753
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 198
4 KB
4 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3748
2 KB
4 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 25727
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 23904
2 KB
4 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 98016
1 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 77205
pixel.onaudience.com — Cisco Umbrella Rank: 2832
2 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 741
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 619
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 596
usermatch.krxd.net — Cisco Umbrella Rank: 1413
942 B
3 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 874
sync.crwdcntrl.net — Cisco Umbrella Rank: 790
946 B
3 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3402
pixel-sync.sitescout.com — Cisco Umbrella Rank: 620
561 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 536
960 B
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 139933
640 B
3 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 7889
1 KB
3 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 28362
819 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1193
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 773
s.tribalfusion.com — Cisco Umbrella Rank: 1977
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 740
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4891
564 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
105 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346
52 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 351
279 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 771
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 662
1 KB
2 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2631
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3046
284 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 835
952 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1258
659 B
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 8762
580 B
2 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 987
sync.mathtag.com — Cisco Umbrella Rank: 479
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1482
1 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1560
751 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 658
sync.taboola.com — Cisco Umbrella Rank: 915
346 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1322
469 B
2 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 6270
964 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2467
842 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1558
1 KB
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 22406
473 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4071
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 608
554 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 2972
258 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6386
adservice.google.de — Cisco Umbrella Rank: 9108
939 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 150
89 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 200
39 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
59 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2214
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3659
465 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5796
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2645
642 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 22340
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5389
277 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1274
282 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 902
225 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5155
369 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2083
308 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 601
792 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 567
664 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 690
589 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 707
363 B
1 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 3102
281 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 28864
270 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1508
366 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2569
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1105
477 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 7780
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 518
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1807
380 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1154
213 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 483
535 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 23048
84 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 145205
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 8803
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 9933
411 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 62462
904 B
1 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 3688
510 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 2734
562 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
185 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
78 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 708
83 KB
404 103
Domain Requested by
108 www.zdg.md 1 redirects www.zdg.md
cdnjs.cloudflare.com
29 cdn.admixer.net www.zdg.md
prebid-inv-eu.admixer.net
cdn.admixer.net
23 inv-nets.admixer.net 4 redirects cdn.admixer.net
www.zdg.md
ads.us.e-planning.net
17 mwzeom.zeotap.com ads.us.e-planning.net
spl.zeotap.com
17 cm.g.doubleclick.net 16 redirects spl.zeotap.com
13 sync.adtelligent.com 1 redirects s.adtelligent.com
s.console.adtarget.com.tr
ads.us.e-planning.net
ads.pubmatic.com
13 fonts.gstatic.com fonts.googleapis.com
12 simage2.pubmatic.com 3 redirects ads.pubmatic.com
12 x.bidswitch.net 12 redirects
10 dsum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
10 image8.pubmatic.com 8 redirects ads.pubmatic.com
9 ib.adnxs.com 7 redirects www.zdg.md
spl.zeotap.com
9 securepubads.g.doubleclick.net cdn.admixer.net
securepubads.g.doubleclick.net
www.zdg.md
www.googletagservices.com
9 prebid-inv-eu.admixer.net code.jquery.com
cdn.admixer.net
www.zdg.md
8 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
8 image2.pubmatic.com 4 redirects ads.pubmatic.com
6 match.adsrvr.org spl.zeotap.com
ssum.casalemedia.com
ads.pubmatic.com
6 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
5 match.prod.bidr.io 5 redirects
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
5 image6.pubmatic.com 2 redirects spl.zeotap.com
ads.pubmatic.com
5 www.google.com www.zdg.md
www.gstatic.com
www.google.com
tpc.googlesyndication.com
4 content.admixer.net www.zdg.md
4 a.audrte.com 3 redirects ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects ssum.casalemedia.com
4 sync.1rx.io 4 redirects
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 onetag-sys.com ads.us.e-planning.net
s.adtelligent.com
4 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
4 dpm.demdex.net 2 redirects www.zdg.md
4 ups.analytics.yahoo.com 4 redirects
4 ads.avct.cloud 4 redirects
4 m.trafmag.com www.zdg.md
4 gamd.hit.gemius.pl 1 redirects www.zdg.md
gamd.hit.gemius.pl
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 p.rfihub.com 3 redirects
3 ads.pubmatic.com s.adtelligent.com
ads.pubmatic.com
3 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
ads.pubmatic.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 idsync.frontend.weborama.fr 2 redirects ads.pubmatic.com
3 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
3 ssum-sec.casalemedia.com www.zdg.md
ssum.casalemedia.com
3 creativecdn.com 2 redirects www.zdg.md
3 pa.tns-ua.com 1 redirects www.zdg.md
3 sync.lemmatechnologies.com 3 redirects
3 a4p.adpartner.pro 3 redirects
3 ads.us.e-planning.net 1 redirects inv-nets.admixer.net
s.adtelligent.com
3 www.gstatic.com www.google.com
2 uipglob.semasio.net 1 redirects
2 pixel-eu.onaudience.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 token.rubiconproject.com eus.rubiconproject.com
2 cm.adform.net s.console.adtarget.com.tr
2 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
2 www.googletagservices.com securepubads.g.doubleclick.net
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
2 eb2.3lift.com ads.us.e-planning.net
2 pm.w55c.net 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 dsum.casalemedia.com ssum.casalemedia.com
2 ad.turn.com 2 redirects
2 rtb.openx.net 2 redirects
2 pixel.rubiconproject.com spl.zeotap.com
s.adtelligent.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 dsp.adfarm1.adition.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 i.e-planning.net ads.us.e-planning.net
2 secure-assets.rubiconproject.com 2 redirects
2 ssp.disqus.com 2 redirects
2 s.e-planning.net ads.us.e-planning.net
2 sync.admanmedia.com 2 redirects
2 pixel.sitescout.com ads.us.e-planning.net
2 t.adx.opera.com www.zdg.md
2 ads.betweendigital.com 2 redirects
2 exchange.buzzoola.com 1 redirects www.zdg.md
2 image4.pubmatic.com 1 redirects www.zdg.md
2 ads.creative-serving.com 2 redirects
2 s.console.adtarget.com.tr www.zdg.md
s.adtelligent.com
2 ap.lijit.com www.zdg.md
s.adtelligent.com
2 us.ck-ie.com www.zdg.md
2 s.adtelligent.com inv-nets.admixer.net
s.adtelligent.com
2 connect.facebook.net www.zdg.md
connect.facebook.net
2 cdnjs.cloudflare.com www.zdg.md
2 www.youtube.com www.zdg.md
www.youtube.com
1 match.adsby.bidtheatre.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com
1 pixel-sync.sitescout.com
1 pixel.onaudience.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 cr.frontend.weborama.fr 1 redirects
1 cms.quantserve.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 cs.yellowblue.io ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 sync.taboola.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 casale-match.dotomi.com 1 redirects
1 vid.vidoomy.com s.adtelligent.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ic.tynt.com s.adtelligent.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 bcp.crwdcntrl.net 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 86a9c597c660c80aec232756ee38fa18.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 idsync.admixer.co.kr www.zdg.md
1 cs.mobfox.com www.zdg.md
1 dsp.nrich.ai 1 redirects
1 www.facebook.com www.zdg.md
1 ls.hit.gemius.pl gamd.hit.gemius.pl
1 www.google.de www.zdg.md
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 test.zdg.md www.zdg.md
1 fonts.googleapis.com www.zdg.md
1 www.googletagmanager.com www.zdg.md
1 code.jquery.com www.zdg.md
404 150
Subject Issuer Validity Valid
www.zdg.md
R3
2023-04-29 -
2023-07-28
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-02-15 -
2023-05-16
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA
2022-06-08 -
2023-06-21
a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2022-09-13 -
2023-09-25
a year crt.sh
test.zdg.md
R3
2023-03-17 -
2023-06-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
www.google.de
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
ads.us.e-planning.net
R3
2023-05-06 -
2023-08-04
3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2023-03-28 -
2023-06-26
3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2
2022-11-12 -
2023-12-14
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-14 -
2023-06-14
a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA
2023-03-24 -
2023-06-22
3 months crt.sh
*.mobfox.com
R3
2023-03-16 -
2023-06-14
3 months crt.sh
*.admixer.co.kr
Sectigo RSA Organization Validation Secure Server CA
2023-04-05 -
2024-05-04
a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-18
a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-01-09 -
2024-02-02
a year crt.sh
*.e-planning.net
R3
2023-05-06 -
2023-08-04
3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA
2023-01-09 -
2024-02-09
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.google.de
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-09 -
2023-12-10
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-08 -
2023-06-10
a year crt.sh
dmp.theadex.com
R3
2023-04-24 -
2023-07-23
3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-27 -
2024-03-29
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-12
a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-02-27 -
2024-02-26
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2023-03-25 -
2023-06-23
3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-07 -
2023-09-30
a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-01 -
2023-10-02
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA
2023-03-23 -
2023-06-21
3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-16
a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M01
2023-03-24 -
2024-04-21
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-04-04 -
2023-09-27
6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-01-27 -
2024-01-27
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
juke.mmi.tns-ua.com
R3
2023-05-01 -
2023-07-30
3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-11-07 -
2023-12-09
a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-04 -
2023-11-06
10 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-03 -
2024-03-31
a year crt.sh
*.iprom.net
R3
2023-03-01 -
2023-05-30
3 months crt.sh
truffle.bid
R3
2023-03-15 -
2023-06-13
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh

This page contains 66 frames:

Primary Page: https://www.zdg.md/
Frame ID: EDEB93BDCC593B55777EEE6FA995FBDF
Requests: 203 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: E15F8ED6F77368C25F6B4E93AF78D253
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/57367/c.html?b=57367
Frame ID: 87050092BA1B1532E1116B77F3CBC63C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUQVwiAAAAAI-No47eurPKekD5TFhOuHm7kNET&co=aHR0cHM6Ly93d3cuemRnLm1kOjQ0Mw..&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=invisible&cb=fq56jrdmg9lx
Frame ID: 8E768F8A799FA2D26D48665A247A2E28
Requests: 5 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: FF1EF07C34CAB5926D4BD5B4B666E45C
Requests: 6 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 8C0311594EF83343565479DA50EFD73D
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: F04BF5CD56E7068E606563B7E6FB58F1
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
Frame ID: 896B6E1FDBC7DBA4C2321C03F48C92AF
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: F55ABCD8D5E0E87505E2A9433E811F2C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 5FAB351181AC833F93C8EA50AFBDF3B3
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361&cmp=0
Frame ID: 254C038F4C0356C5BA0BB1B12EB62549
Requests: 34 HTTP requests in this frame

Frame: https://86a9c597c660c80aec232756ee38fa18.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 36032B7F7A2B088C9A2A80DCAD785269
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=3217243785272500728
Frame ID: 4BE663EED808F7B7B6C45D9D9CBA9D2B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 2EC7E31569B7BBF6F371ADE8B1ACA165
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 1B10739DB7002AE6A99F8962B2821E93
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 0ECCC324E1CC92A7ACD5DE3A027B0869
Requests: 6 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 35CE4F302ABD7CE2320A661C96235187
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: C71D501A9A7D20E3D2F680677D98B700
Requests: 10 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 9657029FCCF80075CD5E8D8588F1F068
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 92BAE4D6C027C7BC4B59B0AFB0F1126D
Requests: 1 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AG5Zi%2f0rPfjMWgtL
Frame ID: 3A110FDE1B5D3DCEF2EB9B36BCBD87EB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstubtrL9OLLQT7FL9VX56sCZdlaEwwEWZpgGaSeNyktF6HtaI4olsoE4CnVd87lHGsxbJfseCgt_QmuWvgS3Q-rRl9lcCfzL5DWBgKElgow7NcNjzKUXaUM4Bd5kYf_eCIkEr5VAaMRfxgu8XLA6OMlE3qbugkmpG0yrLveinu-RLYyUp_deLpdIZycA--vXif2R9zV2Ywh4kVNv8qLTg9hhykKyEs4kmBOKkG7l8VTpSBblJxFwhwsNUW4rIkmE1YeAbXZHIPXo0wJ-6hwZj0O5I97XdzSNNW9jPu_AHFF2jkXG0Jx7y17DK3a_T2u2hRrgopLWN7leWI7LKdZwd0GWg&sai=AMfl-YTE_HiDvSEQ7jeYnqjggjxa0A22mBBbhNaesK0OpGzl-jzhDX8fITQ2ve57eo8_1DaaqfLa2akWqN9ES7T7f7iEwS-k8bAKV8t1xRPo00mHJ-QoXYWXFD8aoHuGzzI&sig=Cg0ArKJSzAWmC2eDV7c_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7F5811F5A7FC9CB8DB5D50904259FD87
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 275CFCA7390A5FE8141108E5CAED9197
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 9A1B2187DF99935719082BC534E5964B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 851AFCB4ABDBF1FC6F3F1FE06D353F72
Requests: 4 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D
Frame ID: B5E88633FC4633CFC6210D960CB9841A
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 576265CDEBEA3D091E26EAB6C7703706
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 59416BAF52B0F59A14E570AE762DBE6C
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=c1b17ca1-963f-4915-5300-26589a302816&zdid=1361&cmp=0
Frame ID: 7D3373E5842F9148E24FB3E2ED0B7B29
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2XvdzIj4e16FW0Qi95CM&pi=admatic
Frame ID: A3E8B462E288FC029279D6124BDBA8AB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 1D9E5F9F36D0F389DD66C4C76C949171
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID
Frame ID: 0D4875CEBFBA1A829EA11B743DEFB52C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_-QntRwLO3Gu-TmINlRs_wv4OY1STKUYwObjQfQzNNXVw2put9ncE5WB3Ut2fKNeqvsu11-6jy6F7BIHNH5FaZ8xll4BJSkszkdKhvRHJ5VzHy4zULuUA-6l1VXLRizX4e6LlXBzi4tMLCMp_KzFVBKgQ-ToTHX8TUwxOvndEdoY8Q55OKrDwPDBQuZUwKB0wvHwuw9tsFNvP93_zUQh4YKRYnhHSBjEti-FAuXXecpiP6aJydi-bnwK3UsRkPbudoTG_fG1MVrx_ynQZGH2TQo1FV7Z5nOdmElD0VMAmwUGUWNJlqgkOzw5rGASLFjp_LJixaxdSVEcOWQPQV8SfXRRa&sai=AMfl-YTNGJtH3WWA65irfn5FT7Djn2VZevguxqzRJMqLZFfql6s3Qy27neEN9h1-54niqZfo4vCnxZwI5Lmn0Kq2-glcUa51YIZRtYGMAp2Shm0nrCjGk2nDawq_c1ItEg&sig=Cg0ArKJSzNMdaayC01_FEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9EC055E5632146B4F5B8D7816FA4519C
Requests: 18 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: A22188EEF3C3217306D5D4474594E020
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AG5Zi%2f0rPfjMWgtL
Frame ID: 0EC6F243F0167757D27FB461E8D9BCFD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1fee6459-4467-4100-9d77-92ef4e685530&gdpr=-1&gdpr_consent=
Frame ID: F229B820E9A12592F4FFB9D070A2B926
Requests: 1 HTTP requests in this frame

Frame: https://cs.yellowblue.io/cs?aid=11576&id=d40bf87b0c3e44a5aafec12ac9c87d64
Frame ID: 6DB7BD420547419743B161CBC66DF7FF
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=-1&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 63DC19CBDB2857D3059B3553291CD376
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 48E20E8B604EE7E34D5A31F2098AC23E
Requests: 1 HTTP requests in this frame

Frame: https://pr-bh.ybp.yahoo.com/sync/pubmatic/4A23175A-C353-4DF7-AF47-2D79A4468DF2?gdpr=0&gdpr_consent=
Frame ID: 4CF4298C7007B6FC0726C4878ACDCACE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8GH6SvJh-UvrYaxBoGDiRfVt_kDrYvcW8GNbrsQs
Frame ID: 1F021BFAFA99E09951001CEE151FB806
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4A23175A-C353-4DF7-AF47-2D79A4468DF2&redir=true&gdpr=-1&gdpr_consent=
Frame ID: CD35572861DDD4C59292AF7C64247411
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=4A23175A-C353-4DF7-AF47-2D79A4468DF2
Frame ID: 54D3A77CC288D5F7C4B4AEED8F75F339
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/57367/c.html?b=57367
Frame ID: 7967628A3E57CFEB998C701F47201EEC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/57367/c.html?b=57367
Frame ID: 9064FA9CEC4033A23A5BB98E11881B0D
Requests: 1 HTTP requests in this frame

Frame: https://content.admixer.net/test1/0ff357f2-7ad9-436e-95e7-381ea4e826b5/0a8172c5-63c0-48c6-b57d-5522debafca1.jpg
Frame ID: F06DEBA5F3E9E25DF4FDD7B675FEA74B
Requests: 2 HTTP requests in this frame

Frame: https://content.admixer.net/test1/cf52ccea-59f7-4ac4-9bc6-42b3472358b1/83ab779a-7785-4d35-bd98-8e64f2448fe5.jpg
Frame ID: 26AB6B676F0DCC50399A1631FFD6F267
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3257DF3A2A0356B54CB49C3280D8CC38
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4A4F0D786EE5437B201E5A3DEB2B8CA5
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=4A23175A-C353-4DF7-AF47-2D79A4468DF2&gdpr=0&gdpr_consent=
Frame ID: 8B8A1A406FFE2096DF4E9DBDE2E0F65B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7230885885915822228&gdpr=0&gdpr_consent=
Frame ID: 57A1B66B1C47737F2F57031E0E2351B5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=41f_7JLlUex_MN7O9nw-dbnVm5c&gdpr=0&gdpr_consent=
Frame ID: 5AB1C96D8EEE17191156555125C7FDC0
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 509681E23A795A45A34E287838A9C73C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC_mE7IsokAACAD9cpwxw&gdpr=0&gdpr_consent=
Frame ID: B76A8F9BFD9DE8620A909F14F68E3CC4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=4A23175A-C353-4DF7-AF47-2D79A4468DF2&gdpr=0&gdpr_consent=
Frame ID: BBF26B093D4B11655DDDAC7615556824
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: FA4772EA15293DEE9B4889A050FA7107
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 67B074500211616109973437868F3EB4
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 9281FFB9CCB5BFDEB8280B67BDA9EA35
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F277B24A026748B07664C1A670D2867F
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 2958CB03481D77B96DB8774280F0B4AE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhXRnTRTWhaUaTXgX&gdpr=0&gdpr_consent=
Frame ID: 85043B0F68148B5EEFFDD431E90AC8BF
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=568617690
Frame ID: E8E64012BDB8D2656995AE30EB6158FC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1m5q7yewwtmo
Frame ID: 02E68B887C8BB0AF0C8E5D4CC496D21C
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 21191207002ADE65C4080AA30F559F86
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0EAB688002AE441482F6378DC75D4414&gdpr=0&gdpr_consent=
Frame ID: 9F078663F434A1D340BC2599C31BA07A
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=4A23175A-C353-4DF7-AF47-2D79A4468DF2
Frame ID: FEC118BB38BADD880CF4BBD66CF55462
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Ziarul de Gardă – Singurul ziar de investigații din Republica Moldova.

Page URL History Show full URLs

  1. http://www.zdg.md/ HTTP 301
    https://www.zdg.md/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

404
Requests

82 %
HTTPS

25 %
IPv6

103
Domains

150
Subdomains

94
IPs

20
Countries

11578 kB
Transfer

16555 kB
Size

147
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.zdg.md/ HTTP 301
    https://www.zdg.md/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 148
  • https://gamd.hit.gemius.pl/_1683571814859/rexdot.js?l=100&sendf=24&id=pzMwOvbL5vz9YC1NCyPEtreO7zekqAOkFaG5TjMi2S7.L7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.zdg.md%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=NgnLs7o08PO.R6.GZYwQfGQrIPoPt32fDT0xj63hshz.67SoxIiavq.pc7Ius1jObWNfSqkRXxRMykl8Op0RenMA_VaI/6Az0FXrrodAmk/&fpdata=-TURNEDOFF&ltime=501&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=645944661549770f&brts=1683571814 HTTP 301
  • https://gamd.hit.gemius.pl/__/_1683571814859/rexdot.js?l=100&sendf=24&id=pzMwOvbL5vz9YC1NCyPEtreO7zekqAOkFaG5TjMi2S7.L7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.zdg.md%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=NgnLs7o08PO.R6.GZYwQfGQrIPoPt32fDT0xj63hshz.67SoxIiavq.pc7Ius1jObWNfSqkRXxRMykl8Op0RenMA_VaI/6Az0FXrrodAmk/&fpdata=-TURNEDOFF&ltime=501&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=645944661549770f&brts=1683571814
Request Chain 165
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 169
  • https://ib.adnxs.com/setuid?entity=533&code=d40bf87b0c3e44a5aafec12ac9c87d64 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Dd40bf87b0c3e44a5aafec12ac9c87d64
Request Chain 170
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d7299344-5e94-42f5-a29e-dd1e1089e8f8
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZDQwYmY4N2IwYzNlNDRhNWFhZmVjMTJhYzljODdkNjQ=&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZDQwYmY4N2IwYzNlNDRhNWFhZmVjMTJhYzljODdkNjQ=&google_cm=&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESECqCf9DimTvqItVjcrQUhIE&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=d40bf87b0c3e44a5aafec12ac9c87d64
Request Chain 174
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Dd40bf87b0c3e44a5aafec12ac9c87d64 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=2ba202f4-edd1-11ed-aaf0-801844df0ab8 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=9d7680a8-f3a4-4404-a3ab-916958d49f9c&ssp=lemma HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=432e52bd-9af3-402a-ac41-e79ba1fd5ecd HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=2ba202f4-edd1-11ed-aaf0-801844df0ab8 HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=lemma&bsw_custom_parameter=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5df69079-3043-49ee-b24e-05773a1f9419&expires=1&user_group=5&ssp=lemma&bsw_param=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=432e52bd-9af3-402a-ac41-e79ba1fd5ecd HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=d40bf87b0c3e44a5aafec12ac9c87d642ba202f4-edd1-11ed-aaf0-801844df0ab8
Request Chain 175
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=d40bf87b0c3e44a5aafec12ac9c87d64&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=d40bf87b0c3e44a5aafec12ac9c87d64&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=392a51ab-89bd-4ac2-a891-94089d152443&ssp=admixer&expires=30&user_group=5&bsw_param=432e52bd-9af3-402a-ac41-e79ba1fd5ecd HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&consent=&gdpr_pd=
Request Chain 176
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEEyMzE3NUEtQzM1My00REY3LUFGNDctMkQ3OUE0NDY4REYy&gdpr=-1&gdpr_consent={consent} HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent={consent} HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=%7Bconsent%7D&partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D4A23175A-C353-4DF7-AF47-2D79A4468DF2 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=4A23175A-C353-4DF7-AF47-2D79A4468DF2
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEGwM7R5NiEPBheEsZgZg-8k&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=d40bf87b0c3e44a5aafec12ac9c87d64
Request Chain 180
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-xmclLxBE2uEzRiGAyVGTmrhvPVXBn82pUBooGyI-~A
Request Chain 181
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=d40bf87b0c3e44a5aafec12ac9c87d64 HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZAF2257B1E114B978246CC3CF66D0189&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=d40bf87b0c3e44a5aafec12ac9c87d64
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ZDQwYmY4N2IwYzNlNDRhNWFhZmVjMTJhYzljODdkNjQ=&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEHqjIEY5EpZn5CBFoYgzrYE&google_cver=1
Request Chain 183
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=d40bf87b0c3e44a5aafec12ac9c87d64 HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=d40bf87b0c3e44a5aafec12ac9c87d64
Request Chain 184
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=1c6e0ce8-690e-5280-a564-702ac13d344d
Request Chain 185
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 187
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Dd40bf87b0c3e44a5aafec12ac9c87d64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=0 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=0&piggybackCookie=CAESEGiTavn5Pn5Bd3gjwOj0l88&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4A23175A-C353-4DF7-AF47-2D79A4468DF2&redir=true&gdpr=0&gdpr_consent=0 HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IEImgChE2uUStu17KJ3IWXO.djQB1_4-~A&gdpr=0
Request Chain 193
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D7265d2ba79ac2f13%26uid%3D%5BUID%5D HTTP 302
  • https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=7265d2ba79ac2f13&uid=ef16746a-9397-4b9f-bb38-630288a9e730
Request Chain 195
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7265d2ba79ac2f13%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7265d2ba79ac2f13&uid=3217243785272500728
Request Chain 196
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D7265d2ba79ac2f13%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7265d2ba79ac2f13&uid=ua-034b312a-a255-3ff8-8fc1-095d1d96bb53
Request Chain 197
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 198
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
Request Chain 209
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=52264a5b-0b6b-4089-872b-2c197665a71c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Request Chain 215
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=2fda0bef-2ad2-4275-a16f-1534e559d0be&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 216
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=095ec730-18a7-4866-5817-b324012859e3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=095ec730-18a7-4866-5817-b324012859e3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=21561468846829246770041620616303267328&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Request Chain 218
  • https://bn01.er.bemail.it/zeotap.php?_bid=095ec730-18a7-4866-5817-b324012859e3&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023050820-37889-0.716118001683571815-3c581d6040beb724c76ac0e2fa1a072e&zdid=533&env=mWeb
Request Chain 219
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7230885885915822228&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Request Chain 220
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=095ec730-18a7-4866-5817-b324012859e3 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=095ec730-18a7-4866-5817-b324012859e3
Request Chain 221
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=095ec730-18a7-4866-5817-b324012859e3&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=095ec730-18a7-4866-5817-b324012859e3&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361&bounce=1&random=3717160521 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=zvyQQ8MaUgLzCZxU5xRid.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Request Chain 223
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=095ec730-18a7-4866-5817-b324012859e3?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Request Chain 224
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-_bnPgMZE2orjWa.Ccv.0bhRj9q1HPK1bug--~A&zpartnerid=570&env=mWeb
Request Chain 225
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=uGAZJ835w3AigzRXgz1Z%2B%2BK%2BSW%2FAQq5q%2BS41iYitP1U%3D
Request Chain 229
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361&_test=ZFlEaAAIkObdUwBL HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZFlEaAAIkObdUwBL&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361&_test=ZFlEaAAIkObdUwBL
Request Chain 230
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=1fee6459-4467-4100-9d77-92ef4e685530&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Request Chain 231
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Request Chain 232
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=095ec730-18a7-4866-5817-b324012859e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=095ec730-18a7-4866-5817-b324012859e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361&dcc=t
Request Chain 234
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Request Chain 236
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=095ec730-18a7-4866-5817-b324012859e3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Request Chain 239
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=3217243785272500728
Request Chain 246
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=0307bba9-9ce0-41ff-a6b1-fd483e9bdf67
Request Chain 247
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3217243785272500728
Request Chain 248
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1683571815524 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3131566641 HTTP 302
  • https://sync.1rx.io/usersync/turn/8601431973187001550?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-67c38fd1-74b5-4e69-8093-c9a315b2470f-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-67c38fd1-74b5-4e69-8093-c9a315b2470f-003 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-67c38fd1-74b5-4e69-8093-c9a315b2470f-003
Request Chain 249
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3217243785272500728
Request Chain 250
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d7299344-5e94-42f5-a29e-dd1e1089e8f8
Request Chain 253
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=d40bf87b0c3e44a5aafec12ac9c87d64
Request Chain 256
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZFlEZ2Frf3xX03SB9gveRQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPzqC56EwqV8X91nrQ8NMyQ&google_cver=1
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELo3AFvWHZ7rYlIdyoPyB7Y&google_cver=1
Request Chain 258
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 260
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=9d7680a8-f3a4-4404-a3ab-916958d49f9c&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent=&us_privacy=
Request Chain 261
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1683658215
Request Chain 262
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=41f_7JLlUex_MN7O9nw-dbnVm5c
Request Chain 263
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=MIKJBKvg1PW5W75
Request Chain 266
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D7265d2ba79ac2f13%26uid%3D%5BUID%5D HTTP 302
  • https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=7265d2ba79ac2f13&uid=ef16746a-9397-4b9f-bb38-630288a9e730
Request Chain 268
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7265d2ba79ac2f13%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7265d2ba79ac2f13&uid=3217243785272500728
Request Chain 269
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D7265d2ba79ac2f13%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7265d2ba79ac2f13&uid=ua-034b312a-a255-3ff8-8fc1-095d1d96bb53
Request Chain 280
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 285
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2XvdzIj4e16FW0Qi95CM&pi=admatic
Request Chain 288
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f0f7e4979dd931bf
Request Chain 292
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZFlEZ2Frf3xX03SB9gveRQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPzqC56EwqV8X91nrQ8NMyQ&google_cver=1
Request Chain 293
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELo3AFvWHZ7rYlIdyoPyB7Y&google_cver=1
Request Chain 296
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=fed51c70-fe27-24a2-40186744
Request Chain 297
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAA%265266&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=20a6ea65-df55-453b-b03c-16441b0d2c38-tuctb52c9e8
Request Chain 298
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827775006497
Request Chain 299
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d3ddb4ec-5a0c-4795-9319-8847fb74e207
Request Chain 305
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3Dc1b17ca1-963f-4915-5300-26589a302816%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=c1b17ca1-963f-4915-5300-26589a302816&zdid=1361&puid=2bffb700-edd1-11ed-821a-9b29867dbf7b
Request Chain 318
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=-1&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1fee6459-4467-4100-9d77-92ef4e685530&gdpr=-1&gdpr_consent=
Request Chain 319
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D-1%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433827775006497 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=d40bf87b0c3e44a5aafec12ac9c87d64
Request Chain 321
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=1958579384616712276 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433827775006497&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 322
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3217243785272500728&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/4A23175A-C353-4DF7-AF47-2D79A4468DF2?gdpr=0&gdpr_consent=
Request Chain 323
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8GH6SvJh-UvrYaxBoGDiRfVt_kDrYvcW8GNbrsQs
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SiMXWsNTTfevRy15pEaN8g%3D%3D&gdpr=-1&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=-1&gdpr_consent=
Request Chain 328
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=-1&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=4A23175A-C353-4DF7-AF47-2D79A4468DF2
Request Chain 329
  • https://a.audrte.com/match?gdpr=-1&gdpr_consent=&p=M1717054901&uid=4A23175A-C353-4DF7-AF47-2D79A4468DF2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjdsZ2pjUFlHejVUZXkycHkyMmZqMEZEQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6388974307984886280&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 331
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=-1&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=&piggybackCookie=6388974307984886280 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 373
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d7299344-5e94-42f5-a29e-dd1e1089e8f8
Request Chain 374
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MmI2ZDlhYTNlMjBjNGVkYmI0MTcxYTY4MWQ3MzU4NmM=&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESECqCf9DimTvqItVjcrQUhIE&google_cver=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=d40bf87b0c3e44a5aafec12ac9c87d64
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=MmI2ZDlhYTNlMjBjNGVkYmI0MTcxYTY4MWQ3MzU4NmM=&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEHqjIEY5EpZn5CBFoYgzrYE&google_cver=1
Request Chain 383
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7230885885915822228&gdpr=0&gdpr_consent=
Request Chain 384
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=41f_7JLlUex_MN7O9nw-dbnVm5c&gdpr=0&gdpr_consent=
Request Chain 386
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDX21FN0lzb2tBQUNBRDljcHd4dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC_mE7IsokAACAD9cpwxw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC_mE7IsokAACAD9cpwxw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC_mE7IsokAACAD9cpwxw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4823440533775174280&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC_mE7IsokAACAD9cpwxw&gdpr=0&gdpr_consent=
Request Chain 387
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=4A23175A-C353-4DF7-AF47-2D79A4468DF2&gdpr=0&gdpr_consent=
Request Chain 389
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 390
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 393
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b29e7974b06072a2/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhXRnTRTWhaUaTXgX%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhXRnTRTWhaUaTXgX%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhXRnTRTWhaUaTXgX&gdpr=0&gdpr_consent=
Request Chain 394
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=568617690
Request Chain 395
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1m5q7yewwtmo
Request Chain 397
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0EAB688002AE441482F6378DC75D4414&gdpr=0&gdpr_consent=
Request Chain 400
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4A23175A-C353-4DF7-AF47-2D79A4468DF2&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4A23175A-C353-4DF7-AF47-2D79A4468DF2&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 401
  • https://pixel.onaudience.com/?partner=214&mapped=4A23175A-C353-4DF7-AF47-2D79A4468DF2&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 404
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3217243785272500728
Request Chain 405
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8601431973187001550&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 406
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b39eb4bb-0c87-4f81-940f-5eb64c4fdd9c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

404 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.zdg.md/
Redirect Chain
  • http://www.zdg.md/
  • https://www.zdg.md/
719 KB
203 KB
Document
General
Full URL
https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
66cb1c386cfa086d79521d8b504ee10c060e8e3f40b6d002ff446b820f3dc683

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 May 2023 18:50:13 GMT
Last-Modified
Mon, 08 May 2023 18:27:42 GMT
Server
nginx
Transfer-Encoding
chunked
WPO-Cache-Status
cached

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Mon, 08 May 2023 18:50:13 GMT
Location
https://www.zdg.md/
Server
nginx
jquery-3.5.0.js
code.jquery.com/
281 KB
83 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.0.js
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
aff01a147aeccc9b70a5efad1f2362fd709f3316296ec460d94aa7d31decdb37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:13 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-463a1"
vary
Accept-Encoding
x-hw
1683571813.dop029.am5.t,1683571813.cds283.am5.hn,1683571813.cds315.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
84374
js
www.googletagmanager.com/gtag/
221 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VF704GSXJL
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7de31c3e9dbcabe2c5b749c4a76992e7efa43548d334ad2e41a7d42a6c4eaa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79556
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 08 May 2023 18:50:13 GMT
css2
fonts.googleapis.com/
30 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f09946ceb03b4c975f1c3c826091a2f869283afcdd22ce6d2540b09a5b253b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 08 May 2023 18:50:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 08 May 2023 18:46:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 May 2023 18:50:13 GMT
iframe_api
www.youtube.com/
1 KB
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9fbd32212b5e1d8c88a8fa8215367e8f9c5679417529f9debfc3546834231bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Mon, 08 May 2023 18:50:13 GMT
weather-module.css
www.zdg.md/wp-content/themes/zdg/plugins/weather-module/assets/
3 KB
2 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/plugins/weather-module/assets/weather-module.css?ver=7a22247de8db3271f3bf8573be10e986
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
ebaeecef7cb70a2f146534fff55cfa042d1c246d4d5fff4eae164b5d925328bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 10:18:55 GMT
Server
nginx
ETag
W/"62c8048f-ce8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
currency-module.css
www.zdg.md/wp-content/themes/zdg/plugins/currency-module/assets/
307 B
553 B
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/plugins/currency-module/assets/currency-module.css?ver=7a22247de8db3271f3bf8573be10e986
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
557f333cabc948b6418d229a3a3b3b683dbfa3fffbc7489a0d9f5e18fe5b4a6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 06:29:05 GMT
Server
nginx
ETag
W/"62a19331-133"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
style.min.css
www.zdg.md/wp-includes/css/dist/block-library/
95 KB
13 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-includes/css/dist/block-library/style.min.css?ver=7a22247de8db3271f3bf8573be10e986
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2023 00:03:58 GMT
Server
nginx
ETag
W/"6424d1ee-17ced"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
classic-themes.min.css
www.zdg.md/wp-includes/css/
291 B
557 B
Stylesheet
General
Full URL
https://www.zdg.md/wp-includes/css/classic-themes.min.css?ver=7a22247de8db3271f3bf8573be10e986
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2023 00:03:58 GMT
Server
nginx
ETag
W/"6424d1ee-123"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
animate.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/css/
202 KB
18 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/css/animate.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
5921a3ec0ccd5ba7bf47ebb34ade5df71bec24ec1f29aa95a6a2883b01d4ec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-32934"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
lvca-frontend.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/css/
27 KB
4 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/css/lvca-frontend.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
88db21b1aebcbf50d44112efef078b9cae6cafc5f41f5e771925663fc4040c94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-6a2d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
icomoon.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/css/icomoon.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
62a41df1efd64d4a3f5efc1c6da7e03d3907a65842088e4b428317545758ae21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-1ef0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
styles.css
www.zdg.md/wp-content/plugins/contact-form-7/includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Apr 2023 12:04:57 GMT
Server
nginx
ETag
W/"64451ee9-b2b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
menu-image.css
www.zdg.md/wp-content/plugins/menu-image/includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.0.8
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Jul 2022 12:51:23 GMT
Server
nginx
ETag
W/"62e134cb-d0f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
dashicons.min.css
www.zdg.md/wp-includes/css/
58 KB
35 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-includes/css/dashicons.min.css?ver=7a22247de8db3271f3bf8573be10e986
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 21:16:22 GMT
Server
nginx
ETag
W/"603ffca6-e688"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
style.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/clients/css/
6 KB
1 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/clients/css/style.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
24869e210e16d95c03ed20ba2b18a87a1806cd21aa0f6743f8d55c162473b99b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-169a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
style.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/heading/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/heading/css/style.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
eacd94e08972bdc6379afc2cea073cf9e4fd7bea80f415540faedad69a458188

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-bcc"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
slick.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/css/
2 KB
906 B
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/css/slick.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
af6be6f00e496dc8f938e889ad87ed5cc38cfaaa2d63009c25fdf21c32871262

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-711"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
style.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/posts-carousel/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/posts-carousel/css/style.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
608a6c84fa003c4969ca8bef6201ec456214153a775f776de329c35b02b2e278

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-20ea"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
style.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/services/css/
6 KB
1 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/services/css/style.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
9416c533085a5d57deaa9f07f222b7cdcb500b79b24a2e925054f82e6e00ad14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-19f9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
style.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/tabs/css/
27 KB
4 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/tabs/css/style.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
be91b2c45166948c87ee5e2bc8b385f9c3ced701f8063c93f10e01c708325020

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-6d59"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
style.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/team/css/
7 KB
1 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/team/css/style.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
73aa09e0dd125310cab339c0585c05fb408f8e006de81f788ee9950d341b56d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-1b6d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
style.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/testimonials/css/
2 KB
983 B
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/testimonials/css/style.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
35a9966ec46721ba779895a9ef1c19b986bad3b9c6f3c3deeeacb672c5408663

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-82a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
flexslider.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/css/
16 KB
5 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/css/flexslider.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
a97b293c9a64eaf10d24bf86094f6f040419ab3e7817280778f706476000ec1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-3e5b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
style.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/testimonials-slider/css/
2 KB
893 B
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/testimonials-slider/css/style.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
5c2d8ab3bf59bb7fa8af999c2fc20352a8f67b158947d1d0c24f01b84138e06f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-793"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
style.css
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/portfolio/css/
11 KB
2 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/portfolio/css/style.css?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
cdf8299abbf852dae186ae80bb55a8b935d45ea1ff7bd2cc5f530ead2f1ccd74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-2a24"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
swiper-bundle.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/
16 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.css?ver=0.51380900%201683570461
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5e75a6b6761afacf1cd0fa8c0063321b61434773ac5275c7fa7ec666d8d5c3c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
914543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3947
last-modified
Wed, 12 Oct 2022 17:02:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6346f31c-f6b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTMBSJ0YNWEBacusf2%2BSbGtZa10BDBZ3POg4sIuLxjaCA3IOLkqqqtg1KwdRsjDANYwRbNgDMrwEHGLZPjTkDuwq4Pz%2BrrCfow1Gb3uHu8ChcfKWdajutVgK7Lfgl6sAEQ07D8m%2B3dfPRCrivtCm4cTs"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c43e31afaafbb62-FRA
expires
Sat, 27 Apr 2024 18:50:13 GMT
letmescroll.css
www.zdg.md/wp-content/themes/zdg/assets/vendors/let-me-scroll/
1 KB
888 B
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/assets/vendors/let-me-scroll/letmescroll.css?ver=0.51382000%201683570461
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
be8b56c99bfb21f390e96edeee0e1b7f7b5ec2d6e4d6806357499e47a38f7101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 06:29:05 GMT
Server
nginx
ETag
W/"62a19331-584"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
media-styles.css
www.zdg.md/wp-content/themes/zdg/plugins/xarites-media/assets/scss/
10 KB
3 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/plugins/xarites-media/assets/scss/media-styles.css?ver=0.51384300%201683570461
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
1b4bc9672388e6463614e3063c4709fddaceb42119d3edf0bc4b09f66c51b4a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Oct 2022 11:53:44 GMT
Server
nginx
ETag
W/"635fb748-2866"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
banner-styles.css
www.zdg.md/wp-content/themes/zdg/plugins/xarites-banners/assets/scss/
2 KB
966 B
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/plugins/xarites-banners/assets/scss/banner-styles.css?ver=0.51386400%201683570461
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
591a0e33b41b37a43e031e5c8256b85637f242fb400ac48502b104779f4cf769

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Oct 2022 11:50:08 GMT
Server
nginx
ETag
W/"635fb670-677"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
style.css
www.zdg.md/wp-content/themes/zdg/
253 B
554 B
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/style.css
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
0fb61fccb8e5484eb46e97fe46e91bb8cb005153771d4c8ff6fc5e54ede40fbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Last-Modified
Thu, 09 Jun 2022 06:29:05 GMT
Server
nginx
ETag
"62a19331-fd"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
253
Expires
Wed, 07 Jun 2023 18:50:13 GMT
styles.css
www.zdg.md/wp-content/themes/zdg/assets/css/
360 KB
76 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/assets/css/styles.css?ver=0.51389700%201683570461
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
f33203f6c0cae049b74bd35540da27dad9f388dee91a7995ef080343de8610aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Oct 2022 11:50:08 GMT
Server
nginx
ETag
W/"635fb670-5a035"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
modal-styles.css
www.zdg.md/wp-content/themes/zdg/plugins/xarites-modals/assets/scss/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/plugins/xarites-modals/assets/scss/modal-styles.css?ver=0.51402900%201683570461
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
5be0f953f3c55d60a00f328659c98d176a4e8cf98d7b76d791a8debff3e686be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Oct 2022 11:50:09 GMT
Server
nginx
ETag
W/"635fb671-19eb"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
jquery.min.js
www.zdg.md/wp-includes/js/jquery/
88 KB
31 KB
Script
General
Full URL
https://www.zdg.md/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2023 00:03:58 GMT
Server
nginx
ETag
W/"6424d1ee-15ed7"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
jquery-migrate.min.js
www.zdg.md/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://www.zdg.md/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2023 00:03:58 GMT
Server
nginx
ETag
W/"6424d1ee-3470"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
jquery.waypoints.min.js
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/
9 KB
3 KB
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/jquery.waypoints.min.js?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
5f4c8e76510fcde1fcc1c76ed8894b0afbb06718c75591dbb11d3b733252b5b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-2354"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
lvca-frontend.min.js
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/
3 KB
2 KB
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/lvca-frontend.min.js?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
9bafef9c308297d72be74854119c74881d53b05c7bdb0970280be704cc853da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-ca2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
posts-carousel.min.js
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/posts-carousel/js/
986 B
745 B
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/posts-carousel/js/posts-carousel.min.js?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
fefa3b7ddf55edaebebf8b665c8ec1231dbba25e91c1b9a6f685e1a6e76323c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-3da"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
slick.min.js
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/
52 KB
12 KB
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/slick.min.js?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
b0e35a661e377c448b9d91520c0cac9444fad4df84a7df449dea1fbcf44a1824

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-ce8f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
services.min.js
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/services/js/
728 B
666 B
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/services/js/services.min.js?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
7d28203037ba98815f408afb19842b365f6b5581d62405f6423f34ecf6328d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-2d8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
tabs.min.js
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/tabs/js/
1 KB
918 B
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/tabs/js/tabs.min.js?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
e11a5ac72bea720c89def194185cc6dd5a671c11bf786e4942b581118b29cdc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-5cc"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
jquery.flexslider.min.js
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/
30 KB
7 KB
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/jquery.flexslider.min.js?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
a5005b6d981acbae1e0f3637d76927718785fcf90989c45b9e329b6568b880be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-786f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
testimonials.min.js
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/testimonials-slider/js/
1 KB
812 B
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/testimonials-slider/js/testimonials.min.js?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
c7f60558c3dabc921766aad1a2a676c9ae7e1fbb6cc7cdf73e6fe6ec322aa250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-41b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
isotope.pkgd.min.js
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/
48 KB
12 KB
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/isotope.pkgd.min.js?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
ac1f323852a36632f8dfe30353a701c696c19790d925f66a030a9ddd275eb7c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-bed4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
imagesloaded.pkgd.min.js
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/
7 KB
2 KB
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/imagesloaded.pkgd.min.js?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
27fc765db7aa744154046374d0de6f76f19cba5203ef8f29ddfd8ca3d5d2b4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-1cb2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
portfolio.min.js
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/portfolio/js/
2 KB
1 KB
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/portfolio/js/portfolio.min.js?ver=3.1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
c919fdf1d93278991898c7128dfcbb3cdb60b3b21be2be64a8184876a54dccf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 09:18:10 GMT
Server
nginx
ETag
W/"6405afd2-884"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
device.js
www.zdg.md/wp-content/themes/zdg/assets/vendors/
3 KB
1 KB
Script
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/assets/vendors/device.js?ver=0.51381700%201683570461
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
6b82b6e4b6dc9fa4b0443b33c26555dc0a840d6252126f231784fa55b3d33039

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Jul 2022 14:16:03 GMT
Server
nginx
ETag
W/"62e148a3-cdf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
plugin-utils.js
www.zdg.md/wp-content/themes/zdg/plugins/xarites-media/assets/js/
3 KB
1 KB
Script
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/plugins/xarites-media/assets/js/plugin-utils.js?ver=1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
681630720bf4d6375a2a4c5b4ba8644585c3eca0e50f4070e020fc09727fbf89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 02 Jul 2022 14:09:53 GMT
Server
nginx
ETag
W/"62c051b1-cdb"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
plugin-utils.js
www.zdg.md/wp-content/themes/zdg/plugins/xarites-modals/assets/js/
3 KB
1 KB
Script
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/plugins/xarites-modals/assets/js/plugin-utils.js?ver=1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
681630720bf4d6375a2a4c5b4ba8644585c3eca0e50f4070e020fc09727fbf89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 06:29:05 GMT
Server
nginx
ETag
W/"62a19331-cdb"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
sdk.js
connect.facebook.net/ro_RO/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/ro_RO/sdk.js
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
817e3218da9097043b447ce0dd5ce5244adfa92e829ca6df7b087239e1dfcb40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.zdg.md/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 18:50:13 GMT
content-md5
8jDFJxDaWPN/w2Rd/vzpuQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
ThJqro8MkbizjmafBNkBKc/WRjNwfnV/civMLpUx7/XttSwGqoPqckyhkKpH1NH/jagfIXMEpgZJV0JbUoSmYA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
f57af2e4c298d7f9f46070dd7f3fcf11
cross-origin-opener-policy
same-origin-allow-popups
etag
"557ad10b3c00a38ba904c9a71dd90816"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 08 May 2023 19:00:49 GMT
weather-module.js
www.zdg.md/wp-content/themes/zdg/plugins/weather-module/assets/
678 B
710 B
Script
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/plugins/weather-module/assets/weather-module.js
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
e3d43985e0583a9dc6d1b43ed76e57326b8072984ed71625149408876f7afb9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 06:29:05 GMT
Server
nginx
ETag
W/"62a19331-2a6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
currency-module.js
www.zdg.md/wp-content/themes/zdg/plugins/currency-module/assets/
758 B
713 B
Script
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/plugins/currency-module/assets/currency-module.js
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d312ec2492a619a8b8a16adbb36f978e82a2174d694b77fc631b81a99a3d9ae4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 06:29:05 GMT
Server
nginx
ETag
W/"62a19331-2f6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
index.js
www.zdg.md/wp-content/plugins/contact-form-7/includes/swv/js/
10 KB
3 KB
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Apr 2023 12:04:57 GMT
Server
nginx
ETag
W/"64451ee9-2801"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
index.js
www.zdg.md/wp-content/plugins/contact-form-7/includes/js/
13 KB
4 KB
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Apr 2023 12:04:57 GMT
Server
nginx
ETag
W/"64451ee9-328f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
swiper-bundle.min.js
cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/
140 KB
34 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4114949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34630
last-modified
Wed, 12 Oct 2022 17:02:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6346f31c-8746"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3siyspm7ZtZp735swCzG67i3qKg8gBmWPrXcJGwJIWzEx0nssYA8CzXkBl%2B9YzWpx9NCBChMH%2FDybT6u%2Fj%2FS0Htqlq8Kt7Gz6HsWntyeJRT%2FBYgIdqB5ytgV32O8AapZmPizc2Ux1b9PGbMQsksMEHI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c43e31afab0bb62-FRA
expires
Sat, 27 Apr 2024 18:50:13 GMT
letmescroll.js
www.zdg.md/wp-content/themes/zdg/assets/vendors/let-me-scroll/
17 KB
4 KB
Script
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/assets/vendors/let-me-scroll/letmescroll.js?ver=0.51382200%201683570461
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d69f6d1ad0eba1dbcc6f1088550b5ef8271b3ead03d07265e1c2fbccf2a294b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 06:29:05 GMT
Server
nginx
ETag
W/"62a19331-44ad"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
media-scripts.js
www.zdg.md/wp-content/themes/zdg/plugins/xarites-media/assets/js/
9 KB
3 KB
Script
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/plugins/xarites-media/assets/js/media-scripts.js?ver=0.51384800%201683570461
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
987d51f826628d695844532a5945d243194b40f15adabb6f1a54f0e430614040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 24 Jul 2022 19:24:40 GMT
Server
nginx
ETag
W/"62dd9c78-24e3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
utils.js
www.zdg.md/wp-content/themes/zdg/assets/js/
4 KB
2 KB
Script
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/assets/js/utils.js?ver=7a22247de8db3271f3bf8573be10e986
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
7d3052ab69aded5886cf9ad0b619b114d502e90c99dd9fd43813d1cf88b01d55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Oct 2022 06:54:57 GMT
Server
nginx
ETag
W/"635f7141-107b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
scripts.js
www.zdg.md/wp-content/themes/zdg/assets/js/
57 KB
11 KB
Script
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/assets/js/scripts.js?ver=0.51392400%201683570461
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
89f1d2c253ffaafa11cc379beefec1524534f8e2b359fc31f0c1efd7f4a7d075

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Oct 2022 06:54:55 GMT
Server
nginx
ETag
W/"635f713f-e2cd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
api.js
www.google.com/recaptcha/
884 B
907 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LeUQVwiAAAAAI-No47eurPKekD5TFhOuHm7kNET&ver=3.0
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dfac4def80a6d387abaa606632b724e22a4e1dc4131411a77eecee0265ef3a12
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
587
x-xss-protection
1; mode=block
expires
Mon, 08 May 2023 18:50:13 GMT
wp-polyfill-inert.min.js
www.zdg.md/wp-includes/js/dist/vendor/
8 KB
3 KB
Script
General
Full URL
https://www.zdg.md/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2023 00:03:58 GMT
Server
nginx
ETag
W/"6424d1ee-1feb"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
regenerator-runtime.min.js
www.zdg.md/wp-includes/js/dist/vendor/
6 KB
3 KB
Script
General
Full URL
https://www.zdg.md/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2023 00:03:58 GMT
Server
nginx
ETag
W/"6424d1ee-19cf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
wp-polyfill.min.js
www.zdg.md/wp-includes/js/dist/vendor/
17 KB
7 KB
Script
General
Full URL
https://www.zdg.md/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Nov 2022 11:35:18 GMT
Server
nginx
ETag
W/"636255f6-459f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
index.js
www.zdg.md/wp-content/plugins/contact-form-7/modules/recaptcha/
999 B
884 B
Script
General
Full URL
https://www.zdg.md/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.6
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Apr 2023 12:04:57 GMT
Server
nginx
ETag
W/"64451ee9-3e7"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
modal-scripts.js
www.zdg.md/wp-content/themes/zdg/plugins/xarites-modals/assets/js/
16 KB
4 KB
Script
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/plugins/xarites-modals/assets/js/modal-scripts.js?ver=0.51403500%201683570461
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
1b6cff2596ee3ff38f3812b20feadfdf98ba41529e87472ccf47eb33f5712e37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 06:29:05 GMT
Server
nginx
ETag
W/"62a19331-4146"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
loader2.js
cdn.admixer.net/scripts3/
178 KB
56 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
260c5188c2d3c717a7c9206edaf4bce47be52c83c56e9c433f24a1163c0a7347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:13 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:27 GMT
server
nginx
etag
W/"64511aff-2c649"
x-cached-since
2023-05-08T18:44:46+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
cross-origin-resource-policy
cross-origin
x-nginx
nginx-be
expires
Tue, 02 May 2023 14:27:42 GMT
wp-emoji-release.min.js
www.zdg.md/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.zdg.md/wp-includes/js/wp-emoji-release.min.js?ver=7a22247de8db3271f3bf8573be10e986
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2023 00:03:58 GMT
Server
nginx
ETag
W/"6424d1ee-4904"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
truncated
/
306 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
xgemius.js
gamd.hit.gemius.pl/
64 KB
18 KB
Script
General
Full URL
https://gamd.hit.gemius.pl/xgemius.js
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
128.140.224.226 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GHC /
Resource Hash
9cf29cebf607fff8cce66b1b38ae097bd4574dff76124814c7ef7cba72cf4c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:13 GMT
content-encoding
gzip
last-modified
Fri, 05 May 2023 11:03:29 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
18031
expires
Tue, 09 May 2023 06:50:13 GMT
prebid-loader2.aspx
prebid-inv-eu.admixer.net/
10 KB
10 KB
Script
General
Full URL
https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=4cdc12fb-58a7-4322-90e7-7a8f9f8db789&_=1683571813676
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
750e425d1ed8149c86ac8d24fe060bd42d1716e0d42c76d98f665de18611c5ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:13 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
content-type
application/javascript
truncated
/
45 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf16d25e86998a4b0ed9403042e00e4f6ffe22f4a19f3026d0a1d62ed1e8cc77

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
skeleton.svg
test.zdg.md/wp-content/uploads/2022/06/
663 B
553 B
Image
General
Full URL
https://test.zdg.md/wp-content/uploads/2022/06/skeleton.svg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/wp-content/themes/zdg/assets/css/styles.css?ver=0.51389700%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
5609ac5348c90e59af40483995da8aa7524e81e97dcb308190fe9d2cbadc361d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jun 2022 17:55:55 GMT
Server
nginx
ETag
W/"62a8cbab-297"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 03:23:58 GMT
x-content-type-options
nosniff
age
314775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 May 2024 03:23:58 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 17:12:56 GMT
x-content-type-options
nosniff
age
351437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 May 2024 17:12:56 GMT
neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v15/
20 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v15/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6889a7789d4db6452dd58c9f2b0ae003221eae0cfe30e2402d0d941f7f371fe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:35:11 GMT
x-content-type-options
nosniff
age
162902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20864
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:27:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 21:35:11 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 23:02:35 GMT
x-content-type-options
nosniff
age
157658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 23:02:35 GMT
neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
fonts.gstatic.com/s/sourceserifpro/v15/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v15/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
547a2c05a1b8744633148a704ddba5adac238c5cbaf05bbd25606827a372b019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 15:16:34 GMT
x-content-type-options
nosniff
age
185619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19980
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:45:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 15:16:34 GMT
OpenWeatherIcons.woff2
www.zdg.md/wp-content/themes/zdg/plugins/weather-module/assets/fonts/
3 KB
3 KB
Font
General
Full URL
https://www.zdg.md/wp-content/themes/zdg/plugins/weather-module/assets/fonts/OpenWeatherIcons.woff2
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/wp-content/themes/zdg/plugins/weather-module/assets/weather-module.css?ver=7a22247de8db3271f3bf8573be10e986
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
1f21f36b76aa068bb644f2ede985d8261ba98a13404ab9d82d6b91513bebd5c9

Request headers

Referer
https://www.zdg.md/wp-content/themes/zdg/plugins/weather-module/assets/weather-module.css?ver=7a22247de8db3271f3bf8573be10e986
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Last-Modified
Thu, 09 Jun 2022 06:29:05 GMT
Server
nginx
ETag
"62a19331-bbc"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3004
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
11 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51fc350bb83c998a124f1bb756b38cc218912b1f2952e6f1c755c1a13da69f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 19:44:25 GMT
x-content-type-options
nosniff
age
515148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11696
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:13:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 19:44:25 GMT
neIXzD-0qpwxpaWvjeD0X88SAOeasasatSKqxLUv.woff2
fonts.gstatic.com/s/sourceserifpro/v15/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v15/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSKqxLUv.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c1a525a97fa2c3e0a76708f01cb6c15c136ee79843f7fd3dd0e30eee17d1667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:26:19 GMT
x-content-type-options
nosniff
age
163434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12200
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:05:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 21:26:19 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 15:13:03 GMT
x-content-type-options
nosniff
age
185830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11792
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 15:13:03 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
11 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51b92baed544da51ed74076ee2a3b3e8a4fb231ddf6647195723ef16fa430291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:03:59 GMT
x-content-type-options
nosniff
age
179174
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11724
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:50:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 17:03:59 GMT
neIQzD-0qpwxpaWvjeD0X88SAOeauXo-oBOL.woff2
fonts.gstatic.com/s/sourceserifpro/v15/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v15/neIQzD-0qpwxpaWvjeD0X88SAOeauXo-oBOL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8f0d71e1412843f5b4200727ec430fea23048c9ee9e49d4410ca164c282836d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 19:27:43 GMT
x-content-type-options
nosniff
age
170550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12128
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:45:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 19:27:43 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:04:27 GMT
x-content-type-options
nosniff
age
179146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7448
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:14:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 17:04:27 GMT
uk-flag.svg
www.zdg.md/wp-content/uploads/2022/07/
389 B
613 B
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2022/07/uk-flag.svg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
4b12646ccf9b9747ad8592ea533b01c91b620c3af3219e0dd52bf52eaeab6c5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Jul 2022 11:08:32 GMT
Server
nginx
ETag
W/"62e11cb0-185"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:13 GMT
mig-29.jpeg
www.zdg.md/wp-content/uploads/2023/05/
63 KB
63 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/05/mig-29.jpeg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d1ddf9e049f2325e90388163635bc1484274d24a392fcdcae612505b9bdc7136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Last-Modified
Mon, 08 May 2023 18:20:42 GMT
Server
nginx
ETag
"64593d7a-fc71"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64625
Expires
Wed, 07 Jun 2023 18:50:13 GMT
4e1bbcd8_69a9_eef8_08986400-e1518000259891-1920x1020-c-default-740x393.jpeg
www.zdg.md/wp-content/uploads/2022/01/
61 KB
61 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2022/01/4e1bbcd8_69a9_eef8_08986400-e1518000259891-1920x1020-c-default-740x393.jpeg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
67c45b1b00da9e94f1782e355b442fbace5704204c479c6981fbbf5352967aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Last-Modified
Tue, 18 Jan 2022 07:36:24 GMT
Server
nginx
ETag
"61e66df8-f48b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
62603
Expires
Wed, 07 Jun 2023 18:50:13 GMT
adina-valean-740x493.jpg
www.zdg.md/wp-content/uploads/2023/05/
39 KB
39 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/05/adina-valean-740x493.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
e37a88c89a786ff343da9871e20b4d4857ead64079b38243e6a7386b37438a95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Last-Modified
Mon, 08 May 2023 17:11:14 GMT
Server
nginx
ETag
"64592d32-9c47"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40007
Expires
Wed, 07 Jun 2023 18:50:13 GMT
partidul-sor-740x393.jpg
www.zdg.md/wp-content/uploads/2021/05/
60 KB
60 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2021/05/partidul-sor-740x393.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
2f88285e8afba05464ad6b574f4c448c72b6ff7fb1116fa7fe5625470d11a231

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Last-Modified
Fri, 14 May 2021 13:54:39 GMT
Server
nginx
ETag
"609e811f-ef10"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61200
Expires
Wed, 07 Jun 2023 18:50:13 GMT
collect
region1.analytics.google.com/g/
0
242 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VF704GSXJL&gtm=45je3530&_p=491831632&_gaz=1&cid=121543173.1683571814&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683571813&sct=1&seg=0&dl=https%3A%2F%2Fwww.zdg.md%2F&dt=Ziarul%20de%20Gard%C4%83%20%E2%80%93%20Singurul%20ziar%20de%20investiga%C8%9Bii%20din%20Republica%20Moldova.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VF704GSXJL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zdg.md
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
251 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VF704GSXJL&cid=121543173.1683571814&gtm=45je3530&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VF704GSXJL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zdg.md
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VF704GSXJL&cid=121543173.1683571814&gtm=45je3530&aip=1&z=1447464344
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
344285528_2737100193093104_8757074006999695054_n.png
www.zdg.md/wp-content/uploads/2023/05/
533 KB
533 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/05/344285528_2737100193093104_8757074006999695054_n.png
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
b39f9fb6e1ee8a7cee562dbfc27619c4c4714fbca8e7608f2ba9ebe221d0c025

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:13 GMT
Last-Modified
Sun, 07 May 2023 16:55:21 GMT
Server
nginx
ETag
"6457d7f9-85251"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
545361
Expires
Wed, 07 Jun 2023 18:50:13 GMT
342548138_965718791319374_2147343402302626516_n.png
www.zdg.md/wp-content/uploads/2023/06/
3 MB
3 MB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/06/342548138_965718791319374_2147343402302626516_n.png
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d9393bb4c0dea79c72c7e3b5cf9c4cdd72f9192679865acfff444bfba6382ac6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Mon, 08 May 2023 06:42:05 GMT
Server
nginx
ETag
"645899bd-30a819"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3188761
Expires
Wed, 07 Jun 2023 18:50:14 GMT
neIVzD-0qpwxpaWvjeD0X88SAOeauXEGfS-axq0r.woff2
fonts.gstatic.com/s/sourceserifpro/v15/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v15/neIVzD-0qpwxpaWvjeD0X88SAOeauXEGfS-axq0r.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93affa24657d95188b95b212b55251116e1e517256a827455288b196b89b159f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 23:16:48 GMT
x-content-type-options
nosniff
age
156806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20520
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:30:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 23:16:48 GMT
neIVzD-0qpwxpaWvjeD0X88SAOeauXEGfS-ayK0rRrI.woff2
fonts.gstatic.com/s/sourceserifpro/v15/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v15/neIVzD-0qpwxpaWvjeD0X88SAOeauXEGfS-ayK0rRrI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300;400;600;700;900&family=Source+Serif+Pro:ital,wght@0,300;0,400;0,600;0,700;1,400;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed514ba9ef2988dc02b9ca459b565b6149d15870eb3f676638b11733a807b721
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 05:45:34 GMT
x-content-type-options
nosniff
age
133480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12780
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:32:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 May 2024 05:45:34 GMT
342548138_965718791319374_2147343402302626516_n-360x203.png
www.zdg.md/wp-content/uploads/2023/06/
117 KB
117 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/06/342548138_965718791319374_2147343402302626516_n-360x203.png
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
6b88d240426bc1b11ffcebbb525fda3328be86b27a1203ab0fd90e68e70c0106

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Mon, 08 May 2023 06:42:06 GMT
Server
nginx
ETag
"645899be-1d2c8"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
119496
Expires
Wed, 07 Jun 2023 18:50:14 GMT
344285528_2737100193093104_8757074006999695054_n-360x203.png
www.zdg.md/wp-content/uploads/2023/05/
143 KB
144 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/05/344285528_2737100193093104_8757074006999695054_n-360x203.png
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
501ae5674d2ef4ae09bbfbef83ecfdc4a5b30fb73bea724de708c466a953ee93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Sun, 07 May 2023 16:55:22 GMT
Server
nginx
ETag
"6457d7fa-23d32"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
146738
Expires
Wed, 07 Jun 2023 18:50:14 GMT
668-presa-ziare-360x240.jpg
www.zdg.md/wp-content/uploads/2018/06/
28 KB
28 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2018/06/668-presa-ziare-360x240.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
9e060a09c262fb79a5412dfafa0e520e51a4cbb98826e751975103fc8f406439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Thu, 21 Jun 2018 10:47:06 GMT
Server
nginx
ETag
"5b2b822a-6f79"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28537
Expires
Wed, 07 Jun 2023 18:50:14 GMT
5_edit-presa-libera-360x203.png
www.zdg.md/wp-content/uploads/2023/05/
36 KB
37 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/05/5_edit-presa-libera-360x203.png
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
2b4a759f3ff8a902f8eeba09c7f9830fb024d6576aacdb21f28cc36138d0413e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Thu, 04 May 2023 09:25:09 GMT
Server
nginx
ETag
"645379f5-914e"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37198
Expires
Wed, 07 Jun 2023 18:50:14 GMT
maxresdefault-1-360x203.jpg
www.zdg.md/wp-content/uploads/2023/05/
20 KB
20 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/05/maxresdefault-1-360x203.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
2db76689df8dd5895ab412d706b91a61531850ce1ad9f896cbc32cf65681c4e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Sun, 07 May 2023 07:54:53 GMT
Server
nginx
ETag
"6457594d-508d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20621
Expires
Wed, 07 Jun 2023 18:50:14 GMT
342712394_785729079476021_7080887796740051233_n-360x203.jpg
www.zdg.md/wp-content/uploads/2023/05/
16 KB
16 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/05/342712394_785729079476021_7080887796740051233_n-360x203.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
73a671ba12450ca862f444c31a3bfce93f7ad5bdb076c09a90b35399117dd74f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Fri, 05 May 2023 21:23:23 GMT
Server
nginx
ETag
"645573cb-3ee6"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16102
Expires
Wed, 07 Jun 2023 18:50:14 GMT
costurile-mortii.jpg
www.zdg.md/wp-content/uploads/2023/05/
557 KB
557 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/05/costurile-mortii.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
ef9eba7a028262f0e09dff4034b913d38f75c10cc374519b3a4b93f072814815

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Fri, 05 May 2023 07:15:02 GMT
Server
nginx
ETag
"6454acf6-8b376"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
570230
Expires
Wed, 07 Jun 2023 18:50:14 GMT
Armata.-Coperta-360x203.png
www.zdg.md/wp-content/uploads/2023/05/
114 KB
114 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/05/Armata.-Coperta-360x203.png
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
2e4766ec35769898771c6cd838c1011b4a70045dda2593d5e1f9cb35f802c459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Wed, 03 May 2023 07:14:22 GMT
Server
nginx
ETag
"645209ce-1c80c"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
116748
Expires
Wed, 07 Jun 2023 18:50:14 GMT
Cover-podcast-1-mai-360x203.jpeg
www.zdg.md/wp-content/uploads/2023/04/
18 KB
19 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/04/Cover-podcast-1-mai-360x203.jpeg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d3125eb18f64012fd6e848747eeaf3458461b95f5214770c395ef2576aa1a845

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Fri, 28 Apr 2023 14:43:47 GMT
Server
nginx
ETag
"644bdba3-49e1"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18913
Expires
Wed, 07 Jun 2023 18:50:14 GMT
Editorial-Alina-Radu-360x230.jpg
www.zdg.md/wp-content/uploads/2022/10/
17 KB
17 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2022/10/Editorial-Alina-Radu-360x230.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
744daedbd5fbcbb559030f2b8c7224ba73d2311516674356467ad5295d534926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Fri, 07 Oct 2022 13:09:29 GMT
Server
nginx
ETag
"63402509-42f4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17140
Expires
Wed, 07 Jun 2023 18:50:14 GMT
Editorial-Aneta-Grosu-360x230.jpg
www.zdg.md/wp-content/uploads/2022/10/
17 KB
18 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2022/10/Editorial-Aneta-Grosu-360x230.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
cddb2a9bfb75c239a3211f0eab2c2700fde08b01883bc9f0ca9eb193e4f04326

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Fri, 07 Oct 2022 13:09:27 GMT
Server
nginx
ETag
"63402507-4525"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17701
Expires
Wed, 07 Jun 2023 18:50:14 GMT
general_Editorial-Sabin-Rufa-360x230.png
www.zdg.md/wp-content/uploads/2023/01/
113 KB
113 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/01/general_Editorial-Sabin-Rufa-360x230.png
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
eb48bd2477aa6e730877abcc40046466f51207011cc4e2a39872db01af585633

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Mon, 16 Jan 2023 11:36:17 GMT
Server
nginx
ETag
"63c536b1-1c380"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115584
Expires
Wed, 07 Jun 2023 18:50:14 GMT
maxresdefault-1.jpg
www.zdg.md/wp-content/uploads/2023/05/
162 KB
162 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/05/maxresdefault-1.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
fd68e0812f68fda7a6aee19bc5a0a9ca2f5e1cbb9a79f1060a4e1e340e417122

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Sun, 07 May 2023 07:54:53 GMT
Server
nginx
ETag
"6457594d-28650"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
165456
Expires
Wed, 07 Jun 2023 18:50:14 GMT
autor-zdg.jpg
www.zdg.md/wp-content/uploads/2020/07/
6 KB
7 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2020/07/autor-zdg.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
08896d84ceb7b5f0433cf512e2f97c17f1d0d75387260571abf0554175aaee18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Sun, 05 Jul 2020 14:36:45 GMT
Server
nginx
ETag
"5f01e57d-198c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6540
Expires
Wed, 07 Jun 2023 18:50:14 GMT
candidati-csm.png
www.zdg.md/wp-content/uploads/2023/03/
1 MB
1 MB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/03/candidati-csm.png
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
51cf67fc850ed6afab748b7278ba8c635fc98fa6df95b8c40d718cfed5811eb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Fri, 17 Mar 2023 07:09:52 GMT
Server
nginx
ETag
"64141240-16d897"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1497239
Expires
Wed, 07 Jun 2023 18:50:14 GMT
Licitatie-anulata-terenuri-Rautel-site-ZdG.jpg
www.zdg.md/wp-content/uploads/2023/04/
440 KB
440 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/04/Licitatie-anulata-terenuri-Rautel-site-ZdG.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
8db86a97795bf645df655d98cd233e362fc3d45aae73d562e20c57001058f916

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Thu, 20 Apr 2023 07:14:36 GMT
Server
nginx
ETag
"6440e65c-6def6"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
450294
Expires
Wed, 07 Jun 2023 18:50:14 GMT
Irina-Ursu.jpg
www.zdg.md/wp-content/uploads/2022/12/
14 KB
15 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2022/12/Irina-Ursu.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
64459b243de195b34275fcbd4e39d2e829c45cb4c6900b263188f90bf7ad95f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Tue, 20 Dec 2022 16:16:55 GMT
Server
nginx
ETag
"63a1dff7-397f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14719
Expires
Wed, 07 Jun 2023 18:50:14 GMT
Cover-furturi-apartamente.jpg
www.zdg.md/wp-content/uploads/2023/04/
277 KB
277 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/04/Cover-furturi-apartamente.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
1528ab0611d824b42ab64340f411418ac431fba0e882b39116b2ac3fcbf6306a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Wed, 19 Apr 2023 07:17:48 GMT
Server
nginx
ETag
"643f959c-453e5"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
283621
Expires
Wed, 07 Jun 2023 18:50:14 GMT
tags-loader.svg
www.zdg.md/wp-content/uploads/2022/07/
1 KB
616 B
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2022/07/tags-loader.svg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/wp-content/themes/zdg/assets/css/styles.css?ver=0.51389700%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
129ee04d9c83b97268f3ec989542d4d56779190fd89fdcd7296de0fa89e1f835

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/wp-content/themes/zdg/assets/css/styles.css?ver=0.51389700%201683570461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Jul 2022 06:05:00 GMT
Server
nginx
ETag
W/"62c6778c-44e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 07 Jun 2023 18:50:14 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c26325bba202e8f204697dece87c8d5f262af036432ad4fb590ed0e730b6ee4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/
408 KB
164 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeUQVwiAAAAAI-No47eurPKekD5TFhOuHm7kNET&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdg.md/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:47:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167425
x-xss-protection
0
last-modified
Mon, 01 May 2023 02:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 15:47:13 GMT
zaharescu2.jpg
www.zdg.md/wp-content/uploads/2022/01/
7 KB
7 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2022/01/zaharescu2.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d31bb41865276ce260cf80318a6f6aca2ac64dc3428c3e041d7ce5aeac5014e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Mon, 10 Jan 2022 17:31:38 GMT
Server
nginx
ETag
"61dc6d7a-1b86"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7046
Expires
Wed, 07 Jun 2023 18:50:14 GMT
sdk.js
connect.facebook.net/ro_RO/
306 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/ro_RO/sdk.js?hash=9f4835cb65c4b6418462c80befac9b11
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ro_RO/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
114745cd22806c2623d265d7a1004684d1d45bb526145ebc9109b048e7d6c16a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.zdg.md/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 18:50:14 GMT
content-md5
5fyMZNqZf+1HJZMvezzQxA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88738
x-fb-rlafr
0
x-fb-debug
L//+LqKl2FNpCg/Ycau8dv4HMsTcWoDPYCjgpfWAL9HtMJMhWovGX6IZguaQyd0nqiB/QhwoClnNXIu6T0Exdg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
1118d4273c3c5068c4178da2329621d3
cross-origin-opener-policy
same-origin-allow-popups
etag
"329635f2ee5d871486c72c92627041e6"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 07 May 2024 17:09:48 GMT
prebidcdn.js
cdn.admixer.net/prebidcdn/
216 KB
83 KB
Script
General
Full URL
https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adValidationWrapper,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=477640975-
Requested by
Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=4cdc12fb-58a7-4322-90e7-7a8f9f8db789&_=1683571813676
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
aa21422a62e4c690ad32f8de653e1fae1bef802167286c9867edccacd4986323

Request headers

Referer
https://www.zdg.md/
Origin
https://www.zdg.md
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc8
date
Mon, 08 May 2023 18:50:14 GMT
content-encoding
gzip
last-modified
Thu, 20 Apr 2023 13:59:53 GMT
server
nginx
etag
W/"64414559-361d6"
vary
Accept-Encoding
x-cached-since
2023-04-27T10:04:29+00:00
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
content-range
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Sat, 27 Apr 2024 10:04:29 GMT
load-gpt.js
cdn.admixer.net/scripts/
561 B
542 B
Script
General
Full URL
https://cdn.admixer.net/scripts/load-gpt.js
Requested by
Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=4cdc12fb-58a7-4322-90e7-7a8f9f8db789&_=1683571813676
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:14 GMT
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 12:25:34 GMT
server
nginx
etag
W/"61e5603e-231"
vary
Accept-Encoding
x-cached-since
2023-04-10T11:27:13+00:00
content-type
application/javascript
access-control-expose-headers
content-range
cache-control
max-age=31622400
access-control-allow-credentials
true
cache
HIT
x-nginx
nginx-be
expires
Wed, 10 Apr 2024 11:27:13 GMT
www-widgetapi.js
www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/
184 KB
57 KB
Script
General
Full URL
https://www.youtube.com/s/player/50cf60f0/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07c6733fdbc08bb75f154508d9414199f89121ff4f7b1347699b338fb01fa81b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:45:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
3898
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57768
x-xss-protection
0
last-modified
Wed, 03 May 2023 00:18:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 07 May 2024 17:45:16 GMT
fpdata.js
gamd.hit.gemius.pl/
275 B
413 B
Script
General
Full URL
https://gamd.hit.gemius.pl/fpdata.js?href=www.zdg.md
Requested by
Host: gamd.hit.gemius.pl
URL: https://gamd.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
128.140.224.226 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GHC /
Resource Hash
649e00f8e28807c880cfd453a35bcff959cc2af318a6eb0e027403b3bc7c7ead

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:14 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
275
expires
Wed, 07 Jun 2023 18:50:14 GMT
lsget.html
ls.hit.gemius.pl/ Frame E15F
5 KB
3 KB
Document
General
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gamd.hit.gemius.pl
URL: https://gamd.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
1d2f45d1f4acf5b138f74f227bc04ab2e9f695e0f725d6a88580a83a67154a7a

Request headers

Referer
https://www.zdg.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2721
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 18:50:14 GMT
etag
PRIVATE7520710249
expires
Wed, 07 Jun 2023 18:50:14 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
c.html
cdn.admixer.net/scripts3/57367/ Frame 8705
738 B
495 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/57367/c.html?b=57367
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://www.zdg.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Mon, 08 May 2023 18:50:14 GMT
etag
W/"64511b11-2e2"
expires
Thu, 02 May 2024 14:17:44 GMT
last-modified
Tue, 02 May 2023 14:15:45 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:44+00:00
x-id
fr5-hw-edge-gc16
x-nginx
nginx-be
d4caf325a438565b6d08.b.js
cdn.admixer.net/scripts3/57367/
37 KB
14 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/d4caf325a438565b6d08.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8366397205cd2606d492b54da977d3128a3361224b859ba087a9c2703d5b3797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:14 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:46 GMT
server
nginx
etag
W/"64511b12-9501"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:43+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:43 GMT
1a81de5593dbd781ac6e.b.js
cdn.admixer.net/scripts3/57367/
76 KB
20 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/1a81de5593dbd781ac6e.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f25190e195e7f837684c6861c564c8294b01087a7d9ec7f0656b73ee8f91ad1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:14 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:33 GMT
server
nginx
etag
W/"64511b05-131bd"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:43+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:43 GMT
schema
www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1545402/feedback/
222 B
734 B
Fetch
General
Full URL
https://www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1545402/feedback/schema
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
fef5645dd4711b739a40a3251e2f6720c13ae09af5d18e809db5854beb30388f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://www.zdg.md/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=UTF-8
Allow
GET
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages, Link
Cache-Control
no-cache
Connection
keep-alive
X-Robots-Tag
noindex
Link
<https://www.zdg.md/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
schema
www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1545405/feedback/
521 B
864 B
Fetch
General
Full URL
https://www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1545405/feedback/schema
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
55185875b43d51597caff07cc34f08ec602cebc002ec1e1a93a87e22eee9a7b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://www.zdg.md/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=UTF-8
Allow
GET
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages, Link
Cache-Control
no-cache
Connection
keep-alive
X-Robots-Tag
noindex
Link
<https://www.zdg.md/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
refill
www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1545402/
2 B
591 B
Fetch
General
Full URL
https://www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1545402/refill
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://www.zdg.md/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=UTF-8
Allow
GET
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages, Link
Cache-Control
no-cache
Connection
keep-alive
X-Robots-Tag
noindex
Link
<https://www.zdg.md/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
refill
www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1545405/
2 B
591 B
Fetch
General
Full URL
https://www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1545405/refill
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://www.zdg.md/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=UTF-8
Allow
GET
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages, Link
Cache-Control
no-cache
Connection
keep-alive
X-Robots-Tag
noindex
Link
<https://www.zdg.md/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
contestatie-PV-contraventie-justitie2-360x187.jpg
www.zdg.md/wp-content/uploads/2023/04/
11 KB
12 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/04/contestatie-PV-contraventie-justitie2-360x187.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
e22ec907efd7c7aaaf4057045a193f381f60b288db0f6df2e90243ca895c6d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Mon, 01 May 2023 07:12:59 GMT
Server
nginx
ETag
"644f667b-2dd0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11728
Expires
Wed, 07 Jun 2023 18:50:14 GMT
2.-Tudor-Istrati-primar-Rautel-360x223.png
www.zdg.md/wp-content/uploads/2023/04/
102 KB
103 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/04/2.-Tudor-Istrati-primar-Rautel-360x223.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
50014414790b8764f75d5674fb9b389737857fb250433c51d643f53edb7b1667

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Wed, 12 Apr 2023 13:30:36 GMT
Server
nginx
ETag
"6436b27c-199e6"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
104934
Expires
Wed, 07 Jun 2023 18:50:14 GMT
Ana-Revenco-360x240.png
www.zdg.md/wp-content/uploads/2023/04/
114 KB
114 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/04/Ana-Revenco-360x240.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
eb428852179980ee01b0aff8006a735aadee230cd9d4652d0b51851323224f00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Thu, 13 Apr 2023 10:38:34 GMT
Server
nginx
ETag
"6437dbaa-1c6a1"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
116385
Expires
Wed, 07 Jun 2023 18:50:14 GMT
maria-360x329.jpg
www.zdg.md/wp-content/uploads/2023/04/
17 KB
17 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/04/maria-360x329.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
4857e80ef85f559c72997c8345b5343fec84c018a9f7f79dccb98f37b045c1ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Thu, 06 Apr 2023 07:24:50 GMT
Server
nginx
ETag
"642e73c2-43fe"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17406
Expires
Wed, 07 Jun 2023 18:50:14 GMT
autor-aneta-grosu.jpg
www.zdg.md/wp-content/uploads/2020/07/
12 KB
13 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2020/07/autor-aneta-grosu.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
83c67a00a5f701b1ecca2737a0fc146008b00ab081b493fce880168e6051fc9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Fri, 03 Jul 2020 16:30:02 GMT
Server
nginx
ETag
"5eff5d0a-30f9"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12537
Expires
Wed, 07 Jun 2023 18:50:14 GMT
Cover-podcast-Buzu-360x203.png
www.zdg.md/wp-content/uploads/2023/04/
115 KB
116 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/04/Cover-podcast-Buzu-360x203.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
5808b8caa4d8150083718ac75deecda3411ada93cd6bd2a124228414b1524978

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Sat, 01 Apr 2023 18:25:34 GMT
Server
nginx
ETag
"6428771e-1cd2f"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
118063
Expires
Wed, 07 Jun 2023 18:50:14 GMT
cover-ministra-justitiei-360x203.jpg
www.zdg.md/wp-content/uploads/2023/03/
20 KB
20 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/03/cover-ministra-justitiei-360x203.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
14b7bb64895f4ee70e589a90c97ba996df6697f4cd0f920c13d8241a45814450

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Sat, 25 Mar 2023 21:27:14 GMT
Server
nginx
ETag
"641f6732-4ee3"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20195
Expires
Wed, 07 Jun 2023 18:50:14 GMT
ZdG-Tineri_4-populism-site-360x203.png
www.zdg.md/wp-content/uploads/2023/03/
68 KB
69 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/03/ZdG-Tineri_4-populism-site-360x203.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
a6f0d6bb0969d0c9538b9653cf1a5161eebbd38c88275751e5c11ded53afe1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Fri, 24 Mar 2023 09:06:58 GMT
Server
nginx
ETag
"641d6832-11144"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69956
Expires
Wed, 07 Jun 2023 18:50:14 GMT
sabin-rufa.jpg
www.zdg.md/wp-content/uploads/2023/01/
56 KB
57 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/01/sabin-rufa.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
648419985094669beb64703883855775f71780316c60152d43e51b68579a765c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Mon, 16 Jan 2023 14:13:33 GMT
Server
nginx
ETag
"63c55b8d-e0fa"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57594
Expires
Wed, 07 Jun 2023 18:50:14 GMT
interviu-ZdG-Dereck-Hogan-15-martie-2023-360x203.jpg
www.zdg.md/wp-content/uploads/2023/03/
19 KB
19 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/03/interviu-ZdG-Dereck-Hogan-15-martie-2023-360x203.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
469fb68990fbf789a656c2c088e789af860a85f838b3e991c10c035bad3c84ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Thu, 16 Mar 2023 09:15:52 GMT
Server
nginx
ETag
"6412de48-4bdf"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19423
Expires
Wed, 07 Jun 2023 18:50:14 GMT
edit-alina-radu-mica-1-220x220.jpg
www.zdg.md/wp-content/uploads/2020/09/
12 KB
13 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2020/09/edit-alina-radu-mica-1-220x220.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
78d3f02baf3666fff07a98fa178a3709d5a3e56010f7d0fbb17588e44598f552

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Thu, 10 Sep 2020 07:51:17 GMT
Server
nginx
ETag
"5f59daf5-3148"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12616
Expires
Wed, 07 Jun 2023 18:50:14 GMT
coperta-preot-holercani-360x203.jpeg
www.zdg.md/wp-content/uploads/2023/03/
23 KB
23 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/03/coperta-preot-holercani-360x203.jpeg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
96f4f204640a5c532b02f32b2bdeb750030cca78b000f08c4899fb227f0391ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Wed, 01 Mar 2023 15:39:22 GMT
Server
nginx
ETag
"63ff71aa-5c5c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23644
Expires
Wed, 07 Jun 2023 18:50:14 GMT
7O9A8070-360x240.jpg
www.zdg.md/wp-content/uploads/2023/02/
36 KB
36 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/02/7O9A8070-360x240.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
2dd6ba8252378cc6312013c1ef50ce3733cc687ea737792d45b32e272f0892a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Wed, 22 Feb 2023 16:08:24 GMT
Server
nginx
ETag
"63f63df8-8e1f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36383
Expires
Wed, 07 Jun 2023 18:50:14 GMT
Vasile-Dinca-directorul-asociatiei-%E2%80%9EPro-Lumina22-360x271.jpg
www.zdg.md/wp-content/uploads/2023/02/
22 KB
22 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2023/02/Vasile-Dinca-directorul-asociatiei-%E2%80%9EPro-Lumina22-360x271.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
5eaa777d50e50970d3d800e5104e8a321c731ed15192acf6ae1aa2564873e4d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Fri, 10 Feb 2023 11:34:57 GMT
Server
nginx
ETag
"63e62be1-588a"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22666
Expires
Wed, 07 Jun 2023 18:50:14 GMT
vasile-ursachi-220x220.jpg
www.zdg.md/wp-content/uploads/2022/08/
11 KB
12 KB
Image
General
Full URL
https://www.zdg.md/wp-content/uploads/2022/08/vasile-ursachi-220x220.jpg
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/8.4.4/swiper-bundle.min.js?ver=0.51381300%201683570461
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
37907499427690e10564b037dbc0e20be9d2f9579aa18807cf42a933131d2964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Last-Modified
Fri, 26 Aug 2022 11:40:57 GMT
Server
nginx
ETag
"6308b149-2ce3"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11491
Expires
Wed, 07 Jun 2023 18:50:14 GMT
prebid-loader2.aspx
prebid-inv-eu.admixer.net/
10 KB
10 KB
Script
General
Full URL
https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=5f9b6f67-21f0-49f7-b55b-f86073c56ebc&_=1683571813677
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
8783ca8d10e15789debd2ae1369dabd59e693e87d1d760e2206e302ebb61813c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:14 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
content-type
application/javascript
prebid-loader2.aspx
prebid-inv-eu.admixer.net/
10 KB
10 KB
Script
General
Full URL
https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=5f9b6f67-21f0-49f7-b55b-f86073c56ebc&_=1683571813678
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
dad6471bfd04bc464236ad9ebb840dcb97d584bd3f4d967ad19df2f5953351ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:14 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
content-type
application/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/
74 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts/load-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33d8a70aa02aff2385ec1084f69fee735ad3d03ba61b0e85d9cbf3e488a83ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24865
x-xss-protection
0
server
cafe
etag
257 / 19485 / 31074386 / config-hash: 12843730038837342262
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 08 May 2023 18:50:14 GMT
rexdot.js
gamd.hit.gemius.pl/__/_1683571814859/
Redirect Chain
  • https://gamd.hit.gemius.pl/_1683571814859/rexdot.js?l=100&sendf=24&id=pzMwOvbL5vz9YC1NCyPEtreO7zekqAOkFaG5TjMi2S7.L7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.zdg...
  • https://gamd.hit.gemius.pl/__/_1683571814859/rexdot.js?l=100&sendf=24&id=pzMwOvbL5vz9YC1NCyPEtreO7zekqAOkFaG5TjMi2S7.L7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww....
169 B
423 B
Script
General
Full URL
https://gamd.hit.gemius.pl/__/_1683571814859/rexdot.js?l=100&sendf=24&id=pzMwOvbL5vz9YC1NCyPEtreO7zekqAOkFaG5TjMi2S7.L7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.zdg.md%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=NgnLs7o08PO.R6.GZYwQfGQrIPoPt32fDT0xj63hshz.67SoxIiavq.pc7Ius1jObWNfSqkRXxRMykl8Op0RenMA_VaI/6Az0FXrrodAmk/&fpdata=-TURNEDOFF&ltime=501&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=645944661549770f&brts=1683571814
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Server
128.140.224.226 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GHC /
Resource Hash
07a64b2d0945dc1a9e7bce4f40d6b44df30cecc0126f14c8db797fc53b0799fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:14 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Sun, 07 May 2023 18:50:14 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:14 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1683571814859/rexdot.js?l=100&sendf=24&id=pzMwOvbL5vz9YC1NCyPEtreO7zekqAOkFaG5TjMi2S7.L7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fwww.zdg.md%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=NgnLs7o08PO.R6.GZYwQfGQrIPoPt32fDT0xj63hshz.67SoxIiavq.pc7Ius1jObWNfSqkRXxRMykl8Op0RenMA_VaI/6Az0FXrrodAmk/&fpdata=-TURNEDOFF&ltime=501&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=645944661549770f&brts=1683571814
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sun, 07 May 2023 18:50:14 GMT
anchor
www.google.com/recaptcha/api2/ Frame 8E76
50 KB
28 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUQVwiAAAAAI-No47eurPKekD5TFhOuHm7kNET&co=aHR0cHM6Ly93d3cuemRnLm1kOjQ0Mw..&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=invisible&cb=fq56jrdmg9lx
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dc330d5fe79a8f19e6820aaa755970aed96d63f7aae6be5c86361c8a16599585
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Uw7dCeZ2jNpSMfUumzutiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdg.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
27786
content-security-policy
script-src 'report-sample' 'nonce-Uw7dCeZ2jNpSMfUumzutiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 18:50:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=849152192250502&ev=fb_page_view&dl=https%3A%2F%2Fwww.zdg.md%2F&rl=&if=false&ts=1683571814958&sw=1600&sh=1200&at=
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 08 May 2023 18:50:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
dsp.aspx
inv-nets.admixer.net/
5 KB
2 KB
Script
General
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=926549372945992.9&cpv=f52a2482-ed94-2a1e-c942-9ba35941d4fb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=d40bf87b-0c3e-44a5-aafe-c12ac9c87d64&data=%7B%22id%22%3A%22de81cae2-5c04-cf23-109c-8b24b01635f9%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.zdg.md%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.63%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222df61d1a-596e-4789-468d-4864a38a2378%22%2C%22tagid%22%3A%22cba69d7f-eece-4247-a1ab-87842a8d1207%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_async_2126304756%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
83926b94c8dd33e2a6ca74c0b29e6a0e021f3ce43f67312d743661f99e1d213c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
gzip
server
nginx
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NID DSP ALL COR"
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
1661
x-xss-protection
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame 8E76
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUQVwiAAAAAI-No47eurPKekD5TFhOuHm7kNET&co=aHR0cHM6Ly93d3cuemRnLm1kOjQ0Mw..&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=invisible&cb=fq56jrdmg9lx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:43:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 01 May 2023 02:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 May 2024 09:43:11 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ Frame 8E76
408 KB
164 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUQVwiAAAAAI-No47eurPKekD5TFhOuHm7kNET&co=aHR0cHM6Ly93d3cuemRnLm1kOjQ0Mw..&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=invisible&cb=fq56jrdmg9lx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 15:47:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167425
x-xss-protection
0
last-modified
Mon, 01 May 2023 02:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 15:47:13 GMT
prebid.1.2.aspx
inv-nets.admixer.net/
11 KB
11 KB
XHR
General
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adValidationWrapper,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=477640975-
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
be0e4d2b5e8dc2fd5beb31d4412b0cf555b506edd292799b87751c2f42248534
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zdg.md/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.zdg.md
p3p
CP="NID DSP ALL COR"
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
11138
x-xss-protection
0
prebid.1.2.aspx
inv-nets.admixer.net/
11 KB
11 KB
XHR
General
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adValidationWrapper,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=477640975-
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
f2c94a64da53fb9fc5bede79e6d7ac21c30eb1a1d2fdb029b76968e907f8b022
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zdg.md/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.zdg.md
p3p
CP="NID DSP ALL COR"
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
11128
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305030101/
402 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305030101/pubads_impl.js?cb=31074386
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
912380fa9b7e957ea86a12807c2d78c202a919bc1cb766a1a7903a56bd983fb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 10:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
30261
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127410
x-xss-protection
0
server
cafe
etag
9372457552931955576
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 07 May 2024 10:25:54 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
59 B
74 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zdg.md
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4426e6fe774914eef207d17f9a2da4a19da78fde769c1604594fac7853224623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
x-xss-protection
0
expires
Mon, 08 May 2023 18:50:15 GMT
hb_analytics.aspx
prebid-inv-eu.admixer.net/
0
122 B
Ping
General
Full URL
https://prebid-inv-eu.admixer.net/hb_analytics.aspx
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adValidationWrapper,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=477640975-
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zdg.md/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary7s23MWVTNnAwvH4y

Response headers

access-control-allow-origin
https://www.zdg.md
date
Mon, 08 May 2023 18:50:15 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
hb_analytics.aspx
prebid-inv-eu.admixer.net/
0
122 B
Ping
General
Full URL
https://prebid-inv-eu.admixer.net/hb_analytics.aspx
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adValidationWrapper,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=477640975-
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zdg.md/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryTZ2SyDUHO0wxVMaK

Response headers

access-control-allow-origin
https://www.zdg.md
date
Mon, 08 May 2023 18:50:15 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
0d11748832caddd96690.b.js
cdn.admixer.net/scripts3/57367/
28 KB
11 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/0d11748832caddd96690.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:32 GMT
server
nginx
etag
W/"64511b04-702f"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
658a385fec78f0e1897f.b.js
cdn.admixer.net/scripts3/57367/
42 KB
18 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/658a385fec78f0e1897f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:38 GMT
server
nginx
etag
W/"64511b0a-a793"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
8b73097df909af36f72d.b.js
cdn.admixer.net/scripts3/57367/
13 KB
5 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/8b73097df909af36f72d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:41 GMT
server
nginx
etag
W/"64511b0d-326c"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
b9ab3f9972863fcb32ae.b.js
cdn.admixer.net/scripts3/57367/
11 KB
4 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/b9ab3f9972863fcb32ae.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f930509ebac4d0fe907137b7d065293ffb589ffa3b25c5022a82c28fb3510c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:44 GMT
server
nginx
etag
W/"64511b10-2a79"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
9ac2392652d23e12b595.b.js
cdn.admixer.net/scripts3/57367/
220 KB
76 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/9ac2392652d23e12b595.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
cdbbfe7a85a8a1687d9a534f5e2282e0ec5322819fab9188d3f01c3af219035a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:42 GMT
server
nginx
etag
W/"64511b0e-370d3"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame FF1E
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
2 KB
1 KB
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=926549372945992.9&cpv=f52a2482-ed94-2a1e-c942-9ba35941d4fb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=d40bf87b-0c3e-44a5-aafe-c12ac9c87d64&data=%7B%22id%22%3A%22de81cae2-5c04-cf23-109c-8b24b01635f9%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.zdg.md%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.63%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222df61d1a-596e-4789-468d-4864a38a2378%22%2C%22tagid%22%3A%22cba69d7f-eece-4247-a1ab-87842a8d1207%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_async_2126304756%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
30e347b078cb7b4e0cf753b8c0062dfb5e59350103dd4547ca227c110a78439b

Request headers

Referer
https://www.zdg.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 08 May 2023 18:50:15 GMT
expires
Mon, 08 May 2023 18:50:15 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Mon, 08 May 2023 18:50:15 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927
sync.html
s.adtelligent.com/ Frame 8C03
3 KB
2 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=926549372945992.9&cpv=f52a2482-ed94-2a1e-c942-9ba35941d4fb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=d40bf87b-0c3e-44a5-aafe-c12ac9c87d64&data=%7B%22id%22%3A%22de81cae2-5c04-cf23-109c-8b24b01635f9%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.zdg.md%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.63%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222df61d1a-596e-4789-468d-4864a38a2378%22%2C%22tagid%22%3A%22cba69d7f-eece-4247-a1ab-87842a8d1207%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_async_2126304756%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5160:0:225:90ff:fefb:6c3 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
3612d91cbbf38d15e62287c73d2721aab06fd4e252c80295937c518365c0d7c2

Request headers

Referer
https://www.zdg.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.zdg.md
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1328
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 May 2023 18:50:14 GMT
Server
Adtelligent
X-Robots-Tag
noindex
mmr445.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=d40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:15 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
pixel
ap.lijit.com/
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 08 May 2023 18:50:15 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=533&code=d40bf87b0c3e44a5aafec12ac9c87d64
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Dd40bf87b0c3e44a5aafec12ac9c87d64
43 B
964 B
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Dd40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:15 GMT
AN-X-Request-Uuid
916602b8-7686-4171-978c-5a836d4984f8
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.151; 185.213.155.151; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:15 GMT
AN-X-Request-Uuid
5da9dba0-1c2c-4da7-85aa-90903d1e4a2e
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Dd40bf87b0c3e44a5aafec12ac9c87d64
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.151; 185.213.155.151; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d7299344-5e94-42f5-a29e-dd1e1089e8f8
43 B
313 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d7299344-5e94-42f5-a29e-dd1e1089e8f8
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
content-type
image/gif
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
43
x-xss-protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d7299344-5e94-42f5-a29e-dd1e1089e8f8
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
1px-matching-admixer.gif
m.trafmag.com/images/
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=d40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 08 May 2023 18:50:15 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
sync.html
s.console.adtarget.com.tr/
0
0
Image
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZDQwYmY4N2IwYzNlNDRhNWFhZmVjMTJhYzljODdkNjQ=&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZDQwYmY4N2IwYzNlNDRhNWFhZmVjMTJhYzljODdkNjQ=&google_cm=&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESECqCf9DimTvqItVjcrQUhIE&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=d40bf87b0c3e44a5aafec12ac9c87d64
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=d40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 08 May 2023 18:50:15 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=d40bf87b0c3e44a5aafec12ac9c87d64
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
0
x-xss-protection
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Dd40bf87b0c3e...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=2ba202f4-edd1-11ed-aaf0-801844df0ab8
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=9d7680a8-f3a4-4404-a3ab-916958d49f9c&ssp=lemma
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=432e52bd-9af3-402a-ac41-e79ba1fd5ecd
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=2ba202f4-edd1-11ed-aaf0-801844df0ab8
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=lemma&bsw_custom_parameter=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5df69079-3043-49ee-b24e-05773a1f9419&expires=1&user_group=5&ssp=lemma&bsw_param=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent=&gdpr_pd=
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=432e52bd-9af3-402a-ac41-e79ba1fd5ecd
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=d40bf87b0c3e44a5aafec12ac9c87d642ba202f4-edd1-11ed-aaf0-801844df0ab8
43 B
313 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=d40bf87b0c3e44a5aafec12ac9c87d642ba202f4-edd1-11ed-aaf0-801844df0ab8
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
content-type
image/gif
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
43
x-xss-protection
0

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:16 GMT
vary
Origin
content-type
text/html; charset=utf-8
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=d40bf87b0c3e44a5aafec12ac9c87d642ba202f4-edd1-11ed-aaf0-801844df0ab8
cache-control
no-cache, no-store, must-revalidate
content-length
179
expires
0
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=d40bf87b0c3e44a5aafec12ac9c87d64&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=d40bf87b0c3e44a5aafec12ac9c87d64&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=392a51ab-89bd-4ac2-a891-94089d152443&ssp=admixer&expires=30&user_group=5&bsw_param=432e52bd-9af3-402a-ac41-e79ba1fd5ecd
  • https://inv-nets.admixer.net/bs/cm.aspx?id=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&consent=&gdpr_pd=
43 B
313 B
Image
General
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&consent=&gdpr_pd=
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
content-type
image/gif
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
43
x-xss-protection
0

Redirect headers

location
//inv-nets.admixer.net/bs/cm.aspx?id=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&consent=&gdpr_pd=
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEEyMzE3NUEtQzM1My00REY3LUFGNDctMkQ3OUE0NDY4REYy&gdpr=-1&gdpr_consent={consent}
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent={consent}
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=%7Bconsent%7D&partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26...
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=4A23175A-C353-4DF7-AF47-2D79A4468DF2
43 B
313 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=4A23175A-C353-4DF7-AF47-2D79A4468DF2
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
content-type
image/gif
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
43
x-xss-protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=4A23175A-C353-4DF7-AF47-2D79A4468DF2
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sfaf25.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=d40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:15 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEGwM7R5NiEPBheEsZgZg-8k&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=d40bf87b0c3e44a5aafec12ac9c87d64
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=d40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 08 May 2023 18:50:15 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=d40bf87b0c3e44a5aafec12ac9c87d64
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
0
x-xss-protection
0
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/
42 B
510 B
Image
General
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=d40bf87b0c3e44a5aafec12ac9c87d64&redir=[RED]
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:15 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-xmclLxBE2uEzRiGAyVGTmrhvPVXBn82pUBooGyI-~A
43 B
313 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-xmclLxBE2uEzRiGAyVGTmrhvPVXBn82pUBooGyI-~A
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
content-type
image/gif
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
43
x-xss-protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-xmclLxBE2uEzRiGAyVGTmrhvPVXBn82pUBooGyI-~A
date
Mon, 08 May 2023 18:50:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=d40bf87b0c3e44a5aafec12ac9c87d64
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZAF2257B1E114B978246CC3CF66D0189&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=d40bf87b0c3e44a5aafec12ac9c87d64
56 B
174 B
Image
General
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZAF2257B1E114B978246CC3CF66D0189&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=d40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZAF2257B1E114B978246CC3CF66D0189&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=d40bf87b0c3e44a5aafec12ac9c87d64
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-cache
server
nginx/1.13.0
content-length
0
expires
-1
cm.aspx
inv-nets.admixer.net/gadx/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ZDQwYmY4N2IwYzNlNDRhNWFhZmVjMTJhYzljODdkNjQ=&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEHqjIEY5EpZn5CBFoYgzrYE&google_cver=1
43 B
313 B
Image
General
Full URL
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEHqjIEY5EpZn5CBFoYgzrYE&google_cver=1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
content-type
image/gif
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
43
x-xss-protection
0

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEHqjIEY5EpZn5CBFoYgzrYE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
323
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=d40bf87b0c3e44a5aafec12ac9c87d64
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=d40bf87b0c3e44a5aafec12ac9c87d64
43 B
130 B
Image
General
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=d40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Server
176.9.79.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.218.79.9.176.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=d40bf87b0c3e44a5aafec12ac9c87d64
date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=1c6e0ce8-690e-5280-a564-702ac13d344d
43 B
313 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=1c6e0ce8-690e-5280-a564-702ac13d344d
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
content-type
image/gif
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
43
x-xss-protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=1c6e0ce8-690e-5280-a564-702ac13d344d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B
Image
General
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT, Mon, 08 May 2023 18:50:15 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Mon, 08 May 2023 18:50:15 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
idsync
idsync.admixer.co.kr/
43 B
904 B
Image
General
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=d40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09-May-2023 03:50:16 +0900
Content-Type
image/gif;
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
SPug
image4.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Dd40bf87b0c3e44a5aafec12ac9c87d64
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=0
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=0&piggybackCookie=CAESEGiTavn5Pn5Bd3gjwOj0l88&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4A23175A-C353-4DF7-AF47-2D79A4468DF2&redir=true&gdpr=0&gdpr_consent=0
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IEImgChE2uUStu17KJ3IWXO.djQB1_4-~A&gdpr=0
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IEImgChE2uUStu17KJ3IWXO.djQB1_4-~A&gdpr=0
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IEImgChE2uUStu17KJ3IWXO.djQB1_4-~A&gdpr=0
date
Mon, 08 May 2023 18:50:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1px-matching-go2net.gif
m.trafmag.com/images/
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=d40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 08 May 2023 18:50:15 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
usermatchredir
ssum-sec.casalemedia.com/
43 B
632 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
sync
t.adx.opera.com/
35 B
467 B
Image
General
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=d40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ibs:dpid=1210625&dpuuid=d40bf87b0c3e44a5aafec12ac9c87d64
dpm.demdex.net/
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=d40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.203.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-203-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-0b1fb7090.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
v39wNPmjS+k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
pixelSync
pixel.sitescout.com/dmp/ Frame FF1E
0
187 B
Image
General
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D7265d2ba79ac2f13
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 08 May 2023 18:50:14 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-ams03.e-planning.net/ Frame FF1E
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D7265d2ba79ac2f13%26uid%3D%5BUID%5D
  • https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=7265d2ba79ac2f13&uid=ef16746a-9397-4b9f-bb38-630288a9e730
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=7265d2ba79ac2f13&uid=ef16746a-9397-4b9f-bb38-630288a9e730
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

server
openresty
date
Mon, 08 May 2023 18:50:15 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:15 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=7265d2ba79ac2f13&uid=ef16746a-9397-4b9f-bb38-630288a9e730
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
lotame20230117.js
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame FF1E
676 B
575 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:14 GMT
content-encoding
gzip
last-modified
Tue, 17 Jan 2023 20:00:05 GMT
server
openresty
etag
W/"63c6fe45-2a4"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 06 May 2028 18:50:14 GMT
um
u-ams03.e-planning.net/ Frame FF1E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7265d2ba79ac2f13%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7265d2ba79ac2f13&uid=3217243785272500728
42 B
104 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7265d2ba79ac2f13&uid=3217243785272500728
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

server
openresty
date
Mon, 08 May 2023 18:50:15 GMT
content-type
image/gif

Redirect headers

Date
Mon, 08 May 2023 18:50:15 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.151; 185.213.155.151; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
68bc4d00-22a1-4cb5-9901-a539f9c70560
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7265d2ba79ac2f13&uid=3217243785272500728
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame FF1E
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D7265d2ba79ac2f13%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7265d2ba79ac2f13&uid=ua-034b312a-a255-3ff8-8fc1-095d1d96bb53
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7265d2ba79ac2f13&uid=ua-034b312a-a255-3ff8-8fc1-095d1d96bb53
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

server
openresty
date
Mon, 08 May 2023 18:50:15 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7265d2ba79ac2f13&uid=ua-034b312a-a255-3ff8-8fc1-095d1d96bb53
pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-store
content-length
0
expires
0
usync.html
eus.rubiconproject.com/ Frame F04B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 May 2023 18:50:15 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 08 May 2023 18:50:15 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 896B
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
2 KB
2 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
014da682c3828147627a37418524caa7138cb272502f3d062aac250d81a9778d

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1719
Content-Type
text/html
Date
Mon, 08 May 2023 18:50:15 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 08 May 2023 18:50:15 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame F55A
1 KB
2 KB
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
84227
cf4ttl
157680000.000
content-length
1525
content-type
text/html
date
Mon, 08 May 2023 18:50:15 GMT
etag
"61ddbb71-5f5"
expires
Mon, 24 Apr 2028 15:30:46 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
df522347ecb3fc7164488ed45b5b885c
x-cf-tsc
1682607275
x-cf1
29080:fK.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 5FAB
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 254C
9 KB
2 KB
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eeb6e9ced65d13b48b222a3892b2f1d3e0d82aa4acd96ba3ccfffbdece88fc1

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7c43e325dfed68fe-FRA
content-encoding
br
content-type
text/html
date
Mon, 08 May 2023 18:50:15 GMT
server
cloudflare
vary
Origin
via
1.1 google
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.zdg.md
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305030101/pubads_impl.js?cb=31074386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zdg.md
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305030101/pubads_impl.js?cb=31074386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
22 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=29933734066200&correlator=2432902142915421&eid=31074114%2C31074371%2C31074386&output=ldjh&gdfp_req=1&vrg=202305030101&ptt=17&impl=fifs&iu_parts=29636627%3A22582554038%2Czdg.md_desktop_300x250-fallback_hb&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C1x2&ifi=1&adks=2394984786&sfv=1-0-40&prev_scp=hb_format_admixer%3Dbanner%26hb_size_admixer%3D300x250%26hb_pb_admixer%3D1.10%26hb_adid_admixer%3D6939d34130c3d2%26hb_bidder_admixer%3Dadmixer%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D1.10%26hb_adid%3D6939d34130c3d2%26hb_bidder%3Dadmixer&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683571815372&lmt=1683570462&dlt=1683571813558&idt=1665&adxs=1178&adys=905&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.zdg.md%2F&frm=20&vis=1&psz=317x0&msz=317x0&fws=4&ohw=327&ga_vid=121543173.1683571814&ga_sid=1683571815&ga_hid=491831632&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305030101/pubads_impl.js?cb=31074386
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67948cb0b5d29fb698f3f22e80e589d58196356b3b9a46d96dafe06d45bb618f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10482
x-xss-protection
0
google-lineitem-id
6004444053
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138368549696
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zdg.md
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
86a9c597c660c80aec232756ee38fa18.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3603
6 KB
3 KB
Document
General
Full URL
https://86a9c597c660c80aec232756ee38fa18.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305030101/pubads_impl.js?cb=31074386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdg.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 18:50:15 GMT
expires
Tue, 07 May 2024 18:50:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
webworker.js
www.google.com/recaptcha/api2/ Frame 8E76
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUQVwiAAAAAI-No47eurPKekD5TFhOuHm7kNET&co=aHR0cHM6Ly93d3cuemRnLm1kOjQ0Mw..&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=invisible&cb=fq56jrdmg9lx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ad10a96d76d0545db3cd7ef7c37e917d5ee9f8bc9807a4bc59faa8e527f72a1b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUQVwiAAAAAI-No47eurPKekD5TFhOuHm7kNET&co=aHR0cHM6Ly93d3cuemRnLm1kOjQ0Mw..&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=invisible&cb=fq56jrdmg9lx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 08 May 2023 18:50:15 GMT
getuid
ib.adnxs.com/ Frame 254C
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pixel
cm.g.doubleclick.net/ Frame 254C
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 254C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=52264a5b-0b6b-4089-872b-2c197665a71c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=52264a5b-0b6b-4089-872b-2c197665a71c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e328eac368fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 08 May 2023 18:50:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=52264a5b-0b6b-4089-872b-2c197665a71c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 254C
0
454 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 254C
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 254C
0
168 B
Image
General
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1683571816.552896,VS0,VE10
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-fra-eddf8230100-FRA
u
dmp.v.fwmrm.net/ad/ Frame 254C
0
411 B
Image
General
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f600:d00c:d52c:5371:efa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:15 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 254C
0
166 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095ec730-18a7-4866-5817-b324012859e3%26reqId%3D02bdfe0a-a888-4f16-6b3b-932ca964434f%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 08 May 2023 18:50:15 GMT
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 254C
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=2fda0bef-2ad2-4275-a16f-1534e559d0be&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=2fda0bef-2ad2-4275-a16f-1534e559d0be&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e32b5d3368fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=2fda0bef-2ad2-4275-a16f-1534e559d0be&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 254C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=095ec730-18a7-4866-5817-b324012859e3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=095ec730-18a7-4866-5817-b324012859e3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=21561468846829246770041620616303267328&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=21561468846829246770041620616303267328&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e329cbcc68fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v048-06c261c56.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
HfA9YAI3T20=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=21561468846829246770041620616303267328&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 254C
0
324 B
Image
General
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 254C
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=095ec730-18a7-4866-5817-b324012859e3&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023050820-37889-0.716118001683571815-3c581d6040beb724c76ac0e2fa1a072e&zdid=533&env=mWeb
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2023050820-37889-0.716118001683571815-3c581d6040beb724c76ac0e2fa1a072e&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e329bbae68fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2023050820-37889-0.716118001683571815-3c581d6040beb724c76ac0e2fa1a072e&zdid=533&env=mWeb
Date
Mon, 08 May 2023 18:50:15 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 254C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7230885885915822228&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=7230885885915822228&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e3285a3368fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7230885885915822228&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Date
Mon, 08 May 2023 18:50:15 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 254C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=095ec730-18a7-4866-5817-b324012859e3
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=095ec730-18a7-4866-5817-b324012859e3
95 B
436 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=095ec730-18a7-4866-5817-b324012859e3
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Mon, 08 May 2023 18:50:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=095ec730-18a7-4866-5817-b324012859e3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 254C
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=095ec730-18a7-4866-5817-b324012859e3&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=095ec730-18a7-4866-5817-b324012859e3&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=zvyQQ8MaUgLzCZxU5xRid.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?webouuid=zvyQQ8MaUgLzCZxU5xRid.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e329bba568fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
last-modified
Mon, 08 May 2023 18:50:15 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=zvyQQ8MaUgLzCZxU5xRid.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 254C
0
84 B
Image
General
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=095ec730-18a7-4866-5817-b324012859e3&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 254C
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=095ec730-18a7-4866-5817-b324012859e3?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e3298b5968fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
cache-control
no-cache
x-server
10.45.0.162
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 254C
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-_bnPgMZE2orjWa.Ccv.0bhRj9q1HPK1bug--~A&zpartnerid=570&env=mWeb
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=y-_bnPgMZE2orjWa.Ccv.0bhRj9q1HPK1bug--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e32b1cf268fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-_bnPgMZE2orjWa.Ccv.0bhRj9q1HPK1bug--~A&zpartnerid=570&env=mWeb
date
Mon, 08 May 2023 18:50:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 254C
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=uGAZJ835w3AigzRXgz1Z%2B%2BK%2BSW%2FAQq5q%2BS41iYitP1U%3D
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=uGAZJ835w3AigzRXgz1Z%2B%2BK%2BSW%2FAQq5q%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e3298b5b68fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=uGAZJ835w3AigzRXgz1Z%2B%2BK%2BSW%2FAQq5q%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 254C
42 B
213 B
Image
General
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=095ec730-18a7-4866-5817-b324012859e3&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 254C
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.146.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-146-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by
beacon-n018-dub-prod.krxd.net
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1683571815
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 254C
95 B
380 B
Image
General
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=095ec730-18a7-4866-5817-b324012859e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/png
date
Mon, 08 May 2023 18:50:15 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 254C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZFlEaAAIkObdUwBL&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZFlEaAAIkObdUwBL&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361&_test=ZFlEaAAIkObdUwBL
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e32bfdca68fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-eddf8230056-FRA
pragma
no-cache
date
Mon, 08 May 2023 18:50:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1683571816.219444,VS0,VE0
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZFlEaAAIkObdUwBL&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361&_test=ZFlEaAAIkObdUwBL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 254C
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=1fee6459-4467-4100-9d77-92ef4e685530&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=1fee6459-4467-4100-9d77-92ef4e685530&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e32b5d3668fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 08 May 2023 18:50:16 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x15 config_version:"79"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://mwzeom.zeotap.com/mw?cid=1fee6459-4467-4100-9d77-92ef4e685530&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 08 May 2023 18:50:15 GMT
usermatch.gif
beacon.krxd.net/ Frame 254C
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964...
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
63.33.146.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-146-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by
beacon-n006-dub-prod.krxd.net
date
Mon, 08 May 2023 18:50:16 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1683571816
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
date
Mon, 08 May 2023 18:50:16 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a015-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 254C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=095ec730-18a7-4866-5817-b324012859e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-581...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=095ec730-18a7-4866-5817-b324012859e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-581...
43 B
568 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=095ec730-18a7-4866-5817-b324012859e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FGRJ4ZPP22V427693KKT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8KRSZR8WY0N26SZ41F54
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=095ec730-18a7-4866-5817-b324012859e3&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 254C
0
145 B
Image
General
Full URL
https://tags.bluekai.com/site/87734?id=095ec730-18a7-4866-5817-b324012859e3&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 254C
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e32b5d3968fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
date
Mon, 08 May 2023 18:50:16 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame 254C
0
214 B
Image
General
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=095ec730-18a7-4866-5817-b324012859e3&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame 254C
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=095ec730-18a7-4866-5817-b324012859e3&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
  • https://mwzeom.zeotap.com/mw?cid=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a...
95 B
163 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e32819f468fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
mw
mwzeom.zeotap.com/ Frame 254C
95 B
175 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e329fbff68fe-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 254C
557 B
470 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4f6550c8b9f984071d3d1c2cf93ca950f893345742fe26a13598241cd77dd72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e327090168fe-FRA
access-control-allow-headers
*
csync
sync.adtelligent.com/ Frame 4BE6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=3217243785272500728
43 B
456 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=3217243785272500728
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 08 May 2023 18:50:14 GMT
Etag
59b6637a894ad2dc
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
2524f426-57c0-456b-91c7-881ec3af0c9d
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 08 May 2023 18:50:15 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=3217243785272500728
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.23.2
X-Proxy-Origin
185.213.155.151; 185.213.155.151; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
/
onetag-sys.com/usync/ Frame 2EC7
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.console.adtarget.com.tr/ Frame 1B10
2 KB
1 KB
Document
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6344c20f5e2a231f73e2f211e982630c32ea054347f57d2de05a175ea856837d

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
862
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 May 2023 18:50:14 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
ads.us.e-planning.net/uspd/1/ Frame 0ECC
2 KB
991 B
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
29f4f38c24dd16596d2b03d675ba3088ec7b572ac8351639d0473841be56c480

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 08 May 2023 18:50:15 GMT
expires
Mon, 08 May 2023 18:50:15 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927
sync.html
s.adtelligent.com/ Frame 35CE
2 KB
1 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5160:0:225:90ff:fefb:6c3 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4d103aa6459418648cbe913c21965506dec88b052033c15ece5c5800e39f7e34

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
943
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 May 2023 18:50:15 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C71D
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88522
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 08 May 2023 18:50:15 GMT
expires
Tue, 09 May 2023 19:25:37 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
d
ic.tynt.com/r/ Frame 9657
0
0
Document
General
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Mon, 08 May 2023 18:50:15 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
csync
sync.adtelligent.com/ Frame 8C03
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=0307bba9-9ce0-41ff-a6b1-fd483e9bdf67
43 B
473 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=0307bba9-9ce0-41ff-a6b1-fd483e9bdf67
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:15 GMT
Server
Adtelligent
Etag
59b6637a894ad2dc
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=0307bba9-9ce0-41ff-a6b1-fd483e9bdf67
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
s3lhuantosja0tdil50rm3avalgs3pg4
csync
sync.adtelligent.com/ Frame 8C03
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3217243785272500728
43 B
456 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3217243785272500728
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Server
Adtelligent
Etag
59b6637a894ad2dc
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Mon, 08 May 2023 18:50:15 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.151; 185.213.155.151; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
eb69c5da-49ff-46a3-9c18-2cf515b72985
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3217243785272500728
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 8C03
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1683571815524
  • https://ad.turn.com/r/cs?pid=45&rndcb=3131566641
  • https://sync.1rx.io/usersync/turn/8601431973187001550?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-67c38fd1-74b5-4e69-8093-c9a315b2470f-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-67c38fd1-74b5-4e69-8093...
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-67c38fd1-74b5-4e69-8093-c9a315b2470f-003
43 B
480 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-67c38fd1-74b5-4e69-8093-c9a315b2470f-003
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:15 GMT
Server
Adtelligent
Etag
59b6637a894ad2dc
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-67c38fd1-74b5-4e69-8093-c9a315b2470f-003
date
Mon, 08 May 2023 18:50:16 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX67c38fd174b54e698093c9a315b2470f003
content-type
text/html
csync
sync.adtelligent.com/ Frame 8C03
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3217243785272500728
43 B
456 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3217243785272500728
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Server
Adtelligent
Etag
59b6637a894ad2dc
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Mon, 08 May 2023 18:50:15 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.151; 185.213.155.151; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dc6ce52d-5261-4b63-bf84-1366dd16c8c7
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3217243785272500728
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 8C03
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d7299344-5e94-42f5-a29e-dd1e1089e8f8
43 B
473 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d7299344-5e94-42f5-a29e-dd1e1089e8f8
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Server
Adtelligent
Etag
59b6637a894ad2dc
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d7299344-5e94-42f5-a29e-dd1e1089e8f8
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
sync
vid.vidoomy.com/ Frame 8C03
0
0
Image
General
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pixel
ap.lijit.com/ Frame 8C03
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 08 May 2023 18:50:15 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 8C03
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=d40bf87b0c3e44a5aafec12ac9c87d64
43 B
469 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=d40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:15 GMT
Server
Adtelligent
Etag
59b6637a894ad2dc
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=d40bf87b0c3e44a5aafec12ac9c87d64
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame F04B
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa85b91728df6ce768e194698261b214027dc377341f15da4f459ec5c11117cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2023 15:14:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73432
Connection
keep-alive
Content-Length
10020
Expires
Tue, 09 May 2023 15:14:07 GMT
ads
securepubads.g.doubleclick.net/gampad/
22 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=29933734066200&correlator=3166666593817180&eid=31074114%2C31074371%2C31074386&output=ldjh&gdfp_req=1&vrg=202305030101&ptt=17&impl=fifs&iu_parts=29636627%3A22582554038%2Czdg.md_desktop_1200x250_billboard_hb&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C1200x250&ifi=2&adks=503692590&sfv=1-0-40&prev_scp=hb_format_admixer%3Dbanner%26hb_size_admixer%3D1200x250%26hb_pb_admixer%3D1.10%26hb_adid_admixer%3D557764c5bbf497%26hb_bidder_admixer%3Dadmixer%26hb_format%3Dbanner%26hb_size%3D1200x250%26hb_pb%3D1.10%26hb_adid%3D557764c5bbf497%26hb_bidder%3Dadmixer&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683571815556&lmt=1683570462&dlt=1683571813558&idt=1665&adxs=100&adys=200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.zdg.md%2F&frm=20&vis=1&psz=1400x0&msz=1400x0&fws=4&ohw=1600&ga_vid=121543173.1683571814&ga_sid=1683571815&ga_hid=491831632&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305030101/pubads_impl.js?cb=31074386
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc33a5a47341f8807d97047dc96da18cac894dfface6b07c23ea125c1cd1b853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10434
x-xss-protection
0
google-lineitem-id
6004444053
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138368549678
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zdg.md
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 896B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZFlEZ2Frf3xX03SB9gveRQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPzqC56EwqV8X91nrQ8NMyQ&google_cver=1
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPzqC56EwqV8X91nrQ8NMyQ&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPzqC56EwqV8X91nrQ8NMyQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 896B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELo3AFvWHZ7rYlIdyoPyB7Y&google_cver=1
43 B
632 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELo3AFvWHZ7rYlIdyoPyB7Y&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELo3AFvWHZ7rYlIdyoPyB7Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 896B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4TNX64N966CHHBG1JNHP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZT75TJRWMFQKPPRSPT3C
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 896B
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum.casalemedia.com/ Frame 896B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=9d7680a8-f3a4-4404-a3ab-916958d49f9c&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent=&us_privacy=
43 B
632 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 08 May 2023 18:50:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rum
dsum.casalemedia.com/ Frame 896B
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1683658215
43 B
632 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1683658215
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1683658215
pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 896B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=41f_7JLlUex_MN7O9nw-dbnVm5c
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=41f_7JLlUex_MN7O9nw-dbnVm5c
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=41f_7JLlUex_MN7O9nw-dbnVm5c
Date
Mon, 08 May 2023 18:50:16 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 896B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=MIKJBKvg1PW5W75
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=MIKJBKvg1PW5W75
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:15 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0943143fd00beb9c6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=MIKJBKvg1PW5W75
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
um
u-ams03.e-planning.net/ Frame 896B
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=7265d2ba79ac2f13&uid=ZFlEZ2Frf3xX03SB9gveRQAA%265266
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

server
openresty
date
Mon, 08 May 2023 18:50:15 GMT
content-type
image/gif
pixelSync
pixel.sitescout.com/dmp/ Frame 0ECC
0
187 B
Image
General
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D7265d2ba79ac2f13
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-ams03.e-planning.net/ Frame 0ECC
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D7265d2ba79ac2f13%26uid%3D%5BUID%5D
  • https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=7265d2ba79ac2f13&uid=ef16746a-9397-4b9f-bb38-630288a9e730
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=7265d2ba79ac2f13&uid=ef16746a-9397-4b9f-bb38-630288a9e730
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

server
openresty
date
Mon, 08 May 2023 18:50:15 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:15 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=7265d2ba79ac2f13&uid=ef16746a-9397-4b9f-bb38-630288a9e730
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
lotame20230117.js
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame 0ECC
676 B
574 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
gzip
last-modified
Tue, 17 Jan 2023 20:00:05 GMT
server
openresty
etag
W/"63c6fe45-2a4"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 06 May 2028 18:50:15 GMT
um
u-ams03.e-planning.net/ Frame 0ECC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7265d2ba79ac2f13%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7265d2ba79ac2f13&uid=3217243785272500728
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7265d2ba79ac2f13&uid=3217243785272500728
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

server
openresty
date
Mon, 08 May 2023 18:50:15 GMT
content-type
image/gif

Redirect headers

Date
Mon, 08 May 2023 18:50:15 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.151; 185.213.155.151; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f910e46e-234b-419d-b738-a91fede82531
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=7265d2ba79ac2f13&uid=3217243785272500728
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 0ECC
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D7265d2ba79ac2f13%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7265d2ba79ac2f13&uid=ua-034b312a-a255-3ff8-8fc1-095d1d96bb53
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7265d2ba79ac2f13&uid=ua-034b312a-a255-3ff8-8fc1-095d1d96bb53
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

server
openresty
date
Mon, 08 May 2023 18:50:15 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=7265d2ba79ac2f13&uid=ua-034b312a-a255-3ff8-8fc1-095d1d96bb53
pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-store
content-length
0
expires
0
sync
eb2.3lift.com/ Frame 92BA
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 08 May 2023 18:50:15 GMT
adxcm.aspx
inv-nets.admixer.net/ Frame 3A11
43 B
313 B
Document
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AG5Zi%2f0rPfjMWgtL
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
43
content-type
image/gif
date
Mon, 08 May 2023 18:50:15 GMT
keep-alive
timeout=25
p3p
CP="NID DSP ALL COR"
server
nginx
x-xss-protection
0
hb_analytics.aspx
prebid-inv-eu.admixer.net/
0
122 B
Ping
General
Full URL
https://prebid-inv-eu.admixer.net/hb_analytics.aspx
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adValidationWrapper,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=477640975-
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zdg.md/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryJFIRMsf9rgYeHV59

Response headers

access-control-allow-origin
https://www.zdg.md
date
Mon, 08 May 2023 18:50:15 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
view
securepubads.g.doubleclick.net/pcs/ Frame 7F58
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstubtrL9OLLQT7FL9VX56sCZdlaEwwEWZpgGaSeNyktF6HtaI4olsoE4CnVd87lHGsxbJfseCgt_QmuWvgS3Q-rRl9lcCfzL5DWBgKElgow7NcNjzKUXaUM4Bd5kYf_eCIkEr5VAaMRfxgu8XLA6OMlE3qbugkmpG0yrLveinu-RLYyUp_deLpdIZycA--vXif2R9zV2Ywh4kVNv8qLTg9hhykKyEs4kmBOKkG7l8VTpSBblJxFwhwsNUW4rIkmE1YeAbXZHIPXo0wJ-6hwZj0O5I97XdzSNNW9jPu_AHFF2jkXG0Jx7y17DK3a_T2u2hRrgopLWN7leWI7LKdZwd0GWg&sai=AMfl-YTE_HiDvSEQ7jeYnqjggjxa0A22mBBbhNaesK0OpGzl-jzhDX8fITQ2ve57eo8_1DaaqfLa2akWqN9ES7T7f7iEwS-k8bAKV8t1xRPo00mHJ-QoXYWXFD8aoHuGzzI&sig=Cg0ArKJSzAWmC2eDV7c_EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 7F58
26 KB
26 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305030101/pubads_impl.js?cb=31074386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 18:50:15 GMT
x-content-type-options
nosniff
age
20923
x-jsd-version
1.15.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26200
x-served-by
cache-fra-eddf8230035-FRA
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7F58
169 KB
53 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305030101/pubads_impl.js?cb=31074386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 May 2023 18:50:15 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 275C
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88522
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 08 May 2023 18:50:15 GMT
expires
Tue, 09 May 2023 19:25:37 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 9A1B
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.php
pixel.rubiconproject.com/exchange/ Frame 35CE
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
csync
sync.adtelligent.com/ Frame 35CE
43 B
320 B
Image
General
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:14 GMT
Server
Adtelligent
Etag
59b6637a894ad2dc
Content-Length
43
Content-Type
image/gif
usync.html
eus.rubiconproject.com/ Frame 851A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 May 2023 18:50:15 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 08 May 2023 18:50:15 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame B5E8
2 KB
2 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
ca33270a635aba34b1547db7afcb468d90fc82595c2aabc410b475fba002197d

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1814
Content-Type
text/html
Date
Mon, 08 May 2023 18:50:15 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 5762
1 KB
2 KB
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
84227
cf4ttl
157680000.000
content-length
1525
content-type
text/html
date
Mon, 08 May 2023 18:50:15 GMT
etag
"61ddbb71-5f5"
expires
Mon, 24 Apr 2028 15:30:46 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
6becd18504cdcec9dc6a8790843a140b
x-cf-tsc
1682607275
x-cf1
29080:fK.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 5941
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 7D33
760 B
796 B
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff153c6e6210e7dfb508ffca0f910d86f78e2f6b0d926208a72021c1a1840aee

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7c43e3285a3168fe-FRA
content-encoding
br
content-type
text/html
date
Mon, 08 May 2023 18:50:15 GMT
server
cloudflare
vary
Origin
via
1.1 google
csync
sync.console.adtarget.com.tr/ Frame A3E8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2XvdzIj4e16FW0Qi95CM&pi=admatic
43 B
473 B
Document
General
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2XvdzIj4e16FW0Qi95CM&pi=admatic
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 08 May 2023 18:50:15 GMT
Etag
f0f7e4979dd931bf
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 08 May 2023 18:50:15 GMT Mon, 08 May 2023 18:50:15 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=2XvdzIj4e16FW0Qi95CM&pi=admatic
pragma
no-cache
cookie
cm.adform.net/ Frame 1D9E
43 B
105 B
Document
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
cookie
cm.adform.net/ Frame 0D48
43 B
106 B
Document
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Mon, 08 May 2023 18:50:15 GMT
server
nginx
csync
sync.adtelligent.com/ Frame 1B10
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f0f7e4979dd931bf
43 B
453 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f0f7e4979dd931bf
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:15 GMT
Server
Adtelligent
Etag
59b6637a894ad2dc
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f0f7e4979dd931bf
Date
Mon, 08 May 2023 18:50:14 GMT
Server
Adtelligent
Etag
f0f7e4979dd931bf
Content-Length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C71D
3 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45068700&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1b74a7f8f16e92d16ca1495855bae9b94ca97cb630ed34601761644ef396654b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 08 May 2023 18:50:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cmp
spl.zeotap.com/ Frame 254C
0
0
Document
General
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
7c43e328ca9b68fe-FRA
date
Mon, 08 May 2023 18:50:15 GMT
server
cloudflare
vary
Origin
via
1.1 google
khaos.jpg
token.rubiconproject.com/ Frame F04B
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame B5E8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZFlEZ2Frf3xX03SB9gveRQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPzqC56EwqV8X91nrQ8NMyQ&google_cver=1
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPzqC56EwqV8X91nrQ8NMyQ&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPzqC56EwqV8X91nrQ8NMyQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B5E8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7QJJXKH2BBRKG7P5GC27
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
44R05H1CKJQ7GPTP4NMM
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B5E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZFlEZ2Frf3xX03SB9gveRQAAFJIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELo3AFvWHZ7rYlIdyoPyB7Y&google_cver=1
43 B
632 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELo3AFvWHZ7rYlIdyoPyB7Y&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELo3AFvWHZ7rYlIdyoPyB7Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B5E8
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 08 May 2023 18:50:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame B5E8
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=fed51c70-fe27-24a2-40186744
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=fed51c70-fe27-24a2-40186744
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Mon, 08 May 2023 18:50:16 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=fed51c70-fe27-24a2-40186744
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
rum
dsum-sec.casalemedia.com/ Frame B5E8
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZFlEZ2Frf3xX03SB9gveRQAA%265266&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=20a6ea65-df55-453b-b03c-16441b0d2c38-tuctb52c9e8
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=20a6ea65-df55-453b-b03c-16441b0d2c38-tuctb52c9e8
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=20a6ea65-df55-453b-b03c-16441b0d2c38-tuctb52c9e8
date
Mon, 08 May 2023 18:50:16 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13342
crum
dsum-sec.casalemedia.com/ Frame B5E8
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827775006497
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827775006497
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827775006497
Date
Mon, 08 May 2023 18:50:16 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame B5E8
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d3ddb4ec-5a0c-4795-9319-8847fb74e207
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d3ddb4ec-5a0c-4795-9319-8847fb74e207
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 18:50:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d3ddb4ec-5a0c-4795-9319-8847fb74e207
date
Mon, 08 May 2023 18:50:16 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
um
u-ams03.e-planning.net/ Frame B5E8
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=7265d2ba79ac2f13&uid=ZFlEZ2Frf3xX03SB9gveRQAA%265266
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7265d2ba79ac2f13%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

server
openresty
date
Mon, 08 May 2023 18:50:16 GMT
content-type
image/gif
hb_analytics.aspx
prebid-inv-eu.admixer.net/
0
122 B
Ping
General
Full URL
https://prebid-inv-eu.admixer.net/hb_analytics.aspx
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adValidationWrapper,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=477640975-
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zdg.md/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryQoiH8Res4myf5ORg

Response headers

access-control-allow-origin
https://www.zdg.md
date
Mon, 08 May 2023 18:50:15 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
view
securepubads.g.doubleclick.net/pcs/ Frame 9EC0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_-QntRwLO3Gu-TmINlRs_wv4OY1STKUYwObjQfQzNNXVw2put9ncE5WB3Ut2fKNeqvsu11-6jy6F7BIHNH5FaZ8xll4BJSkszkdKhvRHJ5VzHy4zULuUA-6l1VXLRizX4e6LlXBzi4tMLCMp_KzFVBKgQ-ToTHX8TUwxOvndEdoY8Q55OKrDwPDBQuZUwKB0wvHwuw9tsFNvP93_zUQh4YKRYnhHSBjEti-FAuXXecpiP6aJydi-bnwK3UsRkPbudoTG_fG1MVrx_ynQZGH2TQo1FV7Z5nOdmElD0VMAmwUGUWNJlqgkOzw5rGASLFjp_LJixaxdSVEcOWQPQV8SfXRRa&sai=AMfl-YTNGJtH3WWA65irfn5FT7Djn2VZevguxqzRJMqLZFfql6s3Qy27neEN9h1-54niqZfo4vCnxZwI5Lmn0Kq2-glcUa51YIZRtYGMAp2Shm0nrCjGk2nDawq_c1ItEg&sig=Cg0ArKJSzNMdaayC01_FEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 9EC0
26 KB
26 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305030101/pubads_impl.js?cb=31074386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 18:50:15 GMT
x-content-type-options
nosniff
age
20923
x-jsd-version
1.15.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26200
x-served-by
cache-fra-eddf8230035-FRA
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9EC0
169 KB
52 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305030101/pubads_impl.js?cb=31074386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 May 2023 18:50:15 GMT
mw
mwzeom.zeotap.com/ Frame 7D33
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D095...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=c1b17ca1-963f-4915-5300-26589a302816&zdid=1361&puid=2bff...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=c1b17ca1-963f-4915-5300-26589a302816&zdid=1361&puid=2bffb700-edd1-11ed-821a-9b29867dbf7b
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e32b5d3a68fe-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=c1b17ca1-963f-4915-5300-26589a302816&zdid=1361&puid=2bffb700-edd1-11ed-821a-9b29867dbf7b
date
Mon, 08 May 2023 18:50:16 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 7D33
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=c1b17ca1-963f-4915-5300-26589a302816&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e329bbb668fe-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 7D33
557 B
416 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=c1b17ca1-963f-4915-5300-26589a302816&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73336a20ee6c7b88e1e2bc4aa9460e88e66b7bb1bb222c36ba1c920551badb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7c43e32afce268fe-FRA
access-control-allow-headers
*
usync.js
eus.rubiconproject.com/ Frame 851A
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa85b91728df6ce768e194698261b214027dc377341f15da4f459ec5c11117cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2023 15:14:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=73432
Connection
keep-alive
Content-Length
10020
Expires
Tue, 09 May 2023 15:14:07 GMT
loader2.js
cdn.admixer.net/scripts3/ Frame 7F58
178 KB
56 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adValidationWrapper,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=477640975-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
260c5188c2d3c717a7c9206edaf4bce47be52c83c56e9c433f24a1163c0a7347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:27 GMT
server
nginx
etag
W/"64511aff-2c649"
x-cached-since
2023-05-08T18:44:46+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
cross-origin-resource-policy
cross-origin
x-nginx
nginx-be
expires
Tue, 02 May 2023 14:27:42 GMT
crevt.aspx
inv-nets.admixer.net/ Frame 7F58
43 B
190 B
Image
General
Full URL
https://inv-nets.admixer.net/crevt.aspx?cc=DE%2FHE%2F2925533&am-uid=2b6d9aa3e20c4edbb4171a681d73586c&zone=1EBD4265-0EA9-4FC8-8CD3-7F1A7D61C00D&device=28&rule=817AD580-3F47-4F01-B174-EAC83836EF4A&requestId=7494302d-6159-4946-acab-3709fef7cd8f&hp=1771462998&page=www.zdg.md%2F&ts=638191686150587816&ap=MQ%3D%3D&asign=744982741&markups=ZG1wZj0wJmRtcHA9dHJ1ZSZjcnRmPTAmY3J0cD10cnVlJmNydGF0cz0wJmFkbWY9MCZhZG1wPXRydWUmdGRmPTAmdGRwPXRydWUmdG90Zj0wJnRvdHA9dHJ1ZQ%3D%3D&hold=1&sync=98%2C80%2C88%2C3%2C96&bt=3&carr=31173+Services+AB&connt=1&devt=2&isapp=0&os=Windows+10&osv=NT+10.0&adtype=7&extpubid=0EF5B541-739D-48EA-A90E-8CD4A3D34314&inst=ADS-EU-5&pxl=0&pvid=062d59c0-7f84-475e-9fda-3c622a0a037e&ip=185.213.155.151&item=047680BD-9E59-4340-AE0A-13873E7F0328&crid=047680BD-9E59-4340-AE0A-13873E7F0328&size=300x250&profile=CFC1621B-B8C9-449C-BFF4-3D8D29425840&isopt=0&adv=N%2FA&dsp=ADMIXER+Moldova&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fmcdonalds.md%2F&schain=1.0%2C1%21admixer.com%2C0ef5b541-739d-48ea-a90e-8cd4a3d34314%2C1%2C%2C%2C&sw=[e=screen.width]&sh=0&cet=4&rnd=1683571815058781612
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
43
x-xss-protection
0
hb_analytics.aspx
prebid-inv-eu.admixer.net/ Frame 7F58
0
86 B
Image
General
Full URL
https://prebid-inv-eu.admixer.net/hb_analytics.aspx?%7B%22eventType%22:%22bidView%22,%22args%22:%7B%22bidder%22:%22admixer%22,%22analyticsParams%22:%7B%22adUnitId%22:1238,%22publisherOId%22:%220ef5b541-739d-48ea-a90e-8cd4a3d34314%22,%22bidId%22:15304,%22buyerId%22:4431%7D,%22params%22:%7B%22pw%22:true,%22zone%22:%221ebd4265-0ea9-4fc8-8cd3-7f1a7d61c00d%22%7D,%22intersection%22:%7B%22boundingClientRect%22:%7B%22left%22:1177.5,%22top%22:904.5,%22right%22:1495,%22bottom%22:904.5,%22width%22:317.5,%22height%22:0,%22x%22:1177.5,%22y%22:904.5%7D,%22intersectionRect%22:%7B%22left%22:1177.5,%22top%22:904.5,%22right%22:1495,%22bottom%22:904.5,%22width%22:317.5,%22height%22:0,%22x%22:1177.5,%22y%22:904.5%7D,%22intersectionRatio%22:1,%22isIntersecting%22:true,%22time%22:1570.599998474121%7D,%22ortb2Imp%22:%7B%22ext%22:%7B%22tid%22:%22665b2345-6d3f-4dac-a8ac-5aefc61ba275%22%7D%7D,%22mediaTypes%22:%7B%22banner%22:%7B%22sizes%22:%5B%5B300,250%5D,%5B1,2%5D%5D,%22playerSize%22:%5B300,250%5D%7D%7D,%22adUnitCode%22:%22admixer-hb-347-637612653969977090%22,%22transactionId%22:%22665b2345-6d3f-4dac-a8ac-5aefc61ba275%22,%22sizes%22:%5B%5B300,250%5D,%5B1,2%5D%5D,%22bidId%22:%2246d7afaeaa735d%22,%22bidderRequestId%22:%223ba9a20ddab19c%22,%22auctionId%22:%22ece13cfa-0087-4d8b-ba07-eb01a2c2edaf_f1647993-0d7f-4e5b-9642-20e7fe5a662a%22,%22src%22:%22client%22,%22metrics%22:%7B%22userId.init.gdpr%22:%5B0%5D,%22userId.mod.init%22:%5B0.40000152587890625%5D,%22userId.mods.admixerId.init%22:%5B0.40000152587890625%5D,%22userId.init.modules%22:%5B1.8999977111816406%5D,%22requestBids.userId%22:0.20000076293945312,%22requestBids.rtd%22:50.5,%22requestBids.validate%22:0,%22requestBids.makeRequests%22:0.7000007629394531,%22adapter.client.net%22:%5B59.400001525878906%5D,%22adapters.client.admixer.net%22:%5B59.400001525878906%5D,%22adapter.client.interpretResponse%22:%5B0%5D,%22adapters.client.admixer.interpretResponse%22:%5B0%5D,%22addBidResponse.validate%22:%5B0.10000228881835938%5D,%22addBidResponse.currency%22:%5B0.09999847412109375%5D,%22adapter.client.validate%22:0,%22adapters.client.admixer.validate%22:0,%22adapter.client.buildRequests%22:0.10000228881835938,%22adapters.client.admixer.buildRequests%22:0.10000228881835938%7D,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22ortb2%22:%7B%22site%22:%7B%22page%22:%22https://www.zdg.md/%22,%22domain%22:%22zdg.md%22,%22publisher%22:%7B%22domain%22:%22zdg.md%22%7D,%22cat%22:%5B%22IAB12%22,%22IAB12-1%22,%22IAB12-2%22,%22IAB12-3%22,%22IAB13-3%22%5D,%22sectioncat%22:%5B%5D,%22pagecat%22:%5B%22IAB12%22,%22IAB12-1%22,%22IAB12-2%22,%22IAB12-3%22,%22IAB13-3%22%5D%7D,%22device%22:%7B%22w%22:1600,%22h%22:1200,%22dnt%22:0,%22ua%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/113.0.5672.63%20Safari/537.36%22,%22language%22:%22en%22,%22sua%22:%7B%22source%22:2,%22browsers%22:%5B%5D,%22mobile%22:0,%22model%22:%22%22,%22bitness%22:%22%22,%22architecture%22:%22%22%7D%7D%7D,%22schain%22:%7B%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:%5B%7B%22asi%22:%22admixer.com%22,%22sid%22:%220ef5b541-739d-48ea-a90e-8cd4a3d34314%22,%22hp%22:1%7D%5D%7D,%22cpm%22:1.101079057476,%22currency%22:%22USD%22,%22width%22:300,%22height%22:250,%22prebidCPM%22:1.101079057476,%22creativeId%22:%22047680BD-9E59-4340-AE0A-13873E7F0328%22,%22refererInfo%22:%7B%22reachedTop%22:true,%22isAmp%22:false,%22numIframes%22:0,%22stack%22:%5B%22https://www.zdg.md/%22%5D,%22topmostLocation%22:%22https://www.zdg.md/%22,%22location%22:%22https://www.zdg.md/%22,%22canonicalUrl%22:%22https://www.zdg.md/%22,%22page%22:%22https://www.zdg.md/%22,%22domain%22:%22www.zdg.md%22,%22ref%22:null,%22legacy%22:%7B%22reachedTop%22:true,%22isAmp%22:false,%22numIframes%22:0,%22stack%22:%5B%22https://www.zdg.md/%22%5D,%22referer%22:%22https://www.zdg.md/%22,%22canonicalUrl%22:%22https://www.zdg.md/%22%7D%7D%7D%7D
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
truncated
/ Frame 7F58
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1818ed7a7d939d1927411c619e45a09589c5aa97078c63c49f7f172a6a390351

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
sync
eb2.3lift.com/ Frame A221
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 08 May 2023 18:50:16 GMT
csync
sync.adtelligent.com/ Frame 0EC6
43 B
453 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AG5Zi%2f0rPfjMWgtL
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 08 May 2023 18:50:15 GMT
Etag
59b6637a894ad2dc
Server
Adtelligent
loader2.js
cdn.admixer.net/scripts3/ Frame 9EC0
178 KB
56 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adValidationWrapper,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=477640975-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
260c5188c2d3c717a7c9206edaf4bce47be52c83c56e9c433f24a1163c0a7347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:27 GMT
server
nginx
etag
W/"64511aff-2c649"
x-cached-since
2023-05-08T18:44:46+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
cross-origin-resource-policy
cross-origin
x-nginx
nginx-be
expires
Tue, 02 May 2023 14:27:42 GMT
crevt.aspx
inv-nets.admixer.net/ Frame 9EC0
43 B
190 B
Image
General
Full URL
https://inv-nets.admixer.net/crevt.aspx?cc=DE%2FHE%2F2925533&am-uid=2b6d9aa3e20c4edbb4171a681d73586c&zone=C6237B42-B52F-44E8-B5F5-8BE1C6CC3E49&device=28&rule=817AD580-3F47-4F01-B174-EAC83836EF4A&requestId=006cbdb0-19b1-43dd-8657-d0ba1904d713&hp=1771462998&page=www.zdg.md%2F&ts=638191686150587816&ap=MQ%3D%3D&asign=2063357490&markups=ZG1wZj0wJmRtcHA9dHJ1ZSZjcnRmPTAmY3J0cD10cnVlJmNydGF0cz0wJmFkbWY9MCZhZG1wPXRydWUmdGRmPTAmdGRwPXRydWUmdG90Zj0wJnRvdHA9dHJ1ZQ%3D%3D&hold=1&sync=96%2C3%2C88%2C80%2C98&bt=3&carr=31173+Services+AB&connt=1&devt=2&isapp=0&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=0EF5B541-739D-48EA-A90E-8CD4A3D34314&inst=ADS-EU-5&pxl=0&pvid=b28b70ab-ad04-4938-9e4e-70529f2cfddb&ip=185.213.155.151&item=CF0AEADB-2E1E-400A-B1C8-AC413732181C&crid=CF0AEADB-2E1E-400A-B1C8-AC413732181C&size=1200x250&profile=CFC1621B-B8C9-449C-BFF4-3D8D29425840&isopt=0&adv=N%2FA&dsp=ADMIXER+Moldova&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fmcdonalds.md%2F&schain=1.0%2C1%21admixer.com%2C0ef5b541-739d-48ea-a90e-8cd4a3d34314%2C1%2C%2C%2C&sw=[e=screen.width]&sh=0&cet=4&rnd=1683571815058781612
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
43
x-xss-protection
0
hb_analytics.aspx
prebid-inv-eu.admixer.net/ Frame 9EC0
0
86 B
Image
General
Full URL
https://prebid-inv-eu.admixer.net/hb_analytics.aspx?%7B%22eventType%22:%22bidView%22,%22args%22:%7B%22bidder%22:%22admixer%22,%22analyticsParams%22:%7B%22adUnitId%22:1233,%22publisherOId%22:%220ef5b541-739d-48ea-a90e-8cd4a3d34314%22,%22bidId%22:15299,%22buyerId%22:4431%7D,%22params%22:%7B%22pw%22:true,%22zone%22:%22c6237b42-b52f-44e8-b5f5-8be1c6cc3e49%22%7D,%22intersection%22:%7B%22boundingClientRect%22:%7B%22left%22:100,%22top%22:200,%22right%22:1500,%22bottom%22:200,%22width%22:1400,%22height%22:0,%22x%22:100,%22y%22:200%7D,%22intersectionRect%22:%7B%22left%22:100,%22top%22:200,%22right%22:1500,%22bottom%22:200,%22width%22:1400,%22height%22:0,%22x%22:100,%22y%22:200%7D,%22intersectionRatio%22:1,%22isIntersecting%22:true,%22time%22:1584.6999969482422%7D,%22ortb2Imp%22:%7B%22ext%22:%7B%22tid%22:%225b0d25d6-3620-427c-b5ba-1fb731e74701%22%7D%7D,%22mediaTypes%22:%7B%22banner%22:%7B%22sizes%22:%5B%5B970,250%5D,%5B1200,250%5D%5D,%22playerSize%22:%5B970,250%5D%7D%7D,%22adUnitCode%22:%22admixer-hb-347-637612652934428183%22,%22transactionId%22:%225b0d25d6-3620-427c-b5ba-1fb731e74701%22,%22sizes%22:%5B%5B970,250%5D,%5B1200,250%5D%5D,%22bidId%22:%22276fc8ad63471a%22,%22bidderRequestId%22:%221a7693c894e33d%22,%22auctionId%22:%22ece13cfa-0087-4d8b-ba07-eb01a2c2edaf_340cc9de-444e-44f7-906e-752c5dd19028%22,%22src%22:%22client%22,%22metrics%22:%7B%22userId.init.gdpr%22:%5B0%5D,%22userId.mod.init%22:%5B0.40000152587890625%5D,%22userId.mods.admixerId.init%22:%5B0.40000152587890625%5D,%22userId.init.modules%22:%5B1.8999977111816406%5D,%22requestBids.userId%22:0.10000228881835938,%22requestBids.rtd%22:32.20000076293945,%22requestBids.validate%22:0.3999977111816406,%22requestBids.makeRequests%22:2.5,%22adapter.client.net%22:%5B43%5D,%22adapters.client.admixer.net%22:%5B43%5D,%22adapter.client.interpretResponse%22:%5B0.09999847412109375%5D,%22adapters.client.admixer.interpretResponse%22:%5B0.09999847412109375%5D,%22addBidResponse.validate%22:%5B0.2999992370605469%5D,%22addBidResponse.currency%22:%5B0%5D,%22adapter.client.validate%22:0.10000228881835938,%22adapters.client.admixer.validate%22:0.10000228881835938,%22adapter.client.buildRequests%22:0.2999992370605469,%22adapters.client.admixer.buildRequests%22:0.2999992370605469%7D,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22ortb2%22:%7B%22site%22:%7B%22page%22:%22https://www.zdg.md/%22,%22domain%22:%22zdg.md%22,%22publisher%22:%7B%22domain%22:%22zdg.md%22%7D,%22cat%22:%5B%22IAB12%22,%22IAB12-1%22,%22IAB12-2%22,%22IAB12-3%22,%22IAB13-3%22%5D,%22sectioncat%22:%5B%5D,%22pagecat%22:%5B%22IAB12%22,%22IAB12-1%22,%22IAB12-2%22,%22IAB12-3%22,%22IAB13-3%22%5D%7D,%22device%22:%7B%22w%22:1600,%22h%22:1200,%22dnt%22:0,%22ua%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/113.0.5672.63%20Safari/537.36%22,%22language%22:%22en%22,%22sua%22:%7B%22source%22:2,%22browsers%22:%5B%5D,%22mobile%22:0,%22model%22:%22%22,%22bitness%22:%22%22,%22architecture%22:%22%22%7D%7D%7D,%22schain%22:%7B%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:%5B%7B%22asi%22:%22admixer.com%22,%22sid%22:%220ef5b541-739d-48ea-a90e-8cd4a3d34314%22,%22hp%22:1%7D%5D%7D,%22cpm%22:1.101079057476,%22currency%22:%22USD%22,%22width%22:1200,%22height%22:250,%22prebidCPM%22:1.101079057476,%22creativeId%22:%22CF0AEADB-2E1E-400A-B1C8-AC413732181C%22,%22refererInfo%22:%7B%22reachedTop%22:true,%22isAmp%22:false,%22numIframes%22:0,%22stack%22:%5B%22https://www.zdg.md/%22%5D,%22topmostLocation%22:%22https://www.zdg.md/%22,%22location%22:%22https://www.zdg.md/%22,%22canonicalUrl%22:%22https://www.zdg.md/%22,%22page%22:%22https://www.zdg.md/%22,%22domain%22:%22www.zdg.md%22,%22ref%22:null,%22legacy%22:%7B%22reachedTop%22:true,%22isAmp%22:false,%22numIframes%22:0,%22stack%22:%5B%22https://www.zdg.md/%22%5D,%22referer%22:%22https://www.zdg.md/%22,%22canonicalUrl%22:%22https://www.zdg.md/%22%7D%7D%7D%7D
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
Pug
simage2.pubmatic.com/AdServer/ Frame F229
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=-1&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1fee6459-4467-4100-9d77-92ef4e685530&gdpr=-1&gdpr_consent=
42 B
344 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1fee6459-4467-4100-9d77-92ef4e685530&gdpr=-1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 08 May 2023 18:50:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 08 May 2023 18:50:16 GMT
Expires
Mon, 08 May 2023 18:50:15 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master zrh-pixel-x26 config_version:"79"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1fee6459-4467-4100-9d77-92ef4e685530&gdpr=-1&gdpr_consent=
cs
cs.yellowblue.io/ Frame 6DB7
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D-1%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433827775006497
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11576&id=d40bf87b0c3e44a5aafec12ac9c87d64
0
281 B
Document
General
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=d40bf87b0c3e44a5aafec12ac9c87d64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.198.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-198-19.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Mon, 08 May 2023 18:50:16 GMT

Redirect headers

content-length
100
content-type
text/html; charset=utf-8
date
Mon, 08 May 2023 18:50:15 GMT
location
https://cs.yellowblue.io/cs?aid=11576&id=d40bf87b0c3e44a5aafec12ac9c87d64
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync.aspx
dis.criteo.com/dis/ Frame 63DC
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=-1&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 18:50:15 GMT
expires
Mon, 08 May 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
281105
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 48E2
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=1958579384616712276
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433827775006497&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=432e52bd-9af3-402a-ac41-e79ba1fd5ecd&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 08 May 2023 18:50:15 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
4A23175A-C353-4DF7-AF47-2D79A4468DF2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4CF4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3217243785272500728&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/4A23175A-C353-4DF7-AF47-2D79A4468DF2?gdpr=0&gdpr_consent=
0
0
Document
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4A23175A-C353-4DF7-AF47-2D79A4468DF2?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f7ac:e0cd:cc15:97d3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
content-length
43
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
content-type
image/gif
date
Mon, 08 May 2023 18:50:16 GMT
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
referrer-policy
strict-origin-when-cross-origin
server
ATS
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

content-length
126
content-type
text/html; charset=utf-8
date
Mon, 08 May 2023 18:50:15 GMT
location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4A23175A-C353-4DF7-AF47-2D79A4468DF2?gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 1F02
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8GH6SvJh-UvrYaxBoGDiRfVt_kDrYvcW8GNbrsQs
42 B
437 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8GH6SvJh-UvrYaxBoGDiRfVt_kDrYvcW8GNbrsQs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 08 May 2023 18:50:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 08 May 2023 18:50:16 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8GH6SvJh-UvrYaxBoGDiRfVt_kDrYvcW8GNbrsQs
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
dcm
aax-eu.amazon-adsystem.com/s/ Frame CD35
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4A23175A-C353-4DF7-AF47-2D79A4468DF2&redir=true&gdpr=-1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 08 May 2023 18:50:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NX5M2WQYRVDY0KG5N45X
csync
sync.adtelligent.com/ Frame 54D3
43 B
473 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=4A23175A-C353-4DF7-AF47-2D79A4468DF2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 08 May 2023 18:50:15 GMT
Etag
59b6637a894ad2dc
Server
Adtelligent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C71D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SiMXWsNTTfevRy15pEaN8g%3D%3D&gdpr=-1&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=-1&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=-1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=88521
accept-ranges
bytes
content-length
5554
expires
Tue, 09 May 2023 19:25:37 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=-1&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame C71D
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4A23175A-C353-4DF7-AF47-2D79A4468DF2&gdpr=-1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.163.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-51-163-206.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.33
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame C71D
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=-1&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=4A23175A-C353-4DF7-AF47-2D79A4468DF2
0
17 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=4A23175A-C353-4DF7-AF47-2D79A4468DF2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H3
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:15 GMT
via
1.1 google
last-modified
Mon, 08 May 2023 18:50:16 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=4A23175A-C353-4DF7-AF47-2D79A4468DF2
date
Mon, 08 May 2023 18:50:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame C71D
Redirect Chain
  • https://a.audrte.com/match?gdpr=-1&gdpr_consent=&p=M1717054901&uid=4A23175A-C353-4DF7-AF47-2D79A4468DF2
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjdsZ2pjUFlHejVUZXkycHkyMmZqMEZEQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6388974307984886280&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Server
34.192.88.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-88-152.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:17 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 08 May 2023 18:50:17 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pubmatic
um.simpli.fi/ Frame C71D
43 B
610 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=-1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 07 May 2023 18:50:16 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame C71D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=&piggybackCookie=6388974307984886280
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
43 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 08 May 2023 18:50:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ Frame C71D
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=-1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 08 May 2023 18:50:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
khaos.jpg
token.rubiconproject.com/ Frame 851A
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
reload
www.google.com/recaptcha/api2/ Frame 8E76
33 KB
19 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LeUQVwiAAAAAI-No47eurPKekD5TFhOuHm7kNET
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
572b452dcbd39b6f05f30b69b9595c72f47f373e99d332991ad5d8a69a624181
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeUQVwiAAAAAI-No47eurPKekD5TFhOuHm7kNET&co=aHR0cHM6Ly93d3cuemRnLm1kOjQ0Mw..&hl=de&v=1h-hbVSJRMOQsmO_2qL9cO0z&size=invisible&cb=fq56jrdmg9lx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19065
x-xss-protection
1; mode=block
expires
Mon, 08 May 2023 18:50:16 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7F58
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0s25xhdRQg_XfEITi4M7UruYOYDyZC9Iu9436t7hNxIdwMevgGsC2BR5-p6_jHQeQNTG478T-WLunZJfP7g7Lwztb6wnqiAKRFgmGesrRVj_aB2IDMW_Ii8GZGthgGP7qu4WxRUo6kx2a6LzzKZh92mWoXgYMY0wuoy2qN8KLegV5FdgVJ7P6LJeg0YbqbaMCRf6z3jPOyz-dBQIK1OoSnuAbx-kX3KhmlXUTOtSnKaTsrezgDez0QYbm330DylInjpaotjb4g3U-87eBpVIGKNRmu3AxRtiEQHPwAsK4wFijOyYawMwxzltEmsydOvufdpPua35T-2PgqPgzTQ-4q__a&sai=AMfl-YRw8bOCmxkRnRGTjwvVXyM11lz_HQ-PcSWR_em0i_6xd5Z9HAqn7zlVav9CE4xXzFLGbFwO0GRwZ0D7QwACTkD-Fnsn7hJYoQ799pGtvWpEScOJT3yW-l_Xr--edf0&sig=Cg0ArKJSzKpKPOP1k72kEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 08 May 2023 18:50:16 GMT
cmp
spl.zeotap.com/ Frame 7D33
0
0
Document
General
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=c1b17ca1-963f-4915-5300-26589a302816&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=c1b17ca1-963f-4915-5300-26589a302816&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
7c43e32c4e1368fe-FRA
date
Mon, 08 May 2023 18:50:16 GMT
server
cloudflare
vary
Origin
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame 9EC0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHJxzNjeN8qQ1aELGYrOUmXikYud_dgY98F9zuXX3esK4DU3dKhvIUU3e2wcYVStuiDJgubPh1YQQ2HN3dIrJye2QuhPykR-4jZv-mzihbQnC_DH3bOfpJqgUO_8pcecjW1yceKYrTgsUwk0VL4mONo8P8iqKDPsQELdZ3FeLh9TZmHsVVQjxAduVu2VY9DEeAHdYBa-iQ523xwNdcz-DxYpXSZOZFQsbXCMHKhhypy2vwURnktQbIMoRpRrLFEk255xqmnU2Yc_FXGp4MFL5q851RuRVBornCQJqUWyKju0brlQQJQQnUoxnfDU1o4vME4gBQskGlgosrYHqQqOSLQ_duAA4&sai=AMfl-YRK-ZETIi0uBrqxDvlPPToqOZ1Jld8Csm7tXLXDSK70lEpMOgGU39M6XaoaDNUJvVaCvmQkBiuFqMpJ7m0g351Q2EOssF7e_efZaA2pZUKB1V-afncmob578jpWEg&sig=Cg0ArKJSzHJE5rgU2il5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 08 May 2023 18:50:16 GMT
truncated
/ Frame 9EC0
222 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
002f377f8a46b52a5b4a02d2bd05a8de957155be307d996d6841ea91db76e991

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
c.html
cdn.admixer.net/scripts3/57367/ Frame 7967
738 B
406 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/57367/c.html?b=57367
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://www.zdg.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Mon, 08 May 2023 18:50:16 GMT
etag
W/"64511b11-2e2"
expires
Thu, 02 May 2024 14:17:44 GMT
last-modified
Tue, 02 May 2023 14:15:45 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:44+00:00
x-id
fr5-hw-edge-gc16
x-nginx
nginx-be
d4caf325a438565b6d08.b.js
cdn.admixer.net/scripts3/57367/ Frame 7F58
37 KB
14 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/d4caf325a438565b6d08.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8366397205cd2606d492b54da977d3128a3361224b859ba087a9c2703d5b3797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:46 GMT
server
nginx
etag
W/"64511b12-9501"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:43+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:43 GMT
1a81de5593dbd781ac6e.b.js
cdn.admixer.net/scripts3/57367/ Frame 7F58
76 KB
20 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/1a81de5593dbd781ac6e.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f25190e195e7f837684c6861c564c8294b01087a7d9ec7f0656b73ee8f91ad1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:33 GMT
server
nginx
etag
W/"64511b05-131bd"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:43+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:43 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 851A
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
c.html
cdn.admixer.net/scripts3/57367/ Frame 9064
738 B
406 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/57367/c.html?b=57367
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://www.zdg.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Mon, 08 May 2023 18:50:16 GMT
etag
W/"64511b11-2e2"
expires
Thu, 02 May 2024 14:17:44 GMT
last-modified
Tue, 02 May 2023 14:15:45 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:44+00:00
x-id
fr5-hw-edge-gc16
x-nginx
nginx-be
d4caf325a438565b6d08.b.js
cdn.admixer.net/scripts3/57367/ Frame 9EC0
37 KB
14 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/d4caf325a438565b6d08.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8366397205cd2606d492b54da977d3128a3361224b859ba087a9c2703d5b3797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:46 GMT
server
nginx
etag
W/"64511b12-9501"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:43+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:43 GMT
1a81de5593dbd781ac6e.b.js
cdn.admixer.net/scripts3/57367/ Frame 9EC0
76 KB
20 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/1a81de5593dbd781ac6e.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f25190e195e7f837684c6861c564c8294b01087a7d9ec7f0656b73ee8f91ad1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:33 GMT
server
nginx
etag
W/"64511b05-131bd"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:43+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:43 GMT
0d11748832caddd96690.b.js
cdn.admixer.net/scripts3/57367/ Frame 7F58
28 KB
11 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/0d11748832caddd96690.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:32 GMT
server
nginx
etag
W/"64511b04-702f"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
658a385fec78f0e1897f.b.js
cdn.admixer.net/scripts3/57367/ Frame 7F58
42 KB
18 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/658a385fec78f0e1897f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:38 GMT
server
nginx
etag
W/"64511b0a-a793"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
8b73097df909af36f72d.b.js
cdn.admixer.net/scripts3/57367/ Frame 7F58
13 KB
5 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/8b73097df909af36f72d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:41 GMT
server
nginx
etag
W/"64511b0d-326c"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
b9ab3f9972863fcb32ae.b.js
cdn.admixer.net/scripts3/57367/ Frame 7F58
11 KB
4 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/b9ab3f9972863fcb32ae.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f930509ebac4d0fe907137b7d065293ffb589ffa3b25c5022a82c28fb3510c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:44 GMT
server
nginx
etag
W/"64511b10-2a79"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
9ac2392652d23e12b595.b.js
cdn.admixer.net/scripts3/57367/ Frame 7F58
220 KB
76 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/9ac2392652d23e12b595.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
cdbbfe7a85a8a1687d9a534f5e2282e0ec5322819fab9188d3f01c3af219035a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:42 GMT
server
nginx
etag
W/"64511b0e-370d3"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
0a8172c5-63c0-48c6-b57d-5522debafca1.jpg
content.admixer.net/test1/0ff357f2-7ad9-436e-95e7-381ea4e826b5/ Frame F06D
78 KB
79 KB
Image
General
Full URL
https://content.admixer.net/test1/0ff357f2-7ad9-436e-95e7-381ea4e826b5/0a8172c5-63c0-48c6-b57d-5522debafca1.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS
185-46-149-20.net.gigatrans.ua
Software
nginx /
Resource Hash
44791bb534bb7dd59ffec90b422b8ab133844d01505cb3c000a5c18478a69a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:16 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 14 Oct 2022 06:46:08 GMT
Server
nginx
ETag
"634905b0-1385a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
Cache-Control
max-age=31622400
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79962
Expires
Wed, 08 May 2024 18:50:16 GMT
0d11748832caddd96690.b.js
cdn.admixer.net/scripts3/57367/ Frame 9EC0
28 KB
11 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/0d11748832caddd96690.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:32 GMT
server
nginx
etag
W/"64511b04-702f"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
658a385fec78f0e1897f.b.js
cdn.admixer.net/scripts3/57367/ Frame 9EC0
42 KB
18 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/658a385fec78f0e1897f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:38 GMT
server
nginx
etag
W/"64511b0a-a793"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
8b73097df909af36f72d.b.js
cdn.admixer.net/scripts3/57367/ Frame 9EC0
13 KB
5 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/8b73097df909af36f72d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:41 GMT
server
nginx
etag
W/"64511b0d-326c"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
b9ab3f9972863fcb32ae.b.js
cdn.admixer.net/scripts3/57367/ Frame 9EC0
11 KB
4 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/b9ab3f9972863fcb32ae.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f930509ebac4d0fe907137b7d065293ffb589ffa3b25c5022a82c28fb3510c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:44 GMT
server
nginx
etag
W/"64511b10-2a79"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
9ac2392652d23e12b595.b.js
cdn.admixer.net/scripts3/57367/ Frame 9EC0
220 KB
76 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/57367/9ac2392652d23e12b595.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
cdbbfe7a85a8a1687d9a534f5e2282e0ec5322819fab9188d3f01c3af219035a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc16
date
Mon, 08 May 2023 18:50:16 GMT
content-encoding
gzip
last-modified
Tue, 02 May 2023 14:15:42 GMT
server
nginx
etag
W/"64511b0e-370d3"
vary
Accept-Encoding
x-cached-since
2023-05-02T14:17:51+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
x-nginx
nginx-be
expires
Thu, 02 May 2024 14:17:51 GMT
83ab779a-7785-4d35-bd98-8e64f2448fe5.jpg
content.admixer.net/test1/cf52ccea-59f7-4ac4-9bc6-42b3472358b1/ Frame 26AB
308 KB
308 KB
Image
General
Full URL
https://content.admixer.net/test1/cf52ccea-59f7-4ac4-9bc6-42b3472358b1/83ab779a-7785-4d35-bd98-8e64f2448fe5.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS
185-46-149-20.net.gigatrans.ua
Software
nginx /
Resource Hash
c34af7e69b760a9d661140224d7774edd1c0efda1c33e040dc1069d49dd83de2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:16 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 12 Aug 2022 10:22:32 GMT
Server
nginx
ETag
"62f629e8-4cfec"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
Cache-Control
max-age=31622400
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
315372
Expires
Wed, 08 May 2024 18:50:16 GMT
0a8172c5-63c0-48c6-b57d-5522debafca1.jpg
content.admixer.net/test1/0ff357f2-7ad9-436e-95e7-381ea4e826b5/ Frame F06D
78 KB
79 KB
Image
General
Full URL
https://content.admixer.net/test1/0ff357f2-7ad9-436e-95e7-381ea4e826b5/0a8172c5-63c0-48c6-b57d-5522debafca1.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS
185-46-149-20.net.gigatrans.ua
Software
nginx /
Resource Hash
44791bb534bb7dd59ffec90b422b8ab133844d01505cb3c000a5c18478a69a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:17 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 14 Oct 2022 06:46:08 GMT
Server
nginx
ETag
"634905b0-1385a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
Cache-Control
max-age=31622400
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79962
Expires
Wed, 08 May 2024 18:50:17 GMT
83ab779a-7785-4d35-bd98-8e64f2448fe5.jpg
content.admixer.net/test1/cf52ccea-59f7-4ac4-9bc6-42b3472358b1/ Frame 26AB
308 KB
308 KB
Image
General
Full URL
https://content.admixer.net/test1/cf52ccea-59f7-4ac4-9bc6-42b3472358b1/83ab779a-7785-4d35-bd98-8e64f2448fe5.jpg
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS
185-46-149-20.net.gigatrans.ua
Software
nginx /
Resource Hash
c34af7e69b760a9d661140224d7774edd1c0efda1c33e040dc1069d49dd83de2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:17 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 12 Aug 2022 10:22:32 GMT
Server
nginx
ETag
"62f629e8-4cfec"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
Cache-Control
max-age=31622400
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
315372
Expires
Wed, 08 May 2024 18:50:17 GMT
refill
www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1545402/
2 B
591 B
Fetch
General
Full URL
https://www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1545402/refill
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://www.zdg.md/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=UTF-8
Allow
GET
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages, Link
Cache-Control
no-cache
Connection
keep-alive
X-Robots-Tag
noindex
Link
<https://www.zdg.md/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
refill
www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1545405/
2 B
591 B
Fetch
General
Full URL
https://www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1545405/refill
Requested by
Host: www.zdg.md
URL: https://www.zdg.md/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.113.159 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.113.202.116.clients.your-server.de
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://www.zdg.md/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 18:50:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=UTF-8
Allow
GET
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages, Link
Cache-Control
no-cache
Connection
keep-alive
X-Robots-Tag
noindex
Link
<https://www.zdg.md/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305030101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305030101/pubads_impl.js?cb=31074386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26454129b84f89e3e5eaf20029a91374af55c63abb9e22707a969f5bbc8e90ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11202
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305030101/pubads_impl.js?cb=31074386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 May 2023 18:50:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9EC0
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgN_OO9cfDLN6mbTkAroTPSGbIVikbTDbWO5q8cNwvNQy_4B-YL66kIQqv9y8xUkgAudt91aypisAZdofa-KbuEMZmZH_Vh_9ceplUC5i4gfjjEoUC&sig=Cg0ArKJSzJWP13i0vhpiEAE&id=lidar2&mcvt=1013&p=200,200,450,1400&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20230504&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=503692590&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683571815935&rpt=466&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3257
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zdg.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
10688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 15:52:09 GMT
expires
Tue, 07 May 2024 15:52:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4A4F
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
28aae5cbf5d085078584f142ff8a2570d0ee8cee374fd19a487ac0dc104a472e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vw50YMD8qHmfUm1xF2nR3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdg.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Vw50YMD8qHmfUm1xF2nR3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 18:50:17 GMT
expires
Mon, 08 May 2023 18:50:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
logcz.aspx
inv-nets.admixer.net/ Frame 7F58
0
125 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=1EBD4265-0EA9-4FC8-8CD3-7F1A7D61C00D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 08 May 2023 18:50:17 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
x-xss-protection
0
logcz.aspx
inv-nets.admixer.net/ Frame 9EC0
0
125 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=C6237B42-B52F-44E8-B5F5-8BE1C6CC3E49
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 08 May 2023 18:50:17 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
x-xss-protection
0
ev_view.aspx
inv-nets.admixer.net/ Frame 9EC0
43 B
190 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE%2FHE%2F2925533&am-uid=2b6d9aa3e20c4edbb4171a681d73586c&zone=C6237B42-B52F-44E8-B5F5-8BE1C6CC3E49&device=28&rule=817AD580-3F47-4F01-B174-EAC83836EF4A&requestId=006cbdb0-19b1-43dd-8657-d0ba1904d713&hp=1771462998&page=www.zdg.md%2F&ts=638191686150587816&ap=MQ%3D%3D&asign=2063357490&markups=ZG1wZj0wJmRtcHA9dHJ1ZSZjcnRmPTAmY3J0cD10cnVlJmNydGF0cz0wJmFkbWY9MCZhZG1wPXRydWUmdGRmPTAmdGRwPXRydWUmdG90Zj0wJnRvdHA9dHJ1ZQ%3D%3D&hold=1&sync=96%2C3%2C88%2C80%2C98&bt=3&carr=31173+Services+AB&connt=1&devt=2&isapp=0&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=0EF5B541-739D-48EA-A90E-8CD4A3D34314&inst=ADS-EU-5&pxl=0&pvid=b28b70ab-ad04-4938-9e4e-70529f2cfddb&ip=185.213.155.151&item=CF0AEADB-2E1E-400A-B1C8-AC413732181C&crid=CF0AEADB-2E1E-400A-B1C8-AC413732181C&size=1200x250&profile=CFC1621B-B8C9-449C-BFF4-3D8D29425840&isopt=0&adv=N%2FA&dsp=ADMIXER+Moldova&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fmcdonalds.md%2F&schain=1.0%2C1%21admixer.com%2C0ef5b541-739d-48ea-a90e-8cd4a3d34314%2C1%2C%2C%2C&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:17 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
43
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4A4F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305030101&jk=29933734066200&rc=05AMmaAqng5CnXRH7DLOJUd5LMTvgS6sIYyGJ__XmG5v9eBkkheJLc5C4QiKzW14bnAOBTR9ghHZn2bxfELoipt_q1KlU0LhTqffucOfiGIlUEIpzY5MiOiZzMIog0j9471n3GRVdVp-a7vmP4DLMU1HrMqHfIWsEU8Q8XjzxbxsBj04YWtfZB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
pagead2.googlesyndication.com/bg/ Frame 3257
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 06:51:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
43156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14855
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 May 2024 06:51:01 GMT
cntcm.aspx
inv-nets.admixer.net/
61 B
347 B
XHR
General
Full URL
https://inv-nets.admixer.net/cntcm.aspx?ssp=0ef5b541-739d-48ea-a90e-8cd4a3d34314
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adValidationWrapper,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=477640975-
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
4a298bd084162130c489f607d5f10a4668de3e417ebbfc949014aed45408cd15
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zdg.md/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 18:50:18 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www.zdg.md
content-type
application/json
access-control-allow-credentials
true
keep-alive
timeout=25
x-xss-protection
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d7299344-5e94-42f5-a29e-dd1e1089e8f8
43 B
313 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d7299344-5e94-42f5-a29e-dd1e1089e8f8
Protocol
H2
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:18 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
content-type
image/gif
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
43
x-xss-protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d7299344-5e94-42f5-a29e-dd1e1089e8f8
date
Mon, 08 May 2023 18:50:18 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
ibs:dpid=1210625&dpuuid=d40bf87b0c3e44a5aafec12ac9c87d64
dpm.demdex.net/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MmI2ZDlhYTNlMjBjNGVkYmI0MTcxYTY4MWQ3MzU4NmM=&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESECqCf9DimTvqItVjcrQUhIE&google_cver=1
  • https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=d40bf87b0c3e44a5aafec12ac9c87d64
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=d40bf87b0c3e44a5aafec12ac9c87d64
Protocol
HTTP/1.1
Server
52.18.203.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-203-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-0629ebd29.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
s3G30ActQio=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Mon, 08 May 2023 18:50:18 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
location
https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=d40bf87b0c3e44a5aafec12ac9c87d64
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
0
x-xss-protection
0
sync
t.adx.opera.com/
35 B
375 B
Image
General
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=2b6d9aa3e20c4edbb4171a681d73586c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:18 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cm.aspx
inv-nets.admixer.net/gadx/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=MmI2ZDlhYTNlMjBjNGVkYmI0MTcxYTY4MWQ3MzU4NmM=&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEHqjIEY5EpZn5CBFoYgzrYE&google_cver=1
43 B
313 B
Image
General
Full URL
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEHqjIEY5EpZn5CBFoYgzrYE&google_cver=1
Protocol
H2
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:18 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
content-type
image/gif
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
43
x-xss-protection
0

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEHqjIEY5EpZn5CBFoYgzrYE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
323
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pic.gif
pa.tns-ua.com/bug/
56 B
174 B
Image
General
Full URL
https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=2b6d9aa3e20c4edbb4171a681d73586c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 08 May 2023 18:50:18 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
expires
-1
SPug
simage4.pubmatic.com/AdServer/ Frame C71D
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generate_204
tpc.googlesyndication.com/ Frame 3257
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?LvuKnA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305030101&jk=29933734066200&bg=!AgGlAVXNAAYV_mUANf47ADkAdvg8WtaYQE1jDYtJXlmLfS8xhLKbt43o_Bbkb6e-d7kdSIDuQ8FgtHEoNBonHYOyUbmeo7FlQQgCAAABXVIAAAACaAEHmQLPoVaYTYTOub8Q2V-Y4IE9-YRwAFHuB3BeKETEPBuHCaqfnHRHhJez5qpQuWBPdMQAb7o3RiDZhRsZ0iiDYMgs9gypPYOjj6DlL85SJrL9TlBJt28Q0xKwDtr2Ol9zEbCmUueH0XY4sa2D7L4V3Vpa6Zahp8RQufvbbQGLwvw3pJ-4Mk6Uc_AGj4ekHL34f0PytkpRQNAKc4U9Glaj4wDpeZ6kG1awXCp98lN94J8Vf2hvKFO27DLmn4oiDsf2h_JvUwwjvHsap9nH34qZpTstO260aDLGeIhdqYyK9l5Gzu5adw-vM54IKwdWipD37u_GG7RjBfLhB1pDF-z4vNoA1He9tBbe1gEx8QvcZNyx7OZHZNojTI8-yeP0yP2LLXrmqBEVNnlmTi1_4Dc5iI8g6aksZhNAsPEYB-7TgiMNJSbnupcPEs67MNpkEaul7ZrIAdEo80fwrTPNx0uIo2hY7oC5Excd2glEYdkgpX8nFiVWTaHgiPGJU_bDWQLRbJwVIGfubWdFoFg7P6exHLzeQdSS9AK3dqr8rzEsW-RRGeLBpXBWgsw6HUUm7R_B-icsmRjX2Z4gzOuiEhcHBvszAg9SiLBLlvzBaHPKJwoVmU8A5hLBp-LDX4ALtbmJ7BKIcjgZg3GdSL3dxlUEh5sDhjfgGpOqhfLf9xXH0Nvrb_4cprF6gS5PsLK1uOoI6sA-gE88a9WM9hBaO6sJvDwa8p95HV-WBKf93b6MiPMdrUO_PfUBhKyCT20IqdTAIZ6a9DTXbd4y1543rIYthIloyCtuNv3b9s4yy4nZnif6MjXXutzyt56A1pUQ_4OAwVlDrDv_dDfMYs449MedK5MBJIIAkswIsoldl6jxWBYDqRPcNvk9Zd_P2mxf7Ituyd3jqdc8h_ROPybHi1UJ6wPt-zIKRo2SIc5kAIDyn7oZQcBAbPs126jSsBf-sWd3BZU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zdg.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

PugMaster
image6.pubmatic.com/AdServer/ Frame 275C
3 KB
4 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58035906&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
21733f64705f5a67c39c51bd8f797ba5fd3b151b0db90047b7b0e873c9891978

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 08 May 2023 18:50:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 8B8A
35 B
600 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=4A23175A-C353-4DF7-AF47-2D79A4468DF2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 08 May 2023 18:50:19 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 57A1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7230885885915822228&gdpr=0&gdpr_consent=
42 B
298 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7230885885915822228&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 08 May 2023 18:50:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 08 May 2023 18:50:19 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7230885885915822228&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 5AB1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=41f_7JLlUex_MN7O9nw-dbnVm5c&gdpr=0&gdpr_consent=
42 B
296 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=41f_7JLlUex_MN7O9nw-dbnVm5c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 08 May 2023 18:50:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 08 May 2023 18:50:19 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=41f_7JLlUex_MN7O9nw-dbnVm5c&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 5096
85 B
259 B
Document
General
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 08 May 2023 18:50:19 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230056-FRA
x-timer
S1683571819.252850,VS0,VE89
Pug
image2.pubmatic.com/AdServer/ Frame B76A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDX21FN0lzb2tBQUNBRDljcHd4dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC_mE7IsokAACAD9cpwxw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC_mE7IsokAACAD9cpwxw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC_mE7IsokAACAD9cpwxw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4823440533775174280&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC_mE7IsokAACAD9cpwxw&gdpr=0&gdpr_consent=
42 B
199 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC_mE7IsokAACAD9cpwxw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 08 May 2023 18:50:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 08 May 2023 18:50:19 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC_mE7IsokAACAD9cpwxw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame BBF2
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=4A23175A-C353-4DF7-AF47-2D79A4468DF2&gdpr=0&gdpr_consent=
42 B
364 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=4A23175A-C353-4DF7-AF47-2D79A4468DF2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 08 May 2023 18:50:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 08 May 2023 18:50:19 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=4A23175A-C353-4DF7-AF47-2D79A4468DF2&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cm
ipac.ctnsnet.com/int/ Frame FA47
43 B
369 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 08 May 2023 18:50:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 67B0
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 08 May 2023 18:50:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 08 May 2023 18:50:19 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame 9281
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
412 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7c43e33fcc691c0f-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 08 May 2023 18:50:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7c43e33eaa7b1c0f-FRA
content-type
text/html
date
Mon, 08 May 2023 18:50:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
859
bridge
cm.adgrx.com/ Frame F277
43 B
282 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 Secaucus, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 08 May 2023 18:50:19 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-1
cookiesync
core.iprom.net/ Frame 2958
43 B
277 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 08 May 2023 18:50:19 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-df2a754f5e4c@version_1.551
X-core-time
1ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 8504
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b29e7974b06072a2/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhXRnTRTWhaUaTXgX&gdpr=0&gdpr_consent=
42 B
281 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhXRnTRTWhaUaTXgX&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 08 May 2023 18:50:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhXRnTRTWhaUaTXgX&gdpr=0&gdpr_consent=
generic
match.adsrvr.org/track/cmf/ Frame E8E6
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=568617690
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=568617690
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 08 May 2023 18:50:19 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 08 May 2023 18:50:19 GMT
etag
RX67c38fd174b54e698093c9a315b2470f003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=568617690
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
Pug
image2.pubmatic.com/AdServer/ Frame 02E6
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1m5q7yewwtmo
42 B
309 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1m5q7yewwtmo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 08 May 2023 18:50:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Mon, 08 May 2023 18:50:19 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1m5q7yewwtmo
lws
38
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
pub
matching.truffle.bid/sync/ Frame 2119
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.40.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.26.40.90.157.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 08 May 2023 18:50:19 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 9F07
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0EAB688002AE441482F6378DC75D4414&gdpr=0&gdpr_consent=
1 B
72 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0EAB688002AE441482F6378DC75D4414&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 08 May 2023 18:50:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 08 May 2023 18:50:19 GMT
expires
Sun, 07 May 2023 18:50:19 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0EAB688002AE441482F6378DC75D4414&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
csync
sync.adtelligent.com/ Frame FEC1
43 B
473 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=4A23175A-C353-4DF7-AF47-2D79A4468DF2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 08 May 2023 18:50:18 GMT
Etag
59b6637a894ad2dc
Server
Adtelligent
mw
mwzeom.zeotap.com/ Frame 275C
95 B
193 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=4A23175A-C353-4DF7-AF47-2D79A4468DF2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7c43e33e6a6f68fe-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 275C
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4A23175A-C353-4DF7-AF47-2D79A4468DF2&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4A23175A-C353-4DF7-AF47-2D79A4468DF2&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4A23175A-C353-4DF7-AF47-2D79A4468DF2&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:29 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:28 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=4A23175A-C353-4DF7-AF47-2D79A4468DF2&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 275C
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4A23175A-C353-4DF7-AF47-2D79A4468DF2&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 08 May 2023 18:50:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 275C
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 08 May 2023 18:50:18 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 275C
0
103 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4A23175A-C353-4DF7-AF47-2D79A4468DF2&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 18:50:19 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 275C
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3217243785272500728
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3217243785272500728
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 08 May 2023 18:50:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 08 May 2023 18:50:19 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.151; 185.213.155.151; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
507bc101-2567-4e2a-a803-0771ee58991f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3217243785272500728
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 275C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8601431973187001550&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8601431973187001550&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 08 May 2023 18:50:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8601431973187001550&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 08 May 2023 18:50:18 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 275C
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b39eb4bb-0c87-4f81-940f-5eb64c4fdd9c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b39eb4bb-0c87-4f81-940f-5eb64c4fdd9c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 08 May 2023 18:50:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b39eb4bb-0c87-4f81-940f-5eb64c4fdd9c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 08 May 2023 18:50:20 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
SPug
simage4.pubmatic.com/AdServer/ Frame 275C
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:50:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 boolean| credentialless function| $ function| jQuery object| pbjs function| gtag object| dataLayer object| _wpemojiSettings function| Waypoint object| lvca_settings function| LVCA_Tabs function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| imagesLoaded object| device number| xClientWidth number| xClientHeight function| is_touch_device function| addClass function| removeClass function| unsetClass function| setClassRadio function| setClassCheckbox function| getCollection function| getElement function| setCookie function| getCookie function| isElement function| removeFromArray function| addToArray function| removeFromArrayBool function| addToArrayBool object| lvca_fs string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| gemius_init function| pp_gemius_hit function| pp_gemius_event function| pp_gemius_init string| url object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| ajaxprops object| swv object| wpcf7 function| Swiper object| xMediaInstance function| onScrollXMedia function| saveTimecode function| getXMedia function| setVideoView function| openXMedia function| addPostToSession function| postInSessionStorage function| initCustomValidation function| initBlogFilters object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7_recaptcha object| currentActive function| xModal function| noScroll function| checkHash function| initButtons function| initCustomTriggers function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| MobileDetect function| ai_run_713325880021 boolean| ai_js_code object| FB object| globalAmlAds object| twemoji object| wp object| scriptUrl object| ttPolicy object| YT object| YTConfig boolean| yt_embedsEnableHouseBrandAndYtCoexistence function| onYTReady object| gemius_init_pageview object| gemius_cmpclient object| gemius_cookie function| GemiusHitcolConnector object| gemius_hcconn function| gemius_close number| pp_gemius_cnt object| admixerJSONP function| HELPER object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad string| section_id function| ai_document_write string| selector_string function| lvca_animate_widgets function| ai_process_lists object| googletag object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ string| key object| __buffer object| pbjsChunk object| _pbjsGlobals object| recaptcha object| closure_lm_617418 object| hb_dmx_res object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing function| html2canvas function| _open object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

147 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AMmaAql6ApWbpv5mFozhQQWHvOeA3eY_JdcDY8gV-RABHCKNFGQWnMNjZrBqWASWjY0kKAUTOFZl8P_LZR1xHjw
.admixer.net/gadx Name: am-uid
Value: d40bf87b0c3e44a5aafec12ac9c87d64
.admixer.net/bs Name: am-uid
Value: d40bf87b0c3e44a5aafec12ac9c87d64
.zdg.md/ Name: _ga_VF704GSXJL
Value: GS1.1.1683571813.1.0.1683571813.60.0.0
.zdg.md/ Name: _ga
Value: GA1.1.121543173.1683571814
.youtube.com/ Name: YSC
Value: cR6jufBPaqs
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: itJo9Ug4XH0
www.zdg.md/ Name:
Value: store.test
.zdg.md/ Name: __gfp_64b
Value: XuTLsnI92z8.kmf3QL36Ez1OGOP_iZX.rJKHQDWju.j.g7|1683571814
.hit.gemius.pl/ Name: Gtest
Value: Klx7dMXGQMGG7n2XcxSxHG9UssGMXP8c25nSGVisJkDWXBG.
www.zdg.md/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.www.zdg.md/ Name: am-uid-f
Value: d40bf87b-0c3e-44a5-aafe-c12ac9c87d64
.hit.gemius.pl/ Name: Gdyn
Value: KlGVjRXGQMGG7n2XcxSxHG9UssGMXP8c25nSGVisJkDWFRxSG7RrGS6GusXtFlM1YH8PlexaG0F6Sssa
.admixer.net/ Name: am-uid
Value: d40bf87b0c3e44a5aafec12ac9c87d64
www.zdg.md/ Name: am-uid
Value: d40bf87b0c3e44a5aafec12ac9c87d64
.bidswitch.net/ Name: tuuid
Value: 432e52bd-9af3-402a-ac41-e79ba1fd5ecd
.bidswitch.net/ Name: c
Value: 1683571815
.bidswitch.net/ Name: tuuid_lu
Value: 1683571815
.adnxs.com/ Name: uuid2
Value: 3217243785272500728
ads.us.e-planning.net/ Name: CT
Value: 1
a4p.adpartner.pro/ Name: apuid
Value: d7299344-5e94-42f5-a29e-dd1e1089e8f8
.e-planning.net/ Name: E
Value: AG5Zi/0rPfjMWgtL
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4A23175A-C353-4DF7-AF47-2D79A4468DF2
.yahoo.com/ Name: A3
Value: d=AQABBGdEWWQCEFtjCnmj8WmcJEELOkbi90kFEgEBAQGVWmRjZOANyiMA_eMAAA&S=AQAAAoMByW1Bz6TzzDDHKitHRJ8
.zeotap.com/ Name: zc
Value: 095ec730-18a7-4866-5817-b324012859e3
.creative-serving.com/ Name: tuuid
Value: 392a51ab-89bd-4ac2-a891-94089d152443
.creative-serving.com/ Name: c
Value: 1683571815
.creative-serving.com/ Name: tuuid_lu
Value: 1683571815
.doubleclick.net/ Name: IDE
Value: AHWqTUkO50bP-NpGzqYDak6hTqbtEoAV7H8N4x3aB_fxpIH7IrAdTi9-MIEVX_MwqOc
.casalemedia.com/ Name: CMID
Value: ZFlEZ2Frf3xX03SB9gveRQAA
.casalemedia.com/ Name: CMPS
Value: 5266
.casalemedia.com/ Name: CMPRO
Value: 5266
.lemmatechnologies.com/ Name: uid
Value: 2ba202f4-edd1-11ed-aaf0-801844df0ab8
.openx.net/ Name: i
Value: e9750b3f-8cf8-4de1-97eb-f5b5dbe72e17|1683571815
.admanmedia.com/ Name: admtr
Value: ef16746a-9397-4b9f-bb38-630288a9e730
.exchange.buzzoola.com/ Name: uuid
Value: 86db2073-625e-4f36-7835-16ee2cc1dbec
.tapad.com/ Name: TapAd_TS
Value: 1683571815580
.tapad.com/ Name: TapAd_DID
Value: 52264a5b-0b6b-4089-872b-2c197665a71c
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 1c6e0ce8-690e-5280-a564-702ac13d344d
.betweendigital.com/ Name: ss
Value: 1
.creativecdn.com/ Name: u
Value: 2XvdzIj4e16FW0Qi95CM
.creativecdn.com/ Name: ts
Value: 1683571815
.adfarm1.adition.com/ Name: UserID1
Value: 7230885885915822228
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-034b312a-a255-3ff8-8fc1-095d1d96bb53
.adtelligent.com/ Name: vmuid
Value: 59b6637a894ad2dc
pa.tns-ua.com/ Name: uid
Value: ZAF2257B1E114B978246CC3CF66D0189
.weborama.fr/ Name: AFFICHE_W
Value: rW7KxkwfB-mt52
.demdex.net/ Name: demdex
Value: 21561468846829246770041620616303267328
.adtelligent.com/ Name: a733849
Value: 3217243785272500728
.betweendigital.com/ Name: ut
Value: ZFlEZwAKkwg33RacJU5SETyADqEwJbuQtmyuDw==
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adtelligent.com/ Name: a307558
Value: d7299344-5e94-42f5-a29e-dd1e1089e8f8
.agkn.com/ Name: ab
Value: 0001%3AVkx0vT76tw66YHxnyozrFEWIXV2mZu%2Be
.w55c.net/ Name: wfivefivec
Value: MIKJBKvg1PW5W75
.adtelligent.com/ Name: a584890
Value: 3217243785272500728
.adtelligent.com/ Name: a297253
Value: 3217243785272500728
.zeotap.com/ Name: zsc
Value: %E1%8D%BD%FF%8F%0Aj%5B%7C%16%E8%C8%C7%25%2A%D8%22F%07%C5M%1D%15%7B%06%BF%C5E%3B%B7%93X%C9f%90l%D5%E0%40%DB.%C9%86%B9-%8F%05%A6%E5%3DY%AD%D30%87%B4DW%19%C3%3E%18%D0%17%FE%C4%9E%C8%1D%21%CE%F4%A06%FC%9FYu%CD%DCqYI%A0%8B%F9%5E%28%9E%F12P%DB%A9%BC%FBO%B2%C7_%B6%05%98%A2%29%3B%CD5w%DA%A7%A6%A4OL%29k%AF%C4%02~%FE%5De%10%96%BBP%E1%BF%F4%12%9C%D7%A4s%A3t2%85%05%DD%F2%B5%CA%1C%F5%3B%C6%E1%99Ywh%AD%1E%AD%5EM_%FD5%F7%08%DD%EE%2F%020
.dpm.demdex.net/ Name: dpm
Value: 21561468846829246770041620616303267328
.adx.opera.com/ Name: UID
Value: OPU99dbdada4d5e4302b995a518ed55ef92
.tidaltv.com/ Name: tidal_ttid
Value: 2fda0bef-2ad2-4275-a16f-1534e559d0be
.console.adtarget.com.tr/ Name: vmuid
Value: f0f7e4979dd931bf
ads.avct.cloud/ Name: uuid
Value: 9d7680a8-f3a4-4404-a3ab-916958d49f9c
.adtelligent.com/ Name: a309255
Value: 0307bba9-9ce0-41ff-a6b1-fd483e9bdf67
.richaudience.com/ Name: avcid-zeo-uid
Value: 095ec730-18a7-4866-5817-b324012859e3
.zdg.md/ Name: __gads
Value: ID=7264a21701d9d1c2:T=1683571815:S=ALNI_Mai33icoPqUlnhJCzugKroW8CysqA
.zdg.md/ Name: __gpi
Value: UID=00000c12f4df1c26:T=1683571815:RT=1683571815:S=ALNI_MYf9Nzw1wd9Uw5TIam6ncTt0Nqzmw
.krxd.net/ Name: _kuid_
Value: Piulhtfw
.console.adtarget.com.tr/ Name: a307080
Value: 2XvdzIj4e16FW0Qi95CM
.w55c.net/ Name: matchcasale
Value: 5
.turn.com/ Name: uid
Value: 8601431973187001550
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEGiTavn5Pn5Bd3gjwOj0l88&KRTB&22987-CAESEGiTavn5Pn5Bd3gjwOj0l88&KRTB&23025-CAESEGiTavn5Pn5Bd3gjwOj0l88&KRTB&23386-CAESEGiTavn5Pn5Bd3gjwOj0l88
.adtelligent.com/ Name: a318342
Value: f0f7e4979dd931bf
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjE3szK0MAIAyhVE2gkAAAA="
.mathtag.com/ Name: uuid
Value: 1fee6459-4467-4100-9d77-92ef4e685530
.adtelligent.com/ Name: p440467
Value: d40bf87b0c3e44a5aafec12ac9c87d64
.fwmrm.net/ Name: _uid
Value: "e5d2d_7230885885893353329"
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZFlEaAAIkObdUwBL
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e357ffec-92e5-51ec-7f30-decef67c3e75.Acq%2FL8Kjvtcc5X5JZi7nIfmIDsA5yDDJGqPAW5iGXSQ
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A41f_7JLlUex_MN7O9nw-dbnVm5c.QB%2BJNgxRGInnaXHEcIbAg6ulEwDEqRnBkMWZof%2Fd%2FhQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A41f_7JLlUex_MN7O9nw-dbnVm5c.QB%2BJNgxRGInnaXHEcIbAg6ulEwDEqRnBkMWZof%2Fd%2FhQ
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjc3NzUwMDOxNBfiM9Q1DzEvSE6JDMkrDokHAHYA93QlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjc3NzUwMDOxNBfiM9Q1DzEvSE6JDMkrDokHAHYA93QlAAAA
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5107433827775006497
.brand-display.com/ Name: _knxq_
Value: fed51c70-fe27-24a2-40186744.1683571816.0.1683571816.1683571816
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EJABCwH4KPijAA
.quantserve.com/ Name: mc
Value: 64594468-4c2f5-63813-78e66
.analytics.yahoo.com/ Name: IDSYNC
Value: "1985~2bj6:19ah~2bj6:18z8~2bj6"
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-8GH6SvJh-UvrYaxBoGDiRfVt_kDrYvcW8GNbrsQs&KRTB&19420-8GH6SvJh-UvrYaxBoGDiRfVt_kDrYvcW8GNbrsQs&KRTB&22979-8GH6SvJh-UvrYaxBoGDiRfVt_kDrYvcW8GNbrsQs&KRTB&23462-8GH6SvJh-UvrYaxBoGDiRfVt_kDrYvcW8GNbrsQs
.simpli.fi/ Name: suid
Value: 0EAB688002AE441482F6378DC75D4414
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-67c38fd1-74b5-4e69-8093-c9a315b2470f-003%22%7D
.adtelligent.com/ Name: a307971
Value: AG5Zi/0rPfjMWgtL
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3217243785272500728&KRTB&23339-3217243785272500728
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:1fee6459-4467-4100-9d77-92ef4e685530&KRTB&16736-uid:1fee6459-4467-4100-9d77-92ef4e685530&KRTB&23019-uid:1fee6459-4467-4100-9d77-92ef4e685530&KRTB&23114-uid:1fee6459-4467-4100-9d77-92ef4e685530
.adtelligent.com/ Name: a558003
Value: 4A23175A-C353-4DF7-AF47-2D79A4468DF2
.de17a.com/ Name: guid
Value: 1.1958579384616712276
.amazon-adsystem.com/ Name: ad-id
Value: AwJ8G0ZiDUm1nekcdU4Db4k
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adform.net/ Name: uid
Value: 6388974307984886280
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1958579384616712276
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFsam5oYWhmZG78C4VvbLGKBYlvYmoEANbfEPQwAAAA
.adtelligent.com/ Name: a541630
Value: RX-67c38fd1-74b5-4e69-8093-c9a315b2470f-003
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6388974307984886280&KRTB&23263-6388974307984886280&KRTB&23481-6388974307984886280
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-432e52bd-9af3-402a-ac41-e79ba1fd5ecd
.nrich.ai/ Name: _nauid
Value: 5df69079-3043-49ee-b24e-05773a1f9419
.audrte.com/ Name: arcki2
Value: f7lgjcPYGz5Tey2py22fj0FDA!20220908!1683571816651!ip#185.213.155.151
.audrte.com/ Name: arcki2_pubmatic
Value: 4A23175A-C353-4DF7-AF47-2D79A4468DF2!20220908!1683571816655
.audrte.com/ Name: arcki2_ddp2
Value: f7lgjcPYGz5Tey2py22fj0FDA!20220908!1683571816842
.audrte.com/ Name: arcki2_adform
Value: 6388974307984886280!20220908!1683571816996
.admixer.co.kr/ Name: __auid
Value: 475101c3bf4797b1da737c7b4bb86839
.admixer.co.kr/ Name: __puid_103
Value: d40bf87b0c3e44a5aafec12ac9c87d64
.admixer.co.kr/ Name: __id_utm
Value: 20230509
.admixer.co.kr/ Name: __id_inf_103
Value: 0_d40bf87b0c3e44a5aafec12ac9c87d64
www.zdg.md/ Name: admixerId
Value: d40bf87b0c3e44a5aafec12ac9c87d64
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 10
.pubmatic.com/ Name: pi
Value: 156813:4
.pubmatic.com/ Name: DPSync3
Value: 1684713600%3A219_197_241_235_201_245_227_226
.pubmatic.com/ Name: SyncRTB3
Value: 1688688000%3A69%7C1686096000%3A203%7C1684800000%3A35%7C1684713600%3A233_99_13_71_21_249_3_54_214_88_161_55_22_166_234_176_7_56_238_254_243_8_81_46_204_165_251_220%7C1684108800%3A223_2_15%7C1684368000%3A63
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7230885885915822228&KRTB&23369-7230885885915822228
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-67c38fd1-74b5-4e69-8093-c9a315b2470f-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%221508%22%7D
.ctnsnet.com/ Name: cid_11e8ea9f1a274368927b2d53fd4ddda5
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8601431973187001550&KRTB&23150-8601431973187001550
.csync.loopme.me/ Name: viewer_token
Value: 5ed581bc-968a-41c1-8cb0-2b35276cfce4
ads.playground.xyz/ Name: connect.sid
Value: s%3Aw7-KzenGMXGZHzDiOpFSZDcLxh3HUf7I.pB%2BwthFlzlZ4tS8PEUiaZiQn28ipMUu6zJflfispFyU
.adtelligent.com/ Name: a281178
Value: 4A23175A-C353-4DF7-AF47-2D79A4468DF2
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-41f_7JLlUex_MN7O9nw-dbnVm5c&KRTB&23334-41f_7JLlUex_MN7O9nw-dbnVm5c&KRTB&23417-41f_7JLlUex_MN7O9nw-dbnVm5c&KRTB&23426-41f_7JLlUex_MN7O9nw-dbnVm5c
.semasio.net/ Name: SEUNCY
Value: 3B948D061E83B03A
.bidr.io/ Name: bito
Value: AAC_mE7IsokAACAD9cpwxw
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-4A23175A-C353-4DF7-AF47-2D79A4468DF2&KRTB&23413-4A23175A-C353-4DF7-AF47-2D79A4468DF2&KRTB&23479-4A23175A-C353-4DF7-AF47-2D79A4468DF2
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: cookie
Value: 52bb8f3b274817b7
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-woK5xk2lhXRnTRTWhaUaTXgX
.tribalfusion.com/ Name: ANON_ID
Value: aAnseFqO2c8U2OqnvebD97lFfI4Ca3dZaiZb5bQuycmgvoqHSCBuM1gf1faLwPdD7H53LfJbSZd0X05nVBCNvGH
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f07f9aea2170a246
.gammaplatform.com/ Name: _aGeoIp
Value: ID|Jadirejo
.gammaplatform.com/ Name: _aUID
Value: 1m5q7yewwtmo
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1m5q7yewwtmo&KRTB&23446-1m5q7yewwtmo&KRTB&23465-1m5q7yewwtmo
.smartadserver.com/ Name: pid
Value: 4823440533775174280
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAC_mE7IsokAACAD9cpwxw
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAC_mE7IsokAACAD9cpwxw
.pubmatic.com/ Name: PugT
Value: 1683571819
.adsby.bidtheatre.com/ Name: __kuid
Value: b39eb4bb-0c87-4f81-940f-5eb64c4fdd9c.452785820
.pubmatic.com/ Name: SPugT
Value: 1683571820

6 Console Messages

Source Level URL
Text
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=095ec730-18a7-4866-5817-b324012859e3&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=095ec730-18a7-4866-5817-b324012859e3&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=095ec730-18a7-4866-5817-b324012859e3&reqId=02bdfe0a-a888-4f16-6b3b-932ca964434f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4A23175A-C353-4DF7-AF47-2D79A4468DF2&gdpr=-1&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://pr-bh.ybp.yahoo.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

86a9c597c660c80aec232756ee38fa18.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ap.lijit.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bn01.er.bemail.it
c1.adform.net
casale-match.dotomi.com
cdn.admixer.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
code.jquery.com
connect.facebook.net
content.admixer.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs.mobfox.com
cs.yellowblue.io
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
gamd.hit.gemius.pl
green.erne.co
i.e-planning.net
ib.adnxs.com
ic.tynt.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
loadeu.exelator.com
ls.hit.gemius.pl
m.trafmag.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pa.tns-ua.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-inv-eu.admixer.net
pubmatic-match.dotomi.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.admanmedia.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.lemmatechnologies.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
test.zdg.md
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams03.e-planning.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
www.zdg.md
x.bidswitch.net
116.202.113.159
128.140.224.226
138.201.8.249
141.226.228.48
141.94.171.212
141.94.242.204
146.0.227.109
146.0.227.110
146.59.30.104
151.1.205.165
151.101.2.49
157.90.40.26
164.92.213.94
172.217.16.194
173.231.180.197
176.9.79.218
178.250.7.11
18.202.160.70
183.110.238.136
185.15.245.83
185.184.8.90
185.239.172.77
185.29.132.241
185.46.149.20
185.64.189.110
185.64.189.115
185.64.190.80
185.80.39.216
185.86.138.151
185.89.210.141
185.89.210.46
188.42.196.115
193.0.160.130
193.200.65.6
193.3.178.2
193.3.178.3
193.3.178.4
194.247.175.26
195.5.165.20
198.148.27.139
198.47.127.18
198.47.127.20
199.115.119.227
2.18.233.201
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3b
2001:678:cb4:bbbb::11
205.234.175.175
212.82.100.182
213.155.156.168
213.19.147.45
23.2.229.193
23.35.236.201
23.37.42.132
2600:1f18:6593:f600:d00c:d52c:5371:efa
2606:4700:10::ac43:db6
2606:4700::6811:190e
2606:4700::6812:19ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:800::2003
2a00:1450:4001:803::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::9b
2a02:6ea0:c700::10
2a02:fa8:8806:12::1400
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a03:90c0:41:2801::62
2a04:4e42:200::300
2a04:4e42:200::485
2a05:d018:24:b002:6b5a:e77e:8510:76db
2a05:d018:d29:3602:f7ac:e0cd:cc15:97d3
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0
2a0c:5c81:5160:0:225:90ff:fefb:6c3
3.121.104.116
3.127.82.251
3.216.245.41
3.33.220.150
3.64.198.28
3.71.149.231
34.102.163.6
34.102.253.54
34.111.113.62
34.111.129.221
34.111.131.239
34.111.151.213
34.160.236.64
34.192.88.152
34.204.254.129
34.237.236.228
34.254.125.132
34.95.81.168
35.157.238.50
35.186.193.173
35.204.74.118
35.214.153.92
35.227.252.103
37.157.2.234
37.157.5.132
46.51.163.206
50.16.198.19
51.222.80.231
51.68.39.188
51.89.9.254
52.18.203.230
52.220.229.2
52.223.22.214
52.46.143.56
52.94.223.37
54.229.164.197
54.38.197.123
54.76.40.199
54.78.254.47
63.251.14.3
63.33.146.223
67.202.105.33
69.173.144.139
69.173.144.165
69.192.160.219
77.243.51.121
8.2.108.175
8.2.110.206
8.2.110.24
82.145.213.8
85.114.159.93
98.98.134.241
98.98.134.243
002f377f8a46b52a5b4a02d2bd05a8de957155be307d996d6841ea91db76e991
014da682c3828147627a37418524caa7138cb272502f3d062aac250d81a9778d
07a64b2d0945dc1a9e7bce4f40d6b44df30cecc0126f14c8db797fc53b0799fc
07c6733fdbc08bb75f154508d9414199f89121ff4f7b1347699b338fb01fa81b
08896d84ceb7b5f0433cf512e2f97c17f1d0d75387260571abf0554175aaee18
0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fb61fccb8e5484eb46e97fe46e91bb8cb005153771d4c8ff6fc5e54ede40fbc
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
114745cd22806c2623d265d7a1004684d1d45bb526145ebc9109b048e7d6c16a
129ee04d9c83b97268f3ec989542d4d56779190fd89fdcd7296de0fa89e1f835
14b7bb64895f4ee70e589a90c97ba996df6697f4cd0f920c13d8241a45814450
1528ab0611d824b42ab64340f411418ac431fba0e882b39116b2ac3fcbf6306a
1818ed7a7d939d1927411c619e45a09589c5aa97078c63c49f7f172a6a390351
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b4bc9672388e6463614e3063c4709fddaceb42119d3edf0bc4b09f66c51b4a4
1b6cff2596ee3ff38f3812b20feadfdf98ba41529e87472ccf47eb33f5712e37
1b74a7f8f16e92d16ca1495855bae9b94ca97cb630ed34601761644ef396654b
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1d2f45d1f4acf5b138f74f227bc04ab2e9f695e0f725d6a88580a83a67154a7a
1f21f36b76aa068bb644f2ede985d8261ba98a13404ab9d82d6b91513bebd5c9
21733f64705f5a67c39c51bd8f797ba5fd3b151b0db90047b7b0e873c9891978
24869e210e16d95c03ed20ba2b18a87a1806cd21aa0f6743f8d55c162473b99b
260c5188c2d3c717a7c9206edaf4bce47be52c83c56e9c433f24a1163c0a7347
26454129b84f89e3e5eaf20029a91374af55c63abb9e22707a969f5bbc8e90ac
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
27fc765db7aa744154046374d0de6f76f19cba5203ef8f29ddfd8ca3d5d2b4aa
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28aae5cbf5d085078584f142ff8a2570d0ee8cee374fd19a487ac0dc104a472e
29f4f38c24dd16596d2b03d675ba3088ec7b572ac8351639d0473841be56c480
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b4a759f3ff8a902f8eeba09c7f9830fb024d6576aacdb21f28cc36138d0413e
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2db76689df8dd5895ab412d706b91a61531850ce1ad9f896cbc32cf65681c4e9
2dd6ba8252378cc6312013c1ef50ce3733cc687ea737792d45b32e272f0892a8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e4766ec35769898771c6cd838c1011b4a70045dda2593d5e1f9cb35f802c459
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f88285e8afba05464ad6b574f4c448c72b6ff7fb1116fa7fe5625470d11a231
30e347b078cb7b4e0cf753b8c0062dfb5e59350103dd4547ca227c110a78439b
33d8a70aa02aff2385ec1084f69fee735ad3d03ba61b0e85d9cbf3e488a83ff8
35a9966ec46721ba779895a9ef1c19b986bad3b9c6f3c3deeeacb672c5408663
3612d91cbbf38d15e62287c73d2721aab06fd4e252c80295937c518365c0d7c2
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37907499427690e10564b037dbc0e20be9d2f9579aa18807cf42a933131d2964
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4426e6fe774914eef207d17f9a2da4a19da78fde769c1604594fac7853224623
44791bb534bb7dd59ffec90b422b8ab133844d01505cb3c000a5c18478a69a6f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469fb68990fbf789a656c2c088e789af860a85f838b3e991c10c035bad3c84ad
4857e80ef85f559c72997c8345b5343fec84c018a9f7f79dccb98f37b045c1ef
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a298bd084162130c489f607d5f10a4668de3e417ebbfc949014aed45408cd15
4b12646ccf9b9747ad8592ea533b01c91b620c3af3219e0dd52bf52eaeab6c5f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d103aa6459418648cbe913c21965506dec88b052033c15ece5c5800e39f7e34
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50014414790b8764f75d5674fb9b389737857fb250433c51d643f53edb7b1667
501ae5674d2ef4ae09bbfbef83ecfdc4a5b30fb73bea724de708c466a953ee93
51b92baed544da51ed74076ee2a3b3e8a4fb231ddf6647195723ef16fa430291
51cf67fc850ed6afab748b7278ba8c635fc98fa6df95b8c40d718cfed5811eb8
51fc350bb83c998a124f1bb756b38cc218912b1f2952e6f1c755c1a13da69f04
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
547a2c05a1b8744633148a704ddba5adac238c5cbaf05bbd25606827a372b019
55185875b43d51597caff07cc34f08ec602cebc002ec1e1a93a87e22eee9a7b1
557f333cabc948b6418d229a3a3b3b683dbfa3fffbc7489a0d9f5e18fe5b4a6d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5609ac5348c90e59af40483995da8aa7524e81e97dcb308190fe9d2cbadc361d
56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f
572b452dcbd39b6f05f30b69b9595c72f47f373e99d332991ad5d8a69a624181
5808b8caa4d8150083718ac75deecda3411ada93cd6bd2a124228414b1524978
591a0e33b41b37a43e031e5c8256b85637f242fb400ac48502b104779f4cf769
5921a3ec0ccd5ba7bf47ebb34ade5df71bec24ec1f29aa95a6a2883b01d4ec87
5be0f953f3c55d60a00f328659c98d176a4e8cf98d7b76d791a8debff3e686be
5c2d8ab3bf59bb7fa8af999c2fc20352a8f67b158947d1d0c24f01b84138e06f
5eaa777d50e50970d3d800e5104e8a321c731ed15192acf6ae1aa2564873e4d5
5f4c8e76510fcde1fcc1c76ed8894b0afbb06718c75591dbb11d3b733252b5b3
608a6c84fa003c4969ca8bef6201ec456214153a775f776de329c35b02b2e278
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
62a41df1efd64d4a3f5efc1c6da7e03d3907a65842088e4b428317545758ae21
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81
6344c20f5e2a231f73e2f211e982630c32ea054347f57d2de05a175ea856837d
64459b243de195b34275fcbd4e39d2e829c45cb4c6900b263188f90bf7ad95f8
648419985094669beb64703883855775f71780316c60152d43e51b68579a765c
649e00f8e28807c880cfd453a35bcff959cc2af318a6eb0e027403b3bc7c7ead
66cb1c386cfa086d79521d8b504ee10c060e8e3f40b6d002ff446b820f3dc683
67948cb0b5d29fb698f3f22e80e589d58196356b3b9a46d96dafe06d45bb618f
67c45b1b00da9e94f1782e355b442fbace5704204c479c6981fbbf5352967aaf
681630720bf4d6375a2a4c5b4ba8644585c3eca0e50f4070e020fc09727fbf89
6889a7789d4db6452dd58c9f2b0ae003221eae0cfe30e2402d0d941f7f371fe8
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b82b6e4b6dc9fa4b0443b33c26555dc0a840d6252126f231784fa55b3d33039
6b88d240426bc1b11ffcebbb525fda3328be86b27a1203ab0fd90e68e70c0106
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
73a671ba12450ca862f444c31a3bfce93f7ad5bdb076c09a90b35399117dd74f
73aa09e0dd125310cab339c0585c05fb408f8e006de81f788ee9950d341b56d8
744daedbd5fbcbb559030f2b8c7224ba73d2311516674356467ad5295d534926
750e425d1ed8149c86ac8d24fe060bd42d1716e0d42c76d98f665de18611c5ac
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e
78d3f02baf3666fff07a98fa178a3709d5a3e56010f7d0fbb17588e44598f552
7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe
7d28203037ba98815f408afb19842b365f6b5581d62405f6423f34ecf6328d6b
7d3052ab69aded5886cf9ad0b619b114d502e90c99dd9fd43813d1cf88b01d55
7eeb6e9ced65d13b48b222a3892b2f1d3e0d82aa4acd96ba3ccfffbdece88fc1
817e3218da9097043b447ce0dd5ce5244adfa92e829ca6df7b087239e1dfcb40
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8366397205cd2606d492b54da977d3128a3361224b859ba087a9c2703d5b3797
83926b94c8dd33e2a6ca74c0b29e6a0e021f3ce43f67312d743661f99e1d213c
83c67a00a5f701b1ecca2737a0fc146008b00ab081b493fce880168e6051fc9f
8783ca8d10e15789debd2ae1369dabd59e693e87d1d760e2206e302ebb61813c
88db21b1aebcbf50d44112efef078b9cae6cafc5f41f5e771925663fc4040c94
89f1d2c253ffaafa11cc379beefec1524534f8e2b359fc31f0c1efd7f4a7d075
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db86a97795bf645df655d98cd233e362fc3d45aae73d562e20c57001058f916
8f09946ceb03b4c975f1c3c826091a2f869283afcdd22ce6d2540b09a5b253b5
8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b
912380fa9b7e957ea86a12807c2d78c202a919bc1cb766a1a7903a56bd983fb4
9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50
93affa24657d95188b95b212b55251116e1e517256a827455288b196b89b159f
9416c533085a5d57deaa9f07f222b7cdcb500b79b24a2e925054f82e6e00ad14
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96f4f204640a5c532b02f32b2bdeb750030cca78b000f08c4899fb227f0391ff
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
987d51f826628d695844532a5945d243194b40f15adabb6f1a54f0e430614040
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bafef9c308297d72be74854119c74881d53b05c7bdb0970280be704cc853da3
9c1a525a97fa2c3e0a76708f01cb6c15c136ee79843f7fd3dd0e30eee17d1667
9cf29cebf607fff8cce66b1b38ae097bd4574dff76124814c7ef7cba72cf4c6e
9e060a09c262fb79a5412dfafa0e520e51a4cbb98826e751975103fc8f406439
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5005b6d981acbae1e0f3637d76927718785fcf90989c45b9e329b6568b880be
a6f0d6bb0969d0c9538b9653cf1a5161eebbd38c88275751e5c11ded53afe1ab
a73336a20ee6c7b88e1e2bc4aa9460e88e66b7bb1bb222c36ba1c920551badb9
a97b293c9a64eaf10d24bf86094f6f040419ab3e7817280778f706476000ec1f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa21422a62e4c690ad32f8de653e1fae1bef802167286c9867edccacd4986323
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
ac1f323852a36632f8dfe30353a701c696c19790d925f66a030a9ddd275eb7c1
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad10a96d76d0545db3cd7ef7c37e917d5ee9f8bc9807a4bc59faa8e527f72a1b
af6be6f00e496dc8f938e889ad87ed5cc38cfaaa2d63009c25fdf21c32871262
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
aff01a147aeccc9b70a5efad1f2362fd709f3316296ec460d94aa7d31decdb37
b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49
b0e35a661e377c448b9d91520c0cac9444fad4df84a7df449dea1fbcf44a1824
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39f9fb6e1ee8a7cee562dbfc27619c4c4714fbca8e7608f2ba9ebe221d0c025
b5e75a6b6761afacf1cd0fa8c0063321b61434773ac5275c7fa7ec666d8d5c3c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
be0e4d2b5e8dc2fd5beb31d4412b0cf555b506edd292799b87751c2f42248534
be8b56c99bfb21f390e96edeee0e1b7f7b5ec2d6e4d6806357499e47a38f7101
be91b2c45166948c87ee5e2bc8b385f9c3ced701f8063c93f10e01c708325020
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c26325bba202e8f204697dece87c8d5f262af036432ad4fb590ed0e730b6ee4c
c34af7e69b760a9d661140224d7774edd1c0efda1c33e040dc1069d49dd83de2
c7de31c3e9dbcabe2c5b749c4a76992e7efa43548d334ad2e41a7d42a6c4eaa2
c7f60558c3dabc921766aad1a2a676c9ae7e1fbb6cc7cdf73e6fe6ec322aa250
c919fdf1d93278991898c7128dfcbb3cdb60b3b21be2be64a8184876a54dccf1
ca33270a635aba34b1547db7afcb468d90fc82595c2aabc410b475fba002197d
cdbbfe7a85a8a1687d9a534f5e2282e0ec5322819fab9188d3f01c3af219035a
cddb2a9bfb75c239a3211f0eab2c2700fde08b01883bc9f0ca9eb193e4f04326
cdf8299abbf852dae186ae80bb55a8b935d45ea1ff7bd2cc5f530ead2f1ccd74
cf16d25e86998a4b0ed9403042e00e4f6ffe22f4a19f3026d0a1d62ed1e8cc77
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1ddf9e049f2325e90388163635bc1484274d24a392fcdcae612505b9bdc7136
d3125eb18f64012fd6e848747eeaf3458461b95f5214770c395ef2576aa1a845
d312ec2492a619a8b8a16adbb36f978e82a2174d694b77fc631b81a99a3d9ae4
d31bb41865276ce260cf80318a6f6aca2ac64dc3428c3e041d7ce5aeac5014e1
d69f6d1ad0eba1dbcc6f1088550b5ef8271b3ead03d07265e1c2fbccf2a294b9
d9393bb4c0dea79c72c7e3b5cf9c4cdd72f9192679865acfff444bfba6382ac6
d9fbd32212b5e1d8c88a8fa8215367e8f9c5679417529f9debfc3546834231bc
dad6471bfd04bc464236ad9ebb840dcb97d584bd3f4d967ad19df2f5953351ba
dc330d5fe79a8f19e6820aaa755970aed96d63f7aae6be5c86361c8a16599585
dc33a5a47341f8807d97047dc96da18cac894dfface6b07c23ea125c1cd1b853
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dfac4def80a6d387abaa606632b724e22a4e1dc4131411a77eecee0265ef3a12
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e11a5ac72bea720c89def194185cc6dd5a671c11bf786e4942b581118b29cdc2
e22ec907efd7c7aaaf4057045a193f381f60b288db0f6df2e90243ca895c6d59
e37a88c89a786ff343da9871e20b4d4857ead64079b38243e6a7386b37438a95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d43985e0583a9dc6d1b43ed76e57326b8072984ed71625149408876f7afb9f
e4f6550c8b9f984071d3d1c2cf93ca950f893345742fe26a13598241cd77dd72
e8f0d71e1412843f5b4200727ec430fea23048c9ee9e49d4410ca164c282836d
eacd94e08972bdc6379afc2cea073cf9e4fd7bea80f415540faedad69a458188
eb428852179980ee01b0aff8006a735aadee230cd9d4652d0b51851323224f00
eb48bd2477aa6e730877abcc40046466f51207011cc4e2a39872db01af585633
ebaeecef7cb70a2f146534fff55cfa042d1c246d4d5fff4eae164b5d925328bc
ed514ba9ef2988dc02b9ca459b565b6149d15870eb3f676638b11733a807b721
ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9eba7a028262f0e09dff4034b913d38f75c10cc374519b3a4b93f072814815
f25190e195e7f837684c6861c564c8294b01087a7d9ec7f0656b73ee8f91ad1f
f2c94a64da53fb9fc5bede79e6d7ac21c30eb1a1d2fdb029b76968e907f8b022
f33203f6c0cae049b74bd35540da27dad9f388dee91a7995ef080343de8610aa
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f930509ebac4d0fe907137b7d065293ffb589ffa3b25c5022a82c28fb3510c28
fa85b91728df6ce768e194698261b214027dc377341f15da4f459ec5c11117cc
fd68e0812f68fda7a6aee19bc5a0a9ca2f5e1cbb9a79f1060a4e1e340e417122
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fef5645dd4711b739a40a3251e2f6720c13ae09af5d18e809db5854beb30388f
fefa3b7ddf55edaebebf8b665c8ec1231dbba25e91c1b9a6f685e1a6e76323c2
ff153c6e6210e7dfb508ffca0f910d86f78e2f6b0d926208a72021c1a1840aee