urlscan.io logo urlscan.io
SecurityTrails logo

ua.korrespondent.net Open in urlscan Pro
2606:4700::6812:1eb6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://korrespondent.net/
Effective URL: https://ua.korrespondent.net/
Submission Tags: falconsandbox
Submission: On May 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 123 IPs in 14 countries across 113 domains to perform 1287 HTTP transactions. The main IP is 2606:4700::6812:1eb6, located in United States and belongs to CLOUDFLARENET, US. The main domain is ua.korrespondent.net. The Cisco Umbrella rank of the primary domain is 352810.
TLS certificate: Issued by E1 on May 16th 2022. Valid for: 3 months.
This is the only time ua.korrespondent.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 2606:4700::68... 13335 (CLOUDFLAR...)
29 193.29.200.151 197203 (UMHAS)
2 2a00:1450:400... 15169 (GOOGLE)
1 91.198.36.26 43405 (DIGITAL-V...)
10 2a03:90c0:41:... 199524 (GCORE)
35 193.29.200.157 197203 (UMHAS)
1 193.29.200.140 197203 (UMHAS)
1 104.18.3.81 13335 (CLOUDFLAR...)
5 78.159.118.240 28753 (LEASEWEB-...)
3 2a00:1450:400... 15169 (GOOGLE)
4 20 212.8.250.228 49981 (WORLDSTREAM)
15 91.198.36.35 43405 (DIGITAL-V...)
1 5 146.59.10.80 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
78 2a00:1450:400... 15169 (GOOGLE)
2 11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
21 2a00:1450:400... 15169 (GOOGLE)
4 9 2620:116:800d... 16509 (AMAZON-02)
3 167.71.9.19 14061 (DIGITALOC...)
9 9 3.120.99.209 16509 (AMAZON-02)
6 6 185.29.132.241 30419 (MEDIAMATH...)
4 4 185.180.220.208 49981 (WORLDSTREAM)
2 2 190.2.153.150 49981 (WORLDSTREAM)
2 2 185.165.240.175 49981 (WORLDSTREAM)
2 212.8.250.83 49981 (WORLDSTREAM)
2 146.0.227.110 20773 (GODADDY)
2 194.247.175.38 196831 (BEMOBILE-AS)
1 145.239.237.56 16276 (OVH)
23 2a00:1450:400... 15169 (GOOGLE)
20 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 188.42.196.115 7979 (SERVERS-COM)
1 51.89.9.251 16276 (OVH)
8 2a00:1450:400... 15169 (GOOGLE)
7 194.247.175.26 196831 (BEMOBILE-AS)
60 2a00:1450:400... 15169 (GOOGLE)
2 185.119.59.4 9123 (TIMEWEB-AS)
1 145.40.89.200 54825 (PACKET)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
14 168.119.79.239 24940 (HETZNER-AS)
1 157.90.215.235 24940 (HETZNER-AS)
1 2a02:6b8:a::a 208722 (GLOBAL_DC)
3 65.9.66.173 16509 (AMAZON-02)
1 95.163.52.67 47764 (MAILRU-AS...)
1 4 2a02:6b8::1:119 208722 (GLOBAL_DC)
75 2a00:1450:400... 15169 (GOOGLE)
13 53 142.250.186.130 15169 (GOOGLE)
5 101 23.35.236.247 16625 (AKAMAI-AS)
6 77 37.252.172.45 29990 (ASN-APPNEX)
32 35.244.159.8 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
3 6 3.125.240.25 16509 (AMAZON-02)
2 2a02:6b8::16b 208722 (GLOBAL_DC)
1 3 2606:4700:440... 13335 (CLOUDFLAR...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
1 1 108.128.215.255 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
2 4 69.173.144.165 26667 (RUBICONPR...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
2 4 37.157.3.29 198622 (ADFORM)
1 72.34.250.75 27630 (AS-XFERNET)
2 2 76.223.111.18 16509 (AMAZON-02)
1 1 23.35.228.23 16625 (AKAMAI-AS)
1 18.195.155.181 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.201.152.110 24940 (HETZNER-AS)
1 185.184.8.90 204995 (RTB-HOUSE...)
16 178.250.2.131 44788 (ASN-CRITE...)
1 2a00:1148:db0... 47764 (MAILRU-AS...)
1 2a02:6b8:20::215 208722 (GLOBAL_DC)
16 143.204.215.112 16509 (AMAZON-02)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
89 37.157.6.241 198622 (ADFORM)
15 23.32.59.34 16625 (AKAMAI-AS)
15 185.86.138.16 201081 (SMARTADSE...)
29 72.251.249.9 29791 (VOXEL-DOT...)
15 2602:803:c003... 26667 (RUBICONPR...)
14 141.95.98.68 16276 (OVH)
11 2a02:2638:1::3 44788 (ASN-CRITE...)
1 151.101.65.108 54113 (FASTLY)
12 23.35.236.188 16625 (AKAMAI-AS)
62 37.252.173.27 29990 (ASN-APPNEX)
8 138.201.63.149 24940 (HETZNER-AS)
4 185.29.132.242 30419 (MEDIAMATH...)
2 2.18.233.201 16625 (AKAMAI-AS)
1 1 51.255.68.171 16276 (OVH)
2 2 159.65.197.210 14061 (DIGITALOC...)
28 37.157.5.71 198622 (ADFORM)
2 8 52.18.123.145 16509 (AMAZON-02)
3 10 2a02:2638:1::13 44788 (ASN-CRITE...)
1 1 141.95.171.141 16276 (OVH)
2 2 141.94.170.64 16276 (OVH)
2 2 34.254.143.3 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
1 5 78.46.90.238 24940 (HETZNER-AS)
3 4 185.94.180.125 35220 (SPOTX-AMS)
2 4 52.57.149.120 16509 (AMAZON-02)
3 178.250.2.146 44788 (ASN-CRITE...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 138.201.63.150 24940 (HETZNER-AS)
4 52.50.150.224 16509 (AMAZON-02)
26 151.101.1.108 54113 (FASTLY)
2 145.239.193.130 16276 (OVH)
2 46.236.35.87 12703 (PULSANT-AS)
3 104.111.239.217 16625 (AKAMAI-AS)
4 172.217.16.134 15169 (GOOGLE)
1 2 51.83.212.112 16276 (OVH)
6 34.149.12.213 15169 (GOOGLE)
28 23.205.235.133 16625 (AKAMAI-AS)
3 6 52.46.130.91 16509 (AMAZON-02)
5 35.71.131.137 16509 (AMAZON-02)
1 3 2a05:d018:d29... 16509 (AMAZON-02)
5 72.251.245.181 29791 (VOXEL-DOT...)
5 34.212.72.103 16509 (AMAZON-02)
2 3 23.75.246.168 16625 (AKAMAI-AS)
3 141.226.228.48 200478 (TABOOLA-AS)
5 52.213.228.15 16509 (AMAZON-02)
3 3 23.88.75.186 24940 (HETZNER-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 35.244.174.68 15169 (GOOGLE)
4 4 69.173.144.138 26667 (RUBICONPR...)
2 3 52.94.220.185 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
6 18.156.0.31 16509 (AMAZON-02)
2 2 35.170.174.103 14618 (AMAZON-AES)
7 7 2001:678:cb4:... 56396 (AMOBEE)
7 7 54.229.135.46 16509 (AMAZON-02)
2 192.132.33.46 18568 (BIDTELLECT)
7 8 151.101.2.49 54113 (FASTLY)
3 3 70.42.32.191 22075 (AS-OUTBRAIN)
1 1 34.202.76.73 14618 (AMAZON-AES)
1 1 185.183.112.148 60350 (VP)
3 3 44.196.137.234 14618 (AMAZON-AES)
4 4 193.0.160.128 54312 (ROCKETFUEL)
2 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 3.95.92.58 14618 (AMAZON-AES)
3 66.155.71.25 13768 (COGECO-PEER1)
2 169.197.150.7 398989 (DEEPINTENT)
6 6 35.158.166.215 16509 (AMAZON-02)
4 8 159.122.14.34 36351 (SOFTLAYER)
1 1 34.200.28.249 14618 (AMAZON-AES)
1 1 35.186.193.173 15169 (GOOGLE)
1 2 34.196.247.148 14618 (AMAZON-AES)
1 143.204.215.49 16509 (AMAZON-02)
2 34.254.130.126 16509 (AMAZON-02)
3 142.250.186.98 ()
1287 123
10    2606:4700::6812:1eb6 (United States)

ASN13335 (CLOUDFLARENET, US)
korrespondent.net
ua.korrespondent.net
29    193.29.200.151 (Ukraine)

ASN197203 (UMHAS, UA)
csskor.ill.in.ua
jskor.ill.in.ua
id.korrespondent.net
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua
i.holder.com.ua
10    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
35    193.29.200.157 (Ukraine)

ASN197203 (UMHAS, UA)
kor.ill.in.ua
1    193.29.200.140 (Ukraine)

ASN197203 (UMHAS, UA)
ui.ill.in.ua
1    104.18.3.81 (None, )

ASN13335 (CLOUDFLARENET, US)
r.i.ua
5    78.159.118.240 (Mindelheim, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com
cdn.umh.ua
z.cdn.umh.ua
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
20    212.8.250.228 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-250-228.hosted-by-worldstream.net
ad.mox.tv
ad.invamia.com
15    91.198.36.35 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
h.holder.com.ua
5    146.59.10.80 (France)

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu
gaua.hit.gemius.pl
2    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
78    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
21    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
9    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
3    167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
bgstats.mox.tv
9    3.120.99.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-99-209.eu-central-1.compute.amazonaws.com
x.bidswitch.net
6    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    185.180.220.208 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.mediawayss.com
ad.vidverto.io
2    190.2.153.150 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
ad.outstream.today
2    185.165.240.175 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-175.hosted-by-worldstream.net
ad.adopx.net
2    212.8.250.83 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.vidver.to
2    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
2    194.247.175.38 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
source.mmi.bemobile.ua
1    145.239.237.56 (France)

ASN16276 (OVH, FR)
PTR: ip56.ip-145-239-237.eu
ls.hit.gemius.pl
23    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
20    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
6    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
8    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
ee326b482b00607f5546a138e736504d.safeframe.googlesyndication.com
c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
7    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
sslpagestat.mmi.bemobile.ua
60    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    185.119.59.4 (St Petersburg, Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: 353757-ce44784.tmweb.ru
0.code.cotsta.ru
1    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
14    168.119.79.239 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.239.79.119.168.clients.your-server.de
t.cotsta.ru
1    157.90.215.235 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.215.90.157.clients.your-server.de
a.cotsta.ru
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yandex.ru
3    65.9.66.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-173.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    95.163.52.67 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
75    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
53    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
101    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
js-sec.indexww.com
dsum.casalemedia.com
77    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
32    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
adpone-d.openx.net
u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
6    3.125.240.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-240-25.eu-central-1.compute.amazonaws.com
d.adtriba.com
2    2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
matchid.adfox.yandex.ru
3    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    108.128.215.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-215-255.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
4    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    72.34.250.75 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
cs.media.net
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    195.201.152.110 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.110.152.201.195.clients.your-server.de
ssp.otm-r.com
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
16    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
1    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
16    143.204.215.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-112.fra53.r.cloudfront.net
mediawoot.com
15    2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
89    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
cm.adform.net
15    23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
15    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
29    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
15    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
14    141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu
id5-sync.com
11    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs-simple.com
12    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
cdn.adnxs.com
62    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
secure.adnxs.com
8    138.201.63.149 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de
hal9000.redintelligence.net
4    185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
2    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    51.255.68.171 (Villeurbanne, France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
2    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
28    37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
8    52.18.123.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-123-145.eu-west-1.compute.amazonaws.com
trc.audiencemanager.de
anz.audiencemanager.de
10    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    141.95.171.141 (France)

ASN16276 (OVH, FR)
PTR: bixel-7.cloudy.ovh
green.erne.co
2    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel-eu.onaudience.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
5    78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de
hal900019.redintelligence.net
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    52.57.149.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-149-120.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    2a02:26f0:3500:585::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
4    138.201.63.150 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de
hal90008.redintelligence.net
4    52.50.150.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-150-224.eu-west-1.compute.amazonaws.com
liift-trc.audiencemanager.de
26    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    145.239.193.130 (Valence, France)

ASN16276 (OVH, FR)
pv.medialead.de
2    46.236.35.87 (Plymouth, United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-35-87.servers.dedipower.net
track.webgains.com
3    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
4    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
ad.doubleclick.net
2    51.83.212.112 (France)

ASN16276 (OVH, FR)
PTR: ip112.ip-51-83-212.eu
trck.fairnergy.org
6    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
28    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    2a05:d018:d29:3605:c111:9aee:7bd3:6707 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    72.251.245.181 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
5    34.212.72.103 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-72-103.us-west-2.compute.amazonaws.com
dmp.brand-display.com
3    23.75.246.168 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-246-168.deploy.static.akamaitechnologies.com
px.owneriq.net
3    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
5    52.213.228.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-228-15.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    23.88.75.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.75.88.23.clients.your-server.de
csync.loopme.me
2    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    35.170.174.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-174-103.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
7    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
7    54.229.135.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-135-46.eu-west-1.compute.amazonaws.com
d.adroll.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
8    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    34.202.76.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-76-73.compute-1.amazonaws.com
sync.extend.tv
1    185.183.112.148 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
3    44.196.137.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-137-234.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    3.95.92.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-92-58.compute-1.amazonaws.com
nep.advangelists.com
3    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
6    35.158.166.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-166-215.eu-central-1.compute.amazonaws.com
pm.w55c.net
8    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
1    34.200.28.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-28-249.compute-1.amazonaws.com
s.company-target.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
2    34.196.247.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-247-148.compute-1.amazonaws.com
um2.eqads.com
1    143.204.215.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-49.fra53.r.cloudfront.net
analytics.webgains.io
2    34.254.130.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
api.webgains.io
3    142.250.186.98 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
177 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
cdn.adnxs.com — Cisco Umbrella Rank: 1420
fra1-ib.adnxs.com — Cisco Umbrella Rank: 7769
acdn.adnxs.com — Cisco Umbrella Rank: 596
secure.adnxs.com — Cisco Umbrella Rank: 424
985 KB
149 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
ee326b482b00607f5546a138e736504d.safeframe.googlesyndication.com
c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
ade.googlesyndication.com
2 MB
121 adform.net
c1.adform.net — Cisco Umbrella Rank: 571
adx.adform.net — Cisco Umbrella Rank: 4019
track.adform.net — Cisco Umbrella Rank: 3865
cm.adform.net — Cisco Umbrella Rank: 2172
s1.adform.net — Cisco Umbrella Rank: 8427
1 MB
95 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284
ad.doubleclick.net — Cisco Umbrella Rank: 202
905 KB
88 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530
htlb.casalemedia.com — Cisco Umbrella Rank: 477
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
117 KB
75 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
3 MB
61 ill.in.ua
csskor.ill.in.ua — Cisco Umbrella Rank: 391787
jskor.ill.in.ua — Cisco Umbrella Rank: 411317
kor.ill.in.ua — Cisco Umbrella Rank: 362714
ui.ill.in.ua — Cisco Umbrella Rank: 411847
1 MB
51 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 354
fastlane.rubiconproject.com — Cisco Umbrella Rank: 471
eus.rubiconproject.com — Cisco Umbrella Rank: 556
token.rubiconproject.com — Cisco Umbrella Rank: 692
216 KB
33 openx.net
us-u.openx.net — Cisco Umbrella Rank: 399
rtb.openx.net — Cisco Umbrella Rank: 1524
adpone-d.openx.net — Cisco Umbrella Rank: 17912
u.openx.net — Cisco Umbrella Rank: 756
3 KB
29 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 615
11 KB
29 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 393
mug.criteo.com — Cisco Umbrella Rank: 2669
44 KB
28 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 658
30 KB
21 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
632 KB
21 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 47567
bgstats.mox.tv — Cisco Umbrella Rank: 56217
203 KB
17 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 33656
hal900019.redintelligence.net — Cisco Umbrella Rank: 276754
hal90008.redintelligence.net — Cisco Umbrella Rank: 254137
110 KB
17 cotsta.ru
0.code.cotsta.ru — Cisco Umbrella Rank: 203406
t.cotsta.ru — Cisco Umbrella Rank: 208240
a.cotsta.ru — Cisco Umbrella Rank: 215739
203 KB
17 google.com
www.google.com — Cisco Umbrella Rank: 7
adservice.google.com — Cisco Umbrella Rank: 74
4 KB
16 mediawoot.com
mediawoot.com
54 KB
16 holder.com.ua
i.holder.com.ua — Cisco Umbrella Rank: 322843
h.holder.com.ua — Cisco Umbrella Rank: 287239
10 KB
15 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1355
5 KB
15 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 22020
2 MB
14 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 663
8 KB
14 korrespondent.net
korrespondent.net — Cisco Umbrella Rank: 242244
ua.korrespondent.net — Cisco Umbrella Rank: 352810
id.korrespondent.net — Cisco Umbrella Rank: 370816
57 KB
12 audiencemanager.de
trc.audiencemanager.de — Cisco Umbrella Rank: 105785
anz.audiencemanager.de — Cisco Umbrella Rank: 107675
liift-trc.audiencemanager.de — Cisco Umbrella Rank: 237570
8 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 288
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1187
46 KB
12 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
tags.mathtag.com — Cisco Umbrella Rank: 3224
pixel.mathtag.com — Cisco Umbrella Rank: 1281
6 KB
12 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 44664
inv-nets.admixer.net — Cisco Umbrella Rank: 2358
198 KB
11 criteo.net
static.criteo.net — Cisco Umbrella Rank: 621
308 KB
10 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 478
rtb0.doubleverify.com — Cisco Umbrella Rank: 661
rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 12960
42 KB
9 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 485
ups.analytics.yahoo.com — Cisco Umbrella Rank: 297
3 KB
9 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 3409
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
2 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
4 KB
9 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 427
cms.quantserve.com — Cisco Umbrella Rank: 1128
3 KB
8 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
3 KB
8 google.de
www.google.de — Cisco Umbrella Rank: 5483
adservice.google.de — Cisco Umbrella Rank: 7678
2 KB
7 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1559
778 B
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 755
3 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 887
4 KB
6 adtriba.com
d.adtriba.com — Cisco Umbrella Rank: 46392
2 KB
6 gstatic.com
fonts.gstatic.com
83 KB
6 bemobile.ua
source.mmi.bemobile.ua — Cisco Umbrella Rank: 195703
sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 205628
25 KB
6 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 48860
ls.hit.gemius.pl — Cisco Umbrella Rank: 12133
18 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 466
2 KB
5 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1886
1 KB
5 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1468
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 338
1 KB
5 umh.ua
cdn.umh.ua — Cisco Umbrella Rank: 274443
z.cdn.umh.ua — Cisco Umbrella Rank: 297093
6 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
3 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 435
1 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 518
2 KB
4 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1392
mc.yandex.ru — Cisco Umbrella Rank: 3290
matchid.adfox.yandex.ru — Cisco Umbrella Rank: 27663
106 KB
4 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 407
fonts.googleapis.com — Cisco Umbrella Rank: 46
129 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 910
85 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19930
api.webgains.io — Cisco Umbrella Rank: 48593
51 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 594
573 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
2 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 558
951 B
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 884
674 B
3 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 977
295 B
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 998
1 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15147
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 818
s.tribalfusion.com — Cisco Umbrella Rank: 2566
2 KB
3 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9163
2 KB
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 138584
4 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1895
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3616
563 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 857
83 B
2 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2790
373 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 822
760 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1370
756 B
2 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2091
2 fairnergy.org
trck.fairnergy.org
1 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 38036
3 KB
2 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 44639
527 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1386
15 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 23021
2 KB
2 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 13702
953 B
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2528
954 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 414
953 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 612
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1574
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1040
344 B
2 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 10088
ad.mail.ru — Cisco Umbrella Rank: 10140
12 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 789
882 B
2 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 85074
963 B
2 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 58585
1 KB
2 invamia.com
ad.invamia.com — Cisco Umbrella Rank: 86890
1 KB
2 adopx.net
ad.adopx.net — Cisco Umbrella Rank: 85452
1 KB
2 outstream.today
ad.outstream.today — Cisco Umbrella Rank: 81406
1 KB
2 mediawayss.com
ad.mediawayss.com — Cisco Umbrella Rank: 76909
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
78 KB
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 2859
444 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3854
398 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2270
232 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1416
307 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1690
546 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 511
708 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 598
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16159
338 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3043
480 B
1 adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 2839
40 KB
1 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6107
10 KB
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5990
182 B
1 otm-r.com
ssp.otm-r.com — Cisco Umbrella Rank: 120037
304 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 432
2 KB
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 933
59 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1513
1 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1014
411 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1439
296 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1183
446 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 809
814 B
1 i.ua
r.i.ua — Cisco Umbrella Rank: 172336
1 KB
1287 113
Domain Requested by
78 pagead2.googlesyndication.com z.cdn.umh.ua
ad.mox.tv
pagead2.googlesyndication.com
ua.korrespondent.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
0.code.cotsta.ru
www.googletagservices.com
c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
ad.doubleclick.net
s0.2mdn.net
77 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
0.code.cotsta.ru
hb.adpone.com
acdn.adnxs.com
ssum-sec.casalemedia.com
75 s0.2mdn.net ua.korrespondent.net
s0.2mdn.net
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
ad.doubleclick.net
mediawoot.com
60 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
ua.korrespondent.net
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
pagead2.googlesyndication.com
c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
ad.doubleclick.net
s0.2mdn.net
56 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
um2.eqads.com
55 fra1-ib.adnxs.com hb.adpone.com
mediawoot.com
cdn.adnxs.com
acdn.adnxs-simple.com
50 track.adform.net ua.korrespondent.net
hb.adpone.com
s1.adform.net
37 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
35 kor.ill.in.ua ua.korrespondent.net
31 adx.adform.net hb.adpone.com
s1.adform.net
29 ap.lijit.com hb.adpone.com
28 js-sec.indexww.com hb.adpone.com
ssum-sec.casalemedia.com
28 eus.rubiconproject.com hb.adpone.com
eus.rubiconproject.com
28 s1.adform.net hb.adpone.com
track.adform.net
s1.adform.net
mediawoot.com
26 acdn.adnxs.com mediawoot.com
hb.adpone.com
21 www.googletagservices.com ad.mox.tv
googleads.g.doubleclick.net
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
trc.audiencemanager.de
www.googletagservices.com
cdn.doubleverify.com
s0.2mdn.net
ad.doubleclick.net
18 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
ua.korrespondent.net
mediawoot.com
18 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
ua.korrespondent.net
ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
18 ad.mox.tv 2 redirects z.cdn.umh.ua
ad.mox.tv
h.holder.com.ua
ua.korrespondent.net
16 mediawoot.com ua.korrespondent.net
mediawoot.com
16 bidder.criteo.com 0.code.cotsta.ru
hb.adpone.com
16 googleads4.g.doubleclick.net ua.korrespondent.net
ad.doubleclick.net
15 u.openx.net hb.adpone.com
15 fastlane.rubiconproject.com hb.adpone.com
15 prg.smartadserver.com hb.adpone.com
15 adpone-d.openx.net hb.adpone.com
15 htlb.casalemedia.com hb.adpone.com
15 hb.adpone.com mediawoot.com
15 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
15 h.holder.com.ua i.holder.com.ua
14 id5-sync.com hb.adpone.com
14 t.cotsta.ru 0.code.cotsta.ru
13 csskor.ill.in.ua ua.korrespondent.net
csskor.ill.in.ua
12 cdn.adnxs.com hb.adpone.com
12 jskor.ill.in.ua ua.korrespondent.net
11 static.criteo.net 0.code.cotsta.ru
static.criteo.net
hb.adpone.com
11 www.google.com 2 redirects ua.korrespondent.net
tpc.googlesyndication.com
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
10 gum.criteo.com 3 redirects static.criteo.net
gum.criteo.com
10 cdn.admixer.net ua.korrespondent.net
cdn.admixer.net
9 x.bidswitch.net 9 redirects
8 um.simpli.fi 4 redirects ssum-sec.casalemedia.com
8 sync-tm.everesttech.net 7 redirects ssum-sec.casalemedia.com
8 cm.adform.net mediawoot.com
8 hal9000.redintelligence.net ua.korrespondent.net
acdn.adnxs-simple.com
hal900019.redintelligence.net
hal90008.redintelligence.net
8 ua.korrespondent.net ua.korrespondent.net
jskor.ill.in.ua
7 d.adroll.com 7 redirects
7 ad.turn.com 7 redirects
7 secure.adnxs.com ssum-sec.casalemedia.com
6 pm.w55c.net 6 redirects
6 ups.analytics.yahoo.com ssum-sec.casalemedia.com
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
6 d.adtriba.com 3 redirects 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
6 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 sync.mathtag.com 6 redirects
6 pixel.quantserve.com 3 redirects ua.korrespondent.net
ad.mox.tv
5 match.prod.bidr.io ssum-sec.casalemedia.com
5 dmp.brand-display.com ssum-sec.casalemedia.com
5 cm.adgrx.com ssum-sec.casalemedia.com
5 match.adsrvr.org ssum-sec.casalemedia.com
eus.rubiconproject.com
5 hal900019.redintelligence.net 1 redirects mediawoot.com
hal900019.redintelligence.net
5 gaua.hit.gemius.pl 1 redirects ua.korrespondent.net
gaua.hit.gemius.pl
4 p.rfihub.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 rtbc-eu3.doubleverify.com cdn.doubleverify.com
4 ad.doubleclick.net www.googletagservices.com
4 liift-trc.audiencemanager.de trc.audiencemanager.de
mediawoot.com
4 anz.audiencemanager.de trc.audiencemanager.de
mediawoot.com
4 hal90008.redintelligence.net acdn.adnxs-simple.com
hal90008.redintelligence.net
4 cdn.doubleverify.com s1.adform.net
cdn.doubleverify.com
4 pixel.advertising.com 2 redirects googleads.g.doubleclick.net
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 trc.audiencemanager.de 2 redirects mediawoot.com
4 tags.mathtag.com ua.korrespondent.net
acdn.adnxs-simple.com
4 c1.adform.net 2 redirects ssum-sec.casalemedia.com
4 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
4 sslpagestat.mmi.bemobile.ua source.mmi.bemobile.ua
4 unpkg.com ad.mox.tv
4 z.cdn.umh.ua cdn.umh.ua
4 id.korrespondent.net ua.korrespondent.net
jskor.ill.in.ua
id.korrespondent.net
3 ade.googlesyndication.com
3 pixel-sync.sitescout.com ssum-sec.casalemedia.com
3 sync.srv.stackadapt.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 csync.loopme.me 3 redirects
3 sync.taboola.com ssum-sec.casalemedia.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
3 www.awin1.com mediawoot.com
3 mug.criteo.com
3 cms.quantserve.com 1 redirects ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
3 mc.yandex.com 1 redirects ua.korrespondent.net
3 c.amazon-adsystem.com ua.korrespondent.net
c.amazon-adsystem.com
3 fonts.googleapis.com tpc.googlesyndication.com
hal900019.redintelligence.net
hal90008.redintelligence.net
3 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 pa.tns-ua.com source.mmi.bemobile.ua
pa.tns-ua.com
ua.korrespondent.net
3 ads.betweendigital.com 2 redirects 0.code.cotsta.ru
3 bgstats.mox.tv ua.korrespondent.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
ua.korrespondent.net
2 api.webgains.io analytics.webgains.io
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 match.deepintent.com ssum-sec.casalemedia.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 bttrack.com ssum-sec.casalemedia.com
2 beacon.lynx.cognitivlabs.com 2 redirects
2 ad4m.at ssum-sec.casalemedia.com
2 rtb0.doubleverify.com cdn.doubleverify.com
2 trck.fairnergy.org 1 redirects acdn.adnxs-simple.com
2 track.webgains.com ua.korrespondent.net
mediawoot.com
2 pv.medialead.de hal900019.redintelligence.net
mediawoot.com
2 i.clean.gg acdn.adnxs-simple.com
2 loada.exelator.com 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 pixel.mathtag.com ua.korrespondent.net
acdn.adnxs-simple.com
2 c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 eb2.3lift.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 a.tribalfusion.com 1 redirects c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
2 matchid.adfox.yandex.ru yandex.ru
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 0.code.cotsta.ru ad.mox.tv
ua.korrespondent.net
2 ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 source.mmi.bemobile.ua h.holder.com.ua
source.mmi.bemobile.ua
2 inv-nets.admixer.net cdn.admixer.net
ad.mox.tv
2 ad.vidver.to ua.korrespondent.net
2 ad.vidverto.io 2 redirects
2 ad.invamia.com 2 redirects
2 ad.adopx.net 2 redirects
2 ad.outstream.today 2 redirects
2 ad.mediawayss.com 2 redirects
2 www.google.de ua.korrespondent.net
2 stats.g.doubleclick.net www.google-analytics.com
2 www.googletagmanager.com ua.korrespondent.net
2 korrespondent.net 2 redirects
1 analytics.webgains.io track.webgains.com
1 cm.ctnsnet.com 1 redirects
1 s.company-target.com 1 redirects
1 nep.advangelists.com 1 redirects
1 sync.adotmob.com 1 redirects
1 sync.extend.tv 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 id.rlcdn.com eus.rubiconproject.com
1 green.erne.co 1 redirects
1 dsp.nrich.ai 1 redirects
1 acdn.adnxs-simple.com hb.adpone.com
1 yastatic.net yandex.ru
1 ee326b482b00607f5546a138e736504d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ad.mail.ru 0.code.cotsta.ru
1 prebid-eu.creativecdn.com 0.code.cotsta.ru
1 ssp.otm-r.com 0.code.cotsta.ru
1 cdn.jsdelivr.net 0.code.cotsta.ru
1 cs.emxdgt.com 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 sync.go.sonobi.com 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
1 ag.innovid.com 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
1 rtb.openx.net 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
1 pixel.everesttech.net 1 redirects
1 s.tribalfusion.com ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
1 mc.yandex.ru ua.korrespondent.net
1 top-fwz1.mail.ru ua.korrespondent.net
1 yandex.ru ua.korrespondent.net
1 a.cotsta.ru 0.code.cotsta.ru
1 prebid.a-mo.net ad.mox.tv
1 onetag-sys.com ua.korrespondent.net
1 imasdk.googleapis.com ad.mox.tv
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 cdn.umh.ua ua.korrespondent.net
1 r.i.ua ua.korrespondent.net
1 ui.ill.in.ua ua.korrespondent.net
1 i.holder.com.ua ua.korrespondent.net
1287 177
Subject Issuer Validity Valid
*.korrespondent.net
E1		 2022-05-16 -
2022-08-14		 3 months crt.sh
*.ill.in.ua
Sectigo RSA Domain Validation Secure Server CA		 2021-09-25 -
2022-09-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
holder.com.ua
R3		 2022-04-09 -
2022-07-08		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2021-06-08 -
2022-06-21		 a year crt.sh
*.kp.ua
R3		 2022-04-04 -
2022-07-03		 3 months crt.sh
i.ua
R3		 2022-04-07 -
2022-07-06		 3 months crt.sh
cdn.umh.ua
R3		 2022-04-10 -
2022-07-09		 3 months crt.sh
ad.mox.tv
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
bgstats.mox.tv
R3		 2022-03-30 -
2022-06-28		 3 months crt.sh
*.mmi.bemobile.ua
Sectigo RSA Domain Validation Secure Server CA		 2022-01-14 -
2023-02-03		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
juke.mmi.tns-ua.com
R3		 2022-05-16 -
2022-08-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
0.code.cotsta.ru
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
*.a-mo.net
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
t.cotsta.ru
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
a.cotsta.ru
R3		 2022-02-24 -
2022-05-25		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2022-03-04 -
2022-09-01		 6 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
matchid.adfox.yandex.ru
Yandex CA		 2022-02-05 -
2022-07-31		 6 months crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-11 -
2022-06-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2022-04-01 -
2022-09-29		 6 months crt.sh
mediawoot.com
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
redintelligence.net
R3		 2022-03-29 -
2022-06-27		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
*.audiencemanager.de
Go Daddy Secure Certificate Authority - G2		 2021-10-11 -
2022-09-13		 a year crt.sh
pv.medialead.de
R3		 2022-04-21 -
2022-07-20		 3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-13 -
2023-06-08		 a year crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
trck.fairnergy.org
R3		 2022-04-07 -
2022-07-06		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.knorex.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh

This page contains 198 frames:

Primary Page: https://ua.korrespondent.net/
Frame ID: C51DA9FB027E206FA565DDF30A261F30
Requests: 169 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 6C92BB5DB671FC07CBD8AF0B90713269
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 26AF0B0929201A6F49E8E5C5DDCFECAF
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: F797F09D701C31EC941C1A340694929C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: E80D0EDCEBC7F9149D790E6FB9B838F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1653260436&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fua.korrespondent.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435834&bpp=3&bdt=944&idt=231&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2533302168077&frm=20&pv=2&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=260
Frame ID: 0024982F6A1CB63DE2B237AECE4A381D
Requests: 1 HTTP requests in this frame

Frame: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Frame ID: 51EB15769AF520523792061566314826
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1653260436&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435837&bpp=2&bdt=947&idt=306&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JOgUUmbZuL&p=https%3A//ua.korrespondent.net&dtd=319
Frame ID: B90F279FAC63E23724B94B6D5000D22B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
Frame ID: C48112F078D873886C572588A1599D6F
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Frame ID: 396F1FF22530025ACEFB042189576E0E
Requests: 1 HTTP requests in this frame

Frame: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6DCF6420984986FE88D5F6DD225789E7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html
Frame ID: 02B4E4303A25FAAAF2EC91319B894C33
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 83D6C0BB998DD0C0016C345B0D7A5B39
Requests: 2 HTTP requests in this frame

Frame: https://0.code.cotsta.ru/dist/a.min.js
Frame ID: 48F620000D4D26CDEC58C1D58AE72759
Requests: 48 HTTP requests in this frame

Frame: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 873C8733BE5F9B58D6BAA331FC144CD0
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: BA652605996DE2169542591F10063665
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BDF91135AA2EFC2483A3665B77069B00
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B47EE064101DC174875A4FE1E2D61117
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 358FA6B4B4D675D9E1D4E3C40170D226
Requests: 2 HTTP requests in this frame

Frame: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A972B371079DE9FAE55403EB01572481
Requests: 16 HTTP requests in this frame

Frame: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 098C7A93070235F960881CAA32B857AA
Requests: 16 HTTP requests in this frame

Frame: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 463BFC38DF902E4543DDE463D6C24A15
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNX0ZPATPV7J-67dHLzARpqzoweJ5yjblQ59FEvV7TYRgp3jo-6wXzjRnY3ChTwTou0-wapfFmcmL2GEScXBLMKBhuJmjO4QufDwRfLpco6uLDyctHTTt6r6LFuazZGgtskLld1e3fWMzfxJPJoNMcARmsB0zMLoKAqJAMTHfa7RFUiyDYAmLXymufLfoHFd3W06uCoA
Frame ID: 8B9F640DFED12255AA12346A88896069
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUnBk_mT6csM3q_79kcXjG6z7AtVEUFCh4e4XVvqo_02vo35k1JHEoZ2fHscxv6oxwPgm41RuLW4PssVBqedQr4FNgAbPS5ono1UtT8SAinIs54mv-OaYqwqNVW9_vY-uwbSgXPNWDjOVxrXCjFB1uK1xb0Il8qB16Bxr94cpFG6GrsQrI
Frame ID: 1FE010219AB33AFADA8AF7389C9EECE0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYjoHUyQEwAQ&v=APEucNW0x0js24uF_RAOnFnZtHtvn29QqBLu-69yvNRxY5A8NUGEucFVg_2_-RU-h8bVsmmwzLLlgZQgLjNQP2QgSRwuh5Z70Vk98loykRQCrrynpCTQdoefe53VTf5vhmW_KDAvmV-M8559mZ73cPLTkaaOAZY4dMcqOtJ5qSv1F6k5NTALAZU
Frame ID: F2CCF1EB5A3A113DC7067BAB314FC2F0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F489628A50E607B07ED00BDB403EB22A
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14782411303688353274/index.html
Frame ID: 36881FD960EAF3AD3CB70B5E19C719C3
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 291DC01EB1CAB8C57B3CE2EB31EE0EFE
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Frame ID: 6449796E57C1F10F940391DF5D253D73
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 53F01C8125449AF59A734FB48B4EB39D
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Frame ID: 6650122B9B6BF97F42967117DE08C4FF
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7305F22836A3F7127D450658219D0C41
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EC565D9A68F37423E15885275A62E658
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1A137527C6FC2ED92C57683822A021B2
Requests: 3 HTTP requests in this frame

Frame: https://ee326b482b00607f5546a138e736504d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 78EE6B8398BBCB23CC0C541AEA8A67F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8610050614645263&output=html&adk=1812271804&adf=3407270560&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fua.korrespondent.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260437901&bpp=3&bdt=1256&idt=357&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dd3a2dfc05a4ee392%3AT%3D1653260437%3AS%3DALNI_MYoh47LuJwChdTwreypbD6-adnXRA&nras=1&correlator=2533302168077&frm=23&ife=1&pv=2&ga_vid=1369755530.1653260436&ga_sid=1653260438&ga_hid=16427808&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=2484715974&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C42531557%2C44760475%2C31067629%2C31067699&oid=2&pvsid=3738200024092044&pem=814&tmod=2012321872&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.wplth5tekg3j&btvi=1&fsb=1&dtd=375
Frame ID: EB574F87E3230C226AC7D6091C0DB244
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Frame ID: E1A6982A520EBDD22960939817884936
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstl5asep9hmvJbZPJKex5iOMs5Qmy9DJF3505BgyV0ELAeNqRTjbtY9eoyzfYTn6QZ0jnYeVSPyJ-vBIKT3C3XMdY_YvYcNhKN6wkL1iFfTWWRrTkRb5am041nPcate5Zmjbp4NpXp3VC3kaMk_6OIfSh-W5z4RX2jM8mPC-YIqtJ6Jojmh3oFpbqh9PDk2vav_YBmp5tyUknaH1bdA3hr4SnoWEECzaIRgSozUR_GoMFvcEkBUYy0DuY86wdnEGZKA3mHtxNrLPaGRnolx6njpQelvCr6TwDnkE-N3XiEV18gWHycncihIlouwwfLbEykPJDUxxRwHDhvmwEo6-3ikomCQUwmNo9NZHJUOfDqUZ6tbHedG&sig=Cg0ArKJSzN0QkUBHVpZTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8E334CC49F613A60CEFC5D529D2DC730
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DFBA8643A134E64C8CEF6F8912493184
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A444036ED52F80185F16BF957A8A147A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 08C913B43336773B4FEA59763BEB22D4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F893114441877CF7A0F389417A9BBFF5
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 83213E52D48743FDCED3CF3A6CB7B577
Requests: 19 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=wodvzxysfv&e=1695597276133
Frame ID: B6B7048AA8996EB1155B76F1ACB54800
Requests: 13 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=zgcuqeays&e=1695597276133
Frame ID: 94214585D1DA04A7BD25018019C5D111
Requests: 13 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=empfpdc&e=1695597276133
Frame ID: 511B54579C2318999FBFCF9901902EB1
Requests: 12 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=wtwiidh&e=1695597276133
Frame ID: 75184D157ABEAFD555DEEC27FEBD5D61
Requests: 12 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=ffiqcjuv&e=1695597276133
Frame ID: 56E379292EB8F544BECD67DDF82F0FE5
Requests: 12 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=kanrzrd&e=1695597276133
Frame ID: D6A82EA3EC17659994E0F21DBE1084CA
Requests: 12 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=khdqvb&e=1695597276133
Frame ID: B33644D8F797B41334E7B59FCBB34921
Requests: 12 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=yjutwti&e=1695597276133
Frame ID: A057537EAE83D1080B4CABC1D2F26EB2
Requests: 12 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=xmycovcd&e=1695597276133
Frame ID: 5E34C67C98F63C8E3C98C822EFF9DB27
Requests: 12 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=yjnfmne&e=1695597276133
Frame ID: 8CF5E8E9F7E9C23D68B45ECCF248AE3B
Requests: 11 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=yqhxsdeyj&e=1695597276133
Frame ID: E4574B2940618B4DBC676327011C9017
Requests: 11 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=zzotyyen&e=1695597276133
Frame ID: 6C958659EEFA35329A387CD8E8652C4E
Requests: 11 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=jzdbcrjgo&e=1695597276133
Frame ID: 6CA28B8AA9EB071CD87152ED228A722A
Requests: 11 HTTP requests in this frame

Frame: https://mediawoot.com/r/p.html?f=qqrubuf&e=1695597276133
Frame ID: A687E1AEECD12C3B1DF36139134CAC93
Requests: 11 HTTP requests in this frame

Frame: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Frame ID: 5EAC6411A34C8518F69875BF47D39060
Requests: 1 HTTP requests in this frame

Frame: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Frame ID: 678E55A9AA1ACD0020D8C22D8B9A30A8
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 7D320B44B2751426239A0A0C40CA3FA0
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=8976528965895423848_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=8mSC5h_-q6zXde5AyVazm75WrmxVILjF8CcVZ_bPoSyRqElUk-zI6z3MIOAm_xzU-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VTYpHDtss2kxrLNhql8glOlRvcyWI0NpSCRj8gMOF0Ub8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6JnvBeZLG4PiSw2;rtbtest=0
Frame ID: 8390CFAFE7051635BD123812EAF65041
Requests: 15 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/zone/j7ljeqx6jfhz?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=2832066629117460572&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2832066629117460572%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D
Frame ID: 164D3D30ED2A8FE35E6A7C7A2E1C63CD
Requests: 16 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=53798891;rtbwp=Qgi_KpiCYgFwHowiC0pO_KzboUFQG3yp0;rtbdata=el6TqoVMDqapCpdN0IL94PeAyZtfC9XAMNTvJ_JRmUnIaD9Kbg9fljkgZx8X_JVdogtcjAKOpl4jT_Qc-y1LlH3S90274223XXvqs7R6mTyYZp9WoUoFd1eoa1-_OqvrvutYU2WCa6qWTZUixlZj0Uc-ZScvAHo57Tx_eBmAAqtDBOM6P-o_lsxoE1N8aXg0rFHhyneVWwtoaeIM-O7i_Lm7L69djybIQpjCK6gFV2l0AzsOzQcqjo7Y95vPe-pVQMVaBBQ2U1YqnpboyvhYc40uotWEQNmcoNHZIWHVGd84Igey9WwBF85yZz3Vhk17rssE6qd2KEHgn60k2ZW6RXt-_ptJpuEsm6hn5DAzcCjDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ikbmm94BmY142u1ywTJ-2j7YejTI4L2FwWVvqO76vcIQCEQGOXvs3JG4dWAZeGGw7-ItQUX26WQ4VpGCUp3CsKjblvxv6hEU9eldCH9cAh0Fa2YosIrH8UGizDjvm1ec82tH_-6FdkP2BVHa6a1fWth3uLXZUv3HziXcKis-nYNikVL53zwdcOMcxGLfZLB2dQxNLLOjbqzcC-5GEcl5xLxZE5pjtzGQxaMB7E3Is5U1;pui=CQ8Cld2Xq9xoWg-9V89lYs3NzXsustMOTCkRm0RsSigvZ7ZY04vbbM1WlqH_IbHs48zob5Vkq1q8jqTQ3yLCxQ2;
Frame ID: 7412FD53C3D1F0591A61F769DA0A7E45
Requests: 24 HTTP requests in this frame

Frame: https://trc.audiencemanager.de/ad/?cb=1121703254&liiftaucid=4304040353409451151&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&pl=6247113c3104805709594f35&tc=https://fra1-ib.adnxs.com/click?3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=MzYyMyNGUkExOjUzMDk=/bn=93154/clickenc=&cookieId=4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5
Frame ID: 6E16E6E79A6DEF38BA70000152A16595
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 7ACDCE90085EC0793976B3E8404EE39D
Requests: 2 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=916712572602806661_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=UMxmvGLgj6L5bFyAx23umkxi6BaOqD4Qtvw71dQmB-ih0qBgofQYP1Ymjq0_-_jk-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSCfRMDvNYDAs8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6JnvBeZLG4PiSw2;rtbtest=0
Frame ID: 79F0BA7E9E711096B12E8C25B769E9B1
Requests: 15 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=50241503;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=8410774315688070797_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=1tf6k0Ya10YUVb8qcr5eTRpRm-OKKJAlCzhuOEFJ32jxoPKqTrTuPFNA2bM6BGhBz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYs0QDieQ5c1tzjZnCmAeodcwcmrnF5tsDEkseoNKdIb1mMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPUGP12Pw95Qog2;rtbtest=0
Frame ID: 0DAF1BFCBCBA54315F4E3E6ADC86CA5D
Requests: 15 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=52103798;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=2312141840971833396_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=0zR12OOaQZf_J8Nee3Ik0K-gFKZ0Tjio6amDyZHvHcD6yDEcFSNB_J1TY3zzkuNtz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYsjA--o6CMZNzjZnCmAeodcwcmrnF5tsDFG8eGMMwMrlmMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPXWaUjPx3SqVw2;rtbtest=0
Frame ID: 96A47E15A05925B0D1AC108E6B3B007D
Requests: 15 HTTP requests in this frame

Frame: https://trc.audiencemanager.de/ad/?cb=58990947&liiftaucid=4601927983503357598&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&pl=6247113c3104805709594f35&tc=https://fra1-ib.adnxs.com/click?3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=MzYyMyNGUkExOjQ0MzY=/bn=92914/clickenc=&cookieId=4524a54d1bae04d7b05febe02312c8be84b6e34da31afffdf5190cadea1d3e93
Frame ID: A9FFFBE85EA86A4006C938A27EB6C9C9
Requests: 12 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=52800928;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=5070465613227081452_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=FpT2qF0gKLPLXoyrXBP72S_JN09doPHqY6qzdRVL539STeovYnE_cH_8UXzC0AAwz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYsjA--o6CMZNzjZnCmAeodcwcmrnF5tsDMZG9T1HHliqmMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPXWaUjPx3SqVw2;rtbtest=0
Frame ID: F294C21A56D661251B4451BE9E19BC81
Requests: 15 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=52908647;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=4831897657419069401_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=hFCP7GIZRCYWqmc1wuuLAzywT2R6NdZP3hemrI7_crtPBv_L_tb_VgbkatejBLlA-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSNTxen2v6cf08TvLgxAJSYgVZhku1euOvoW8zpnzZzcbkjcLyrxkJyt6KHLXtwwDKw2;rtbtest=0
Frame ID: D807566DECBB88554E3BEF5FFC4075F6
Requests: 15 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=325563722503802841_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=hH51GcFAzLIO8c1TnLtm2fsKUHjc1OTeT8hU9abO35SvgOFx2uLuSNHYlT431gDp-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VeC858dszKAbrLNhql8glOlRvcyWI0NpSPNR4TyrQSEC8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6Jl6KHLXtwwDKw2;rtbtest=0
Frame ID: EC4A8D4B3C5EE8CFAE22180AB48F92B9
Requests: 15 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=970827348278350710_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=xJPJ65CjQK2hntcIVp8woKybOZVOcTkHai-QNH7s8k_bRpt1qEp1Lva0tmHAVTjd-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSEOYWYBiRsWq8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6Jl6KHLXtwwDKw2;rtbtest=0
Frame ID: FF4F12A612643AB78F4F868E9344AAC5
Requests: 12 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=53798892;rtbwp=DCe16rakHdak7bjlv4Y6aqzboUFQG3yp0;rtbdata=Y7sXdZWOOc-SZzBRolec2jxTlY1O88kcmAnyxTClxFomIZqcOhstEucxbCA7OgRLda-I3BHPP9akryRNchtxOXXaLhHzI1R2ifKZH_SWpVqYZp9WoUoFd1eoa1-_OqvrvutYU2WCa6qWTZUixlZj0Uc-ZScvAHo57Tx_eBmAAqtDBOM6P-o_lsxoE1N8aXg0rFHhyneVWwtxQf2krl4cAbm7L69djybIQpjCK6gFV2mf3fPBhreLfo7Y95vPe-pVQMVaBBQ2U1ZkntMMy_4-8H2t40oB5mkaoNHZIWHVGd84Igey9WwBFyUNIY2VHzzurssE6qd2KEHgn60k2ZW6RXt-_ptJpuEsm6hn5DAzcCjDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ByPSVDqy9kJ42u1ywTJ-2kOaUGlXgU4jSM7fAmJmbQJiCujdxAdVt5G4dWAZeGGw7-ItQUX26WQ__SssKVIGMXCfxKLy6P3hS44hk-JQDoJSBwCi7xoym68v7sqRbf6WFBsZUaY1qeCc5_HuFwf6Fiiv87ZEANsu_IHXwqFvT9hikVL53zwdcOMcxGLfZLB2dQxNLLOjbqzcC-5GEcl5xJlnrkJxW_LlxaMB7E3Is5U1;pui=CQ8Cld2Xq9xoWg-9V89lYt_ZLZF3pTI50DvA7aotEGYvZ7ZY04vbbM1WlqH_IbHs48zob5Vkq1q8jqTQ3yLCxQ2;
Frame ID: B6EF5E4F2A5F9B14774C6F1937C5DA25
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNWxh-k_poW-xrfHGaJg6Crl_wfDvQUd39v-Sj9PfhWF5vfJzumNF7XNbJijCaD5TvcRz7T3CabTQ7gyS7TknMln8-zBdNc2Ot9d9Dv3j8ad76ciBWGRSsD7dNoYOWa31qk7zYo8VqfJ01w50VF6ayw4geEmxU6CRj88HJQ7EezxYZtXhIM
Frame ID: 9A1CA6C189CBD6562BD8B23B5A93B5EA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D147D02735F177D7B52DBECCC28A81C2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CCAB7D828D10508B4ED7A3FC3321C723
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 1DF6261FF331CD0770338D6928C470C3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Frame ID: AFA72054B3CD3C6CF2C02EBEE105B2BF
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: B49C961A36EE1BC2545E57C2F05973F5
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 37913D00B5FE92E05E133B1902938668
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: D8C0BFE81E9CB2F27ABB330205B98DC4
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 9F414BECE7E3112382C833398383EAD1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 81D538787ACD19B3800F0C9616B113AE
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 51D8AD77644A0211424A7ACA0B8EFA49
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 2B6FB63FE64374650F6FEEF8FAE00BB5
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 4D27CD4B74B0552B38CB2F412DDCF635
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=34328800004871200951425011968019&t=htlp
Frame ID: A044BEAFB59E7CEA89FEB49D94C826AA
Requests: 1 HTTP requests in this frame

Frame: https://hal900019.redintelligence.net/request_content.php?s=34328800004871200951425011968019&a=ef4e2eeb
Frame ID: CC986D0845CD3DF468C9C6781F551F21
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 79ADA492D3F6F6049933E8F33E9EA3A3
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3258648039;ord=0kxvug;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjQ0MzY%3D%2Fbn%3D92914%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4601927983503357598%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268320%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D4202b5628ac09944cf9962886811464947111%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D4202b5628ac09944cf9962886811464947111%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526ntuId%25253D4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5%252526cb%25253D1653268448%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=301;prcl=s
Frame ID: 5FA0A6E3CC641D948045DA5180A3F001
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 215920AE0C7A8632E09F165C37188057
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3458418712;ord=57b2ip;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4304040353409451151%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268160%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D8277a2628ac09945eab0197016083925630084%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D8277a2628ac09945eab0197016083925630084%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526cb%25253D1653266571%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=326;prcl=s
Frame ID: F8C9CA0346369F9792E1512D816B5514
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 97A97740CA589CC82BB9D347FB3C99BE
Requests: 3 HTTP requests in this frame

Frame: https://trck.fairnergy.org/trck/htlp/htlp.html?utm_source=affiliate&host=fairnergy.org&pvid=628ac09a10134340b0391383
Frame ID: F171FD2B266E666D1323C2F8EC0ECF3C
Requests: 1 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=39170100004831600951425011968008&a=847191ee
Frame ID: 87B550AC32A2EBFC056E8EC6E9F26D39
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Frame ID: 1898E4A23B0C65DDFA32DF76C33586BF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9E86DB79A2915AE4CA33FD05A42C2F32
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B9C83263701F37A97C51D70C288B57FE
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
Frame ID: 453619E15E948639DAC9D76B4B4864DA
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C63BCADB7C27B30ED376187C353570EF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
Frame ID: 55269347BBFB4517FC2AEB8F5066EC84
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8289B61BB47C6661AB472359AE709A15
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: B68528840F13F93818B760EEBE619B66
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 19738E7346C375FC8BAB0D5A53D5AAC3
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Frame ID: CD32EBA2563932C0F90D9D67857EAAAF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Frame ID: A97C816C3ADD6449E70C9228E183D248
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 17B4F6189380858BF612CC816BB1C91C
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0925B5977D33B2D85B4B10213B615BD3
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E85E6182135F7FA2122552A4F5982DCF
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: E1204764F98B8BC92ACDB13A94DDAB42
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4E7DE9CAEABB1B3A27305E5F2B7B4CA3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1B0E0934C4BD83F7D6E02F9C2480D622
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 360999C237CFABFEC95885C4D0FCB97E
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C229B99BBB182D669D30496E8A5C44DD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 44238C7AB15BCCA4DCCB672EA6003756
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 5C317E44D599669A1C579821435C3313
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7EB585BDF3772BAFD5B025E9EE6BE559
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 98CA2A6348BB0534CAB89DC717C15D17
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: A7A3A2B0FB728AB1CB73C3DBF00A9730
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 58D4A33422518F22BF4BFF57440BBD73
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 364C7D854653A787D71DE1D697EDDC4A
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: CD9B53880FFD3D580935B73781C4395E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5E5E12AE91BCC34283F1F051D9CC8371
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 11F5F825F63FA79375F4C2931E132C1F
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 5A8276DEE2808423A4C01A77B4839681
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B75FF9F6F3B73AB26F2C10408D7F8404
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: E073C4FBAD28492107F0DCFF1B8AAE6D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0E943A004C01E18B0C54A4D4D7A119AA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 11C96CDECE2B4ADB073AFDC9421E6757
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8BD9C70365F49FEE3893CAFD9117784C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 046F5C02CB96DCF6B2DADD0EA999295A
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D9C689AFE13F5D208767973CD3C57B86
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: E3BF063CCE3C06A3044FCFFAE5EB81C6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C9A2ACB095A621EE5E7094DE696D13E7
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9832C7492207180016A750B380265C8B
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: FBF7BE706A6E93D28CA027FF508E10D5
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: B3D455CDE1C4E3706EC3FEDFEE46B679
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 49513C71E6ED8AB7E47BE9DC685005B6
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 028F2CD672897CE51FD179745B892B17
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7F4203359CD515E0662A50F0D1F942E6
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5F4C809C5CD5A1890A257C8E0BAFB1A9
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 2C127FD35257C2BBD8BFF12B55F5A155
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BED1E5139B5E71EA22DF4A4036B1997B
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BDC57AC7FCA5D9C5D877A1C1A73E852F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: DC3BD29CB3DA3608B1FA0439D89ACBBF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 58068055ECC2AB042F7494FBCE1A1D77
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 495251C11EF8922CF16103CEE34317E3
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6E4CD4ACE8FBF742E50D498F16680524
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DE9F557705193477C9912ADFE0595EDB
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 79B93BD7F531E2C945B709EFF1788BD8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1AA680F93237080AD3AC70663760A666
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F4DAC59810BECEF4F87C1959565232F8
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 5B49F30B314445C5B11392F856FF877B
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: B21C37519C93E8B158DAEDE55E4729DF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 99EFE3885356A0618A5804DF70E1B557
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5AD938432C4A2F2D01466047684FF8A4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 08D023CA160D517CD8607E55F2DA74B2
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 92AC665A6E27EE430A4B23FD45657AF9
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: BE482954E908F7DF0B1BF3FFF82C45EB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9D53A1FB4F123E0DE8F512F7E186B1AA
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 598104D914E6600E0B0EDEF291FADF59
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E82CE56C97625B7B0CD6B80B6B27542E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0DE00BBC0139E22520737C4E0EAA83EB
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 87132CDB3AB2F31885E93A6B4E852BDB
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 996B60CCD6F3B9CEED27626C00FFBB9F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4D1CDA8405A1F7BF3D67945556FF8FF4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 81FF58FC994A069B31C142EE4688CA8D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 375C8EDCD33D51347E51FA696FCB445A
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: B721831B3C2A329414CA72DEA3A2F815
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: B22CFA1A58FD67B89AA613F73846CA70
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5870E421D556A14AC546367257A0CA9A
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 86657EE72DE58B3E1C9B715C70C21CC7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: F6ED7189C9F0E58F41CC29693319E340
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AE8D707B7200EEDBD0FEAD4C96CF898A
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6F0B2FA12B05C11E7267A2C0DBB1BE88
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D4B3CB0D65538BC29A093FC3CA5E5831
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8BE378076D2FC5A5D2F2040B69A5AB6A
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F26BF881174004332576EDBEE36DA691
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4C9FE04980A897221190C929F64172A4
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 019D6D3FBD7A88D5D007E4A37737EBED
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2A8E8652C5A7115B3DE2DAD7D71477DB
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B24A346474C985F964E7129AB4550EF8
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5D677C9BE92FC3A0F7AD5EA877302B9B
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 727DDC52715C5009CB964DE2CAA9BEC7
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C1E6B49E8049E2211D63CDF58E14F235
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F7854FCDFFBB4733C9206A3F08E821B8
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 628C60CD505B8B02D7BE3B8AB5168003
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 97D3B2F9FB9CE26357BA4DB60FDA082A
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 38505025A341A8DCB68A669B048F47FC
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 53378A65F8438A78B91B158A4FBF4513
Requests: 10 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 6A9900D653EDEB5AEEAF76C0103438C1
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: E61191867C033FDF3E767739B61D011A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: AB10128F6F45D9DB2B4A60183B5BC29C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: DF129ECD13E1B63183CCE0E43B810622
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: B9C45E6E786D16099D2D4676C4535603
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: 5318FF5381BA305EEF0D24FF431E7843
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Frame ID: F8EC73E9435B413D6E2A72B42010BFED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новини - останні новини України та світу сьогодні - Korrespondent.net

Page URL History Show full URLs

  1. http://korrespondent.net/ HTTP 301
    https://korrespondent.net/ HTTP 302
    https://ua.korrespondent.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1287
Requests

91 %
HTTPS

25 %
IPv6

113
Domains

177
Subdomains

123
IPs

14
Countries

13768 kB
Transfer

30077 kB
Size

167
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://korrespondent.net/ HTTP 301
    https://korrespondent.net/ HTTP 302
    https://ua.korrespondent.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3D7a1b11ff-3ef2-4dee-afaa-5010608bc125&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=aba9628a-c095-4000-aa2f-02433781728b&expires=30&ssp=prodoohmox&bsw_param=7a1b11ff-3ef2-4dee-afaa-5010608bc125&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.mox.tv/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125 HTTP 302
  • https://ad.mediawayss.com/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8= HTTP 302
  • https://ad.outstream.today/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw== HTTP 302
  • https://ad.adopx.net/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
  • https://ad.invamia.com/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
  • https://ad.vidverto.io/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQudmlkdmVyLnRv HTTP 302
  • https://ad.vidver.to/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=
Request Chain 161
  • https://gaua.hit.gemius.pl/_1653260436227/rexdot.js?l=100&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fua.korrespondent.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=iK3Q6F7M_o4jAOVuVqyYD0rmQvPhFhWcUZyGqd5KZV3.p7o3SnEdjl6ykEQqA2M.E_1WfkA7PmAsqFm1KDxWWmBR0TB9/LKy1QwibqnkZd/&ltime=420&fpdata=BFkaAV1Gp32N1sPaR3BHCIcpx6NswKzHHz3wU5gYh6P.87&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1653260436227/rexdot.js?l=100&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fua.korrespondent.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=iK3Q6F7M_o4jAOVuVqyYD0rmQvPhFhWcUZyGqd5KZV3.p7o3SnEdjl6ykEQqA2M.E_1WfkA7PmAsqFm1KDxWWmBR0TB9/LKy1QwibqnkZd/&ltime=420&fpdata=BFkaAV1Gp32N1sPaR3BHCIcpx6NswKzHHz3wU5gYh6P.87&fpcap=
Request Chain 164
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=1d5f3162-9159-528f-a74f-4cdcc5c58c49&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.mox.tv/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125 HTTP 302
  • https://ad.mediawayss.com/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8= HTTP 302
  • https://ad.outstream.today/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw== HTTP 302
  • https://ad.adopx.net/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
  • https://ad.invamia.com/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
  • https://ad.vidverto.io/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQudmlkdmVyLnRv HTTP 302
  • https://ad.vidver.to/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=
Request Chain 184
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 228
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1
Request Chain 279
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YorAlj6DHKWdlS.o0q0o5wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1&google_hm=2
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELNcwOlTcBv5_Yeb5B-4tsE&google_cver=1
Request Chain 281
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MzgwNDAxNjA1MDYwMDQ5NA%3D%3D
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1
Request Chain 283
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YorAlj6DHKWdlS.o0q0o5wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1&google_hm=2
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELNcwOlTcBv5_Yeb5B-4tsE&google_cver=1
Request Chain 285
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MzgwNDAxNjA1MDYwMDQ5NA%3D%3D
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENqx9Pcx-yZ_1FM1NAQKgt8&google_cver=1
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEGRHY36KDRb_eUAet7670vQ&google_cver=1
Request Chain 307
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 312
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 327
  • https://mc.yandex.com/watch/61684903?wmode=7&page-url=https%3A%2F%2Fua.korrespondent.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anw88wxnrj5w8iczvruuw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A1366514416859%3Ahid%3A540311642%3Az%3A0%3Ai%3A20220522230037%3Aet%3A1653260438%3Ac%3A1%3Arn%3A239565621%3Arqn%3A1%3Au%3A1653260438127775828%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1653260436645%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C5%2C0%2C5%2C5%2C0%2C5%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1653260438%3At%3A&t=gdpr(14)mtb(0)aw(1)rqnt(1)cs(1)efid(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/61684903/1?wmode=7&page-url=https%3A%2F%2Fua.korrespondent.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anw88wxnrj5w8iczvruuw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A1366514416859%3Ahid%3A540311642%3Az%3A0%3Ai%3A20220522230037%3Aet%3A1653260438%3Ac%3A1%3Arn%3A239565621%3Arqn%3A1%3Au%3A1653260438127775828%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1653260436645%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C5%2C0%2C5%2C5%2C0%2C5%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1653260438%3At%3A&t=gdpr%2814%29mtb%280%29aw%281%29rqnt%281%29cs%281%29efid%281%29ti%282%29
Request Chain 329
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAcxvEL8EVle5nPIAU5gB3Q&google_cver=1&google_push=AYg5qPIp6045xXOdMxu44HCPNbXbyFyXaqOPXp4ewfSX-gewj6BABo7cvTZn9hRFh7yxIblipMTXHfYN9_-AVikboMPafPHxyYfm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIp6045xXOdMxu44HCPNbXbyFyXaqOPXp4ewfSX-gewj6BABo7cvTZn9hRFh7yxIblipMTXHfYN9_-AVikboMPafPHxyYfm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAcxvEL8EVle5nPIAU5gB3Q&google_cver=1&google_push=AYg5qPIp6045xXOdMxu44HCPNbXbyFyXaqOPXp4ewfSX-gewj6BABo7cvTZn9hRFh7yxIblipMTXHfYN9_-AVikboMPafPHxyYfm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIp6045xXOdMxu44HCPNbXbyFyXaqOPXp4ewfSX-gewj6BABo7cvTZn9hRFh7yxIblipMTXHfYN9_-AVikboMPafPHxyYfm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 330
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECHvRGYKkzl4yuE0CzVBBs0&google_cver=1&google_push=AYg5qPK7ZRtXOkp5pHFDEbgXW6FSq2VN3390m_5kxHx349VhohhQyBPw_Ne5RR3bpMlxaeXlpIXP0d4eTc6-kuSB-e0gHQ7_peFh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDY5OTUxMjk5NjgyMTE0Mw%3D%3D&google_push=AYg5qPK7ZRtXOkp5pHFDEbgXW6FSq2VN3390m_5kxHx349VhohhQyBPw_Ne5RR3bpMlxaeXlpIXP0d4eTc6-kuSB-e0gHQ7_peFh
Request Chain 334
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIcloNQCWBnsaJwjQ9x4gRvWwrQ1D6f40WFdgTrKqcX0UhE6AO9fTBGa8C78LqnxBQcUGlZNhUewJSy7uOMAPLsfD65fKsV&google_gid=CAESEIqikCgzTz1vEblacK8i8PM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9yQWxnQUFCR0FNV1VscA&google_push=AYg5qPIcloNQCWBnsaJwjQ9x4gRvWwrQ1D6f40WFdgTrKqcX0UhE6AO9fTBGa8C78LqnxBQcUGlZNhUewJSy7uOMAPLsfD65fKsV
Request Chain 336
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMGbOP-eFarXjqXtB9-diMI&google_cver=1&google_push=AYg5qPKUPI_MSF3pASOjKLkY43YieuyEy1WzWa8J-N3VeObdibdRiEvr-bpYmbo8WNrhVq3ShHlBGBqZY585v1cVtXPrzNe36oxU HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMGbOP-eFarXjqXtB9-diMI&google_cver=1&google_push=AYg5qPKUPI_MSF3pASOjKLkY43YieuyEy1WzWa8J-N3VeObdibdRiEvr-bpYmbo8WNrhVq3ShHlBGBqZY585v1cVtXPrzNe36oxU&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fN9TtjE2QHe-NtyI3hJBSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUPI_MSF3pASOjKLkY43YieuyEy1WzWa8J-N3VeObdibdRiEvr-bpYmbo8WNrhVq3ShHlBGBqZY585v1cVtXPrzNe36oxU
Request Chain 337
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM-__DDD9VUp1M6fg3cfFUo&google_cver=1&google_push=AYg5qPL75i9PkO7raBhxEzkg8lySyaiuCxrmNxj0BJIBM8TJSffzjO6az7mkx212g6bg3RsSggKhudSHyHNhZWoBTlJuaeBPc9Bx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIV0tVWEctMTEtSTlJQw==&google_push=AYg5qPL75i9PkO7raBhxEzkg8lySyaiuCxrmNxj0BJIBM8TJSffzjO6az7mkx212g6bg3RsSggKhudSHyHNhZWoBTlJuaeBPc9Bx
Request Chain 338
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMaegtGuk1P3utgOOaYgAXQ&google_cver=1&google_push=AYg5qPLJR4wJZHEIPDrXqD4Pl050e5WybOaQpQiWzCTCAJiIK_QLBpzGVBt9ZmUR5iEW4K5clwloTuGZEYv17-S2H14fB3NQEYI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&google_push=AYg5qPLJR4wJZHEIPDrXqD4Pl050e5WybOaQpQiWzCTCAJiIK_QLBpzGVBt9ZmUR5iEW4K5clwloTuGZEYv17-S2H14fB3NQEYI&google_gid=CAESEMaegtGuk1P3utgOOaYgAXQ&google_cver=1
Request Chain 345
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBkVtka8j5XLH6aPQp2Jrm0&google_cver=1&google_push=AYg5qPJMVBYkyDhlgQclIc3EIKhqLhqJdCcByusYOnZSaIvw-Z3L0KGpHYq7dNH1GZ92o3wxa9atBqCrcaQxv23AOFuz8PF13Stz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=q6liisCVQACqLwJDN4Fyiw&google_push=AYg5qPJMVBYkyDhlgQclIc3EIKhqLhqJdCcByusYOnZSaIvw-Z3L0KGpHYq7dNH1GZ92o3wxa9atBqCrcaQxv23AOFuz8PF13Stz
Request Chain 346
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDcPZaELR1k7eCa9gRTN-kg&google_cver=1&google_push=AYg5qPLjATqvOxUc5Ffg3Q_JG2m-o-uOjxmd_UeR8_C3NtpU-AIPeQ0K3y1mZYDQw3kkylFSPovFTcy9ApPgMt7gi48EY0jpSkks HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDcPZaELR1k7eCa9gRTN-kg&google_cver=1&google_push=AYg5qPLjATqvOxUc5Ffg3Q_JG2m-o-uOjxmd_UeR8_C3NtpU-AIPeQ0K3y1mZYDQw3kkylFSPovFTcy9ApPgMt7gi48EY0jpSkks HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwMDM2NzM3NjEzMjY2NDk3&google_push=AYg5qPLjATqvOxUc5Ffg3Q_JG2m-o-uOjxmd_UeR8_C3NtpU-AIPeQ0K3y1mZYDQw3kkylFSPovFTcy9ApPgMt7gi48EY0jpSkks
Request Chain 348
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED6ybLAOpUCZdTn0FfQOAqA&google_cver=1&google_push=AYg5qPIncl8sXr_ufnRWO1zNoKxNZdEdi_wQxK0zxObgjj_x6MA7Uj6su-995Bvk-Kv08xyUstZnjH5j1tdl6nlJ9DV4MtcRSIbV HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPIncl8sXr_ufnRWO1zNoKxNZdEdi_wQxK0zxObgjj_x6MA7Uj6su-995Bvk-Kv08xyUstZnjH5j1tdl6nlJ9DV4MtcRSIbV&google_gid=CAESED6ybLAOpUCZdTn0FfQOAqA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA0NDIwNDE3MDIwMzk4NTkxNjg0MA%3D%3D&google_push=AYg5qPIncl8sXr_ufnRWO1zNoKxNZdEdi_wQxK0zxObgjj_x6MA7Uj6su-995Bvk-Kv08xyUstZnjH5j1tdl6nlJ9DV4MtcRSIbV
Request Chain 349
  • https://cs.media.net/cksync?type=g&google_gid=CAESEMg3HxlXel_D-94q_jdzUq4&google_cver=1&google_push=AYg5qPLiOjP432SOhstyunYqY61EPMtCb6Kl3hk1849ONZd7-qVd5IAqDnCputE2Tkpr-U1IjhY9pa8Z9tTFK0pfUIX-QcoMVWFl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk2MjYyMDM4ODI4MDM4NjAwMFYxMA%3d%3d&mn_hm=Mjk2MjYyMDM4ODI4MDM4NjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLiOjP432SOhstyunYqY61EPMtCb6Kl3hk1849ONZd7-qVd5IAqDnCputE2Tkpr-U1IjhY9pa8Z9tTFK0pfUIX-QcoMVWFl&gdpr=&gdpr_consent=
Request Chain 631
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adform&bsw_custom_parameter=7a1b11ff-3ef2-4dee-afaa-5010608bc125&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=91d0748b-3725-4812-ad62-4bdf18331886&expires=1&user_group=5&ssp=adform&bsw_param=7a1b11ff-3ef2-4dee-afaa-5010608bc125 HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=7a1b11ff-3ef2-4dee-afaa-5010608bc125&adform_v=1
Request Chain 632
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEFqv8RvuviCridNaJVQLIuw&google_cver=1&adform_v=1
Request Chain 633
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=1293804016050600494
Request Chain 634
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=34e3cb87-a63f-402b-b05e-c0c5e31a0ae3
Request Chain 636
  • https://trc.audiencemanager.de/ad/?pl=6247113c3104805709594f35&cb=1121703254&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3D&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&liiftaucid=4304040353409451151 HTTP 307
  • https://trc.audiencemanager.de/ad/?cb=1121703254&liiftaucid=4304040353409451151&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&pl=6247113c3104805709594f35&tc=https://fra1-ib.adnxs.com/click?3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=MzYyMyNGUkExOjUzMDk=/bn=93154/clickenc=&cookieId=4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5
Request Chain 650
  • https://trc.audiencemanager.de/ad/?pl=6247113c3104805709594f35&cb=58990947&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjQ0MzY%3D%2Fbn%3D92914%2Fclickenc%3D&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&liiftaucid=4601927983503357598 HTTP 307
  • https://trc.audiencemanager.de/ad/?cb=58990947&liiftaucid=4601927983503357598&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&pl=6247113c3104805709594f35&tc=https://fra1-ib.adnxs.com/click?3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=MzYyMyNGUkExOjQ0MzY=/bn=92914/clickenc=&cookieId=4524a54d1bae04d7b05febe02312c8be84b6e34da31afffdf5190cadea1d3e93
Request Chain 666
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=adform&gdpr=&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=273&smartmap=1&gdpr=&gdpr_consent=&redirect=x.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D%25_rid%26ssp%3Dadform HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D270%2526expires%253D10%2526user_id%253DHHt10NrrgaVbjXYSbRRSWjjR%2526ssp%253Dadform HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D270%2526expires%253D10%2526user_id%253DHHt10NrrgaVbjXYSbRRSWjjR%2526ssp%253Dadform&xl8blockcheck=1 HTTP 302
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=98fb91dfad23fd6ca1793c70986750f0&gdpr=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3DHHt10NrrgaVbjXYSbRRSWjjR%26ssp%3Dadform HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=HHt10NrrgaVbjXYSbRRSWjjR&ssp=adform HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=7a1b11ff-3ef2-4dee-afaa-5010608bc125&adform_v=1
Request Chain 667
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEFqv8RvuviCridNaJVQLIuw&google_cver=1&adform_v=1
Request Chain 668
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=1293804016050600494
Request Chain 669
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=34e3cb87-a63f-402b-b05e-c0c5e31a0ae3
Request Chain 686
  • https://hal900019.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=50138d10ad&subid=&uid=2f0eb7f0d812db9f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2832066629117460572%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dempfpdc%26e%3D1695597276133&ancestorOrigins=https%3A%2F%2Fmediawoot.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=4580371458881&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900019.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=50138d10ad&subid=&uid=2f0eb7f0d812db9f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2832066629117460572%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dempfpdc%26e%3D1695597276133&ancestorOrigins=https%3A%2F%2Fmediawoot.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=4580371458881&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 698
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAqsA2xy_Otdc3VJ8l9jBgk&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAqsA2xy_Otdc3VJ8l9jBgk&google_cver=1&__user_check__=1&sync_id=00dc1565-da23-11ec-b1b2-1974e5cf0406
Request Chain 699
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=00d489d3-da23-11ec-9919-10a0cca80106 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDBkNDg5OGUtZGEyMy0xMWVjLTk5MTktMTBhMGNjYTgwMTA2
Request Chain 700
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEBxP5KMJRJuvTG-5YvuSYeI&_origin=1&google_cver=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEBxP5KMJRJuvTG-5YvuSYeI&_origin=1&google_cver=1&verify=true
Request Chain 701
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
Request Chain 705
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=korrespondent.net&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&cw=1&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=2yN8yXxuamRoWDNETW1sQlpEbVo5ZHV0Z1l4ZnBVeEdCbUk0RCs1VVhYeksrWVV2U0REcnI1MVJzMzk5TEFYMTNDWEtTT3pzVXFMR2Z5elZyang2SytDOURWSC9LOUx1QlJaaUtZNUltUzd2NHhlNDNjSXR3QWZTazJwZVc3cXVyc3JMdnROYU9MRm1teEs3d042YVVzWnFOZ3E2YmR1bXZ2NGlKOVJ0MDhHcFlzT2hQcGVmVXNSekQ0eWJOZnpqMTZLaWxkQlkvKzFDRnhKZWJZWXdFcFR5YWVmLy8vb1BSb0M1cmNEbzlNcUowNlozaVptdnRENVUxL2FQR0h1b3UxeFlpMjBsWlBGQlVFOWdCWkdtREJOR0laU08xcjd5Ui92OER0TytId3N1QjRiVT18&cppv=2
Request Chain 727
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 780
  • https://trck.fairnergy.org/trck/epv/ccf3afbe25b4488c67616d97a1db96e9?subid=39170100004831600951425011968008&t=htlp HTTP 301
  • https://trck.fairnergy.org/trck/htlp/htlp.html?utm_source=affiliate&host=fairnergy.org&pvid=628ac09a10134340b0391383
Request Chain 816
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN0uAHx4NDvOhK0g-v7QSg4&google_cver=1&google_push=AYg5qPJZMYOMVIDL8UmhTfen816KxwxOsiaTCPekmph4y2TykKzV6Yk6jfa1_tprUY2BJsULb6oN9M1W5LxUP278A_kfQ50OvrQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJZMYOMVIDL8UmhTfen816KxwxOsiaTCPekmph4y2TykKzV6Yk6jfa1_tprUY2BJsULb6oN9M1W5LxUP278A_kfQ50OvrQ&google_hm=hrTkTI-QXWZ23GDImkQr6Q
Request Chain 818
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECHvRGYKkzl4yuE0CzVBBs0&google_cver=1&google_push=AYg5qPIKsl9tTXmCaWU4u8tuj7SkgnZ5yNOpBF6gInTh2F4zWVXs6Gq_eCpo15juTxGVZh1DDIEJrj36sI2BmPMLjT3eNnuH90lp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDY5OTUxMjk5NjgyMTE0Mw%3D%3D&google_push=AYg5qPIKsl9tTXmCaWU4u8tuj7SkgnZ5yNOpBF6gInTh2F4zWVXs6Gq_eCpo15juTxGVZh1DDIEJrj36sI2BmPMLjT3eNnuH90lp
Request Chain 965
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=korrespondent.net&sn=ChromeSyncframe&so=3&topUrl=ua.korrespondent.net&bundle=NzAdA190YVFpSHpFMGM1MGV4ZGFkWWtSN1AlMkJtSm5zVzhBdGhBJTJGOE45THV3S1ZBNEVxTzVTTVRWNG9oUkZFcTVwZDhvQXlnS1U2R2VmUlR1aEhCZE1zUlUwYjZTZmlKU1djcndxJTJCcHFOd3p3dUIlMkJmUmdqU29mdTVZalJkdXZoaDZJU3pGR1ZlSGY5YzZqUk5FNTNQa0thNXc4Rm9Jbmo2c28yVTNKUGpISm0wa01CcyUzRA&cw=1&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Ysha6Hw0cVJsc01pUUJsdjdFcjlCM0dqK00yREQ1TmJNWWk1V2Jnc2k4YXZZT1dZVW04MDg0NE1nN0h5bkUzY1ZLd2g5ZEp6NWRnTVA4SE4rbXJraEZESCswTGgzUk4yNjIwMEZyMjVPa2VuNnl6QnIzemtaVk1LU2tOUkRidmVzVE1McUdEMG5FRWJZR2x5TklTN0F3bGRLWXNpbzF5OUZMWTZSZ3RLSkY3SWdkYWVNbW9GaStZMWdVVDgwR0hkWmIxMXZUQUVQMGI2MUJmZGkvNGZnUjFBM055ZmV5RWxXMFVWa2s0aVVLZjBkcmVaTytqNEp4aWY3alorRjJtWHlOVXFCMnJMbHozRHpQd1VvdndmMGJkdHNOZzRMWXFEVjduSmlEN1lSV2JJZmMvOD18&cppv=2
Request Chain 1110
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&dcc=t
Request Chain 1116
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7065468451559907359&uid=Q7065468451559907359&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 1121
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&dcc=t
Request Chain 1124
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=cac74d0e-d345-4e26-960b-7f2d81aca944&us_privacy=null&gdpr_consent=null&gdpr=1
Request Chain 1125
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=x_pqOpL4a2_crmI4wP1_acKqZG_c-GBjyay4CjD6
Request Chain 1130
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIV0tWWE4tMTktSE1XSQ==
Request Chain 1131
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmIwNWVlOWJmOTFiMjdiMDA5ZjdjOTFjZWI2YzQyMGRlZTlmNDkwMA
Request Chain 1132
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=llh7roX2SAq097_7DBwEmA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=llh7roX2SAq097_7DBwEmA
Request Chain 1133
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/VMCOtyEEZZdMbHFvHkkg-Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3750020954833946395
Request Chain 1134
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHbyot2tf2MP7ta3nHj97HU&google_cver=1
Request Chain 1135
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3HWKVXN-19-HMWI
Request Chain 1139
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
Request Chain 1140
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8a500005-263c-4624-a857-cada35ce1fa8&expiration=1684796445
Request Chain 1141
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9148799219336436403
Request Chain 1142
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 1146
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YorAnQADVPJpNAA2 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YorAnQADVPJpNAA2&gdpr=1&_test=YorAnQADVPJpNAA2
Request Chain 1147
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8932626437222652595
Request Chain 1149
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 1150
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=e547c99f-390b-4f15-a395-abd2fcc18485
Request Chain 1151
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 1156
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YorAnQADU_2o9gAo HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YorAnQADU_2o9gAo&gdpr=1&_test=YorAnQADU_2o9gAo
Request Chain 1160
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=6bGR7mBZTSdK3NPdt5sIj9ly2hM
Request Chain 1161
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 1164
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3312134102264273587
Request Chain 1168
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196422168524089
Request Chain 1173
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2591558161884994227
Request Chain 1174
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YorAnQADSo9QOQAj
Request Chain 1175
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
Request Chain 1177
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 1178
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1653346845&gdpr=1
Request Chain 1182
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
Request Chain 1183
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8716453655108868787
Request Chain 1185
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YorAnQADVTpqaQA2 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YorAnQADVTpqaQA2&gdpr=1&_test=YorAnQADVTpqaQA2
Request Chain 1186
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1521be1b-ae28-4987-9d43-5e66cfe08a06
Request Chain 1188
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 1191
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
Request Chain 1192
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1653346845&gdpr=1
Request Chain 1195
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=645de8a2-bd4b-404a-a27d-decf8eedfc2d&expiration=1684796445
Request Chain 1196
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9220856813374364339
Request Chain 1198
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=x_pqOpL4a2_crmI4wP1_acKqZG_c-GBjyay4CjD6
Request Chain 1201
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9eNmxq0s1NSUz35&gdpr=1
Request Chain 1202
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&dcc=t
Request Chain 1205
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=ed4a2fb5-3d8a-47ec-af4a-62ba4caf4f86&us_privacy=null&gdpr_consent=null&gdpr=1
Request Chain 1207
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=x_pqOpL4a2_crmI4wP1_acKqZG_c-GBjyay4CjD6
Request Chain 1208
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 1210
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 1212
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 1216
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 1217
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 1218
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336718502722488
Request Chain 1219
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1669158045&external_user_id=5cee00e2-8339-4cbb-a5ae-7acdc5326c35
Request Chain 1221
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6bce9e733dbc4d829d8ad7705de7026f&expiration=1655852445
Request Chain 1223
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0b4e7569-f609-47a7-af8d-35203eee8a25&us_privacy=null&gdpr_consent=null&gdpr=1
Request Chain 1225
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 1226
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 1227
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196422168524088
Request Chain 1228
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=_BAOVK6cQw1G8eYHrydjINly2hM
Request Chain 1229
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9eNmxq0s1NSUz35&gdpr=1
Request Chain 1231
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2519500567847066291
Request Chain 1235
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9eNmxq0s1NSUz35&gdpr=1
Request Chain 1236
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=sAeoejtuRblu3RpTx3buzNly2hM
Request Chain 1237
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588520348080786
Request Chain 1238
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 1240
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 1243
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 1285
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=VehIsHx6TjhKRExjd0E4NkZJVkJ0Zk1qb1l4UkJYczJFZ1h6Qm9LTm02U3BkVXNZSlpKMi8wUzZZbWREd29qcE1pQVdSNEVrYkpyb2cxMVhTa3hLQ3pKOStFbHpJRjZqNUE4QUdxMGVBQnFFVE9pRUlGbUtUVnRURnp4ckV2OHhoSytmQXdYc3ozTTJYWmw3MDc2eFNPMkI4N0srR0xPVEduYktEcGluelBFbUdwSC9MemR1M1RkeG1POTAzOXBNVS8rUk90OWdWaHJNbStIbkI2RUdOUDBYU2R3Y3ptZjFnc0phcmVJS0s3bUR4ZlVBS1p0NnNsbGtoeU9YSkloNURHbUNVTjFBWmticlVVNHozSnI0TDU1bGF6UmVUOVpFTGF4SERYR3pyWmZDclBIcz18&cppv=2
Request Chain 1288
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=aFipWHxBdXI4clM0RzVVbGFzdjVxbWd5Wm0yQVFxdklyajJNbjRVYlpheW13U1NJS1ovRlU2ZXg2MFFnWnovc09hMjZ6WVlxSDcrSzlMelphSG40Y2pkNmNXRnI3MkY4TytVbEliakRQUm1OMTVuUkpTYXZ3a01vQ0tDL0hFYUo3cTU1ZmZmUzJ4dk9BTHhPdkZGYnNFblVGUDlXb3JOQ2VkNjFTOEFodzBhZHpXcGFFNkhic2VDUklVUDEvNXZxaTRoMmRvVXZvam02RHM1N3J0cXozU1NrZUtpZmUrOXRXTzFNblE1MS9hSy9ENzZrcHRuQklYZERkdTZPbk1Ba1EweW1uWERxRzA5Mjl3VTZyLzEwcVlmaDFhSDd6Skc5OCtFWlNPR3pLaUhjVStxYz18&cppv=2

1287 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ua.korrespondent.net/
Redirect Chain
  • http://korrespondent.net/
  • https://korrespondent.net/
  • https://ua.korrespondent.net/
131 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5385860e7ba5b0fd751056a822b052e16377513a57eb0ff2e5772aa5a12db139

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
70f92b3c1e619b74-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 22 May 2022 23:00:35 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
70f92b3aeca39b74-FRA
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 23:00:35 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ua.korrespondent.net
server
cloudflare
x-powered-by
ASP.NET
opensans-condbold-webfont.woff
csskor.ill.in.ua/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/fonts/opensans-condbold-webfont.woff
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26dc9aca8f2ab8bbb58b5e9e5918988475e42f7cffad974698a71b2addc6ec5b

Request headers

Referer
https://ua.korrespondent.net/
Origin
https://ua.korrespondent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
last-modified
Wed, 18 Dec 2013 10:08:55 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7499fa28d9fbce1:0"
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
49816
index.min.css
csskor.ill.in.ua/css/ 		188 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3c914c5ec7768654dc4f35534b46d2da72708c4db16148a833ce1847b893f60a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"80b91c43f335d71:0"
last-modified
Tue, 20 Apr 2021 14:41:35 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
30556
responsive.min.css
csskor.ill.in.ua/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/responsive.min.css?v=1.1.2
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eda53a126b9ad636ada21bc74b0e54c5dfa526083e7a876b17eb90061254d275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"08f70dd1331d71:0"
last-modified
Wed, 14 Apr 2021 09:52:22 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
5192
admin.css
csskor.ill.in.ua/css/ 		3 KB
936 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/admin.css?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d2fbad9636c1fb1ddc3e083984f2b5d3a955a32fdb6247876aabee203958e7dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"0dce73f2e70cf1:0"
last-modified
Thu, 15 May 2014 11:10:16 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
855
adv.css
csskor.ill.in.ua/css/ 		2 KB
603 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/adv.css?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2791dcb76821658dce3165022548a9d1032f4c99efe7acfaafdd6327cbd88129

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"0dce73f2e70cf1:0"
last-modified
Thu, 15 May 2014 11:10:16 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
560
jquery-ui-1.9.2.custom.css
csskor.ill.in.ua/css/jq/ui/smoothness/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/jq/ui/smoothness/jquery-ui-1.9.2.custom.css
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1885450c0476075437b5f7356ec5dc33fa5179e850cc4dbf59c29f37744818f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"066d961b32cf1:0"
last-modified
Tue, 25 Feb 2014 11:20:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
6146
royalslider.min.css
csskor.ill.in.ua/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/royalslider.min.css?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bcab73e79e54f5f8b0cf77546f937aaf4aed60947fc1e4a7801813ed34728c4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"0b82a90356dd41:0"
last-modified
Fri, 26 Oct 2018 14:09:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2594
elections.css
csskor.ill.in.ua/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csskor.ill.in.ua/css/elections.css
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cefac0898ee1d19ff1fc498113e6f7b81a0f5a6e63b3ae72106cde5d0454bc01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"0c5215929f2cf1:0"
last-modified
Mon, 27 Oct 2014 21:02:42 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2480
js
www.googletagmanager.com/gtag/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1609229-9
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b9c2ac5e45fc4aaedd79d1e1bcc63943559d44ace188c8f64430b873b59084b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39166
x-xss-protection
0
last-modified
Sun, 22 May 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 22 May 2022 23:00:36 GMT
jquery.min.js
jskor.ill.in.ua/js/jq/ 		125 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/jquery.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cafe2ccc723f38d12406fdcc2b9777f7f89363a39bbd09c91bb75876f24141fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
39559
jquery.Storage.js
jskor.ill.in.ua/js/jq/ 		1 KB
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/jquery.Storage.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
11449813770e57069d077ac0ad5beb3f7406204c87d961ba1b53c30dba58b3c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
559
jquery.lazyload.mini.js
jskor.ill.in.ua/js/jq/ 		4 KB
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/jquery.lazyload.mini.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9ed325bb4e1bd9f76da8039c87602d63b91e6963d6bf830e62d938a1b90cd133

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
901
jquery.tmpl.min.js
jskor.ill.in.ua/js/jq/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/jquery.tmpl.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
af6592d435a34ae2cbc384c908b2000e3a33f3c3d7bace1a84ba7880a8a80d9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2804
scrollable.js
jskor.ill.in.ua/js/jq/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jq/scrollable.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3224cd51f4161d44547a1f5a57a5566582c3d6a690d2212af8a0a8739d0c8e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"0a5952db3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:46 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2214
menu.js
jskor.ill.in.ua/js/modules/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/modules/menu.js?v=2
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a58c45b495338481a91c73729bf3916ce6c7d8e9f0566c0e731a7a3da7dba81c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"0d2c62eb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
1610
profile.js
id.korrespondent.net/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.korrespondent.net/js/profile.js?v=3
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
214227a16b4ff571023cbfabe1a74a46b33fb30abbcd8d1a722ae12e3afeb794

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"805bc4c505fd41:0"
last-modified
Mon, 08 Oct 2018 21:45:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
1803
common.min.js
jskor.ill.in.ua/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/common.min.js?v=1.3.5
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6c288ff9874a992ad5021f7197dbcae181ccbc9b1ced648acd5d9efa6ca51f7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"8079673e54d81:0"
last-modified
Tue, 19 Apr 2022 22:37:19 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
1649
dropdown.min.js
jskor.ill.in.ua/js/ 		2 KB
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/dropdown.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d169a4b4bf7e00787e12931b5c2040d76f6995b3ba3f06050274b28644b47d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
900
select.min.js
jskor.ill.in.ua/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/select.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c5cad78844631f748de4f5526652f08ae1504dce421b6e8dcd796af07e639ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"0d2c62eb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
4138
jquery.royalslider.min.js
jskor.ill.in.ua/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/jquery.royalslider.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
daa9c1c00563b973df8c5dad719b8670a599a9465ba9bbac4d222c586b538571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"0d2c62eb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
16792
holder.js
i.holder.com.ua/t/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.holder.com.ua/t/holder.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
i1.i.ua
Software
nginx /
Resource Hash
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2017 14:14:15 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Mon, 22 May 2023 23:00:36 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-05-22T22:56:33+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Mon, 16 May 2022 12:35:25 GMT
branding.js
jskor.ill.in.ua/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/branding.js?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
898e180e28f0d79507e9383a6f58303043c24013cca819f7451381562f323093

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"8024146284dcd71:0"
last-modified
Thu, 18 Nov 2021 13:58:37 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
1794
hide-banners.js
jskor.ill.in.ua/js/ 		2 KB
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jskor.ill.in.ua/js/hide-banners.js?v=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dd89c698f5518b8e74892fd52085772390a4cb078ff04939584650c0d3507c67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
etag
"04941ac51d51:0"
last-modified
Tue, 13 Aug 2019 07:52:08 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
647
api.js
ua.korrespondent.net/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
70f92b3eda1d9b74-FRA
logo.png
ua.korrespondent.net/i/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.korrespondent.net/i/logo.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bc485c60c1e0395cf0c58a2a9bcc80550b8f289f5be78594484b3eeed36c37d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2016 11:44:00 GMT
server
cloudflare
age
1270
x-powered-by
ASP.NET
etag
"0c0d08369dbd11:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
cf-ray
70f92b3eda1e9b74-FRA
content-length
5600
2738673.jpeg
kor.ill.in.ua/m/610x386/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/610x386/2738673.jpeg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9fcf864f0ee0488b12595c20cd8ef1546da1eaa456625a3f49ac974a1e852e00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 21:16:56 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
64436
expires
Sun, 22 May 2022 23:04:11 GMT
2738676.jpg
kor.ill.in.ua/m/400x253/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2738676.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
269b74637974621bf6bdd5c2f829a8d9ce45e840cba947c92958f0d5798b50ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 21:40:33 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
36164
expires
Sun, 22 May 2022 23:11:09 GMT
2738668.jpg
kor.ill.in.ua/m/400x253/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2738668.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a341ce4ddd66e3b9f6514a92774de06512f5f14e24ab1918d264be70ab548148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 20:16:58 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
11866
expires
Sun, 22 May 2022 23:08:07 GMT
2738666.jpg
kor.ill.in.ua/m/400x253/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2738666.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3b3975709a89da52613458d56c91493f1cc98ea6c73346a40e67665f754e72e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 20:19:51 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
25553
expires
Sun, 22 May 2022 23:11:09 GMT
2736414.jpg
kor.ill.in.ua/m/400x253/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2736414.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9ee7bfc0c8fb20807f1e7104a3187a575e171ca46419e9565ff45e0a91c61270

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 19:50:17 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
98692
expires
Sun, 22 May 2022 23:11:09 GMT
2738652.jpg
kor.ill.in.ua/m/400x253/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2738652.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9d16e21c8ab66ac2966e091995e1e2af6ed7002ce301ee00880a5753f891f110

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 17:25:11 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
51936
expires
Sun, 22 May 2022 23:07:17 GMT
2738647.jpg
kor.ill.in.ua/m/400x253/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2738647.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6a73e7ade0ec11b10b90551b5320261a9da8c13adadd908d933bba04c30821f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 16:16:29 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
60811
expires
Sun, 22 May 2022 23:07:17 GMT
2738645.jpg
kor.ill.in.ua/m/400x253/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2738645.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
838016c9bf7f9c45c9dede52ea4a804f754cff8c54f283876ad27fdcfff4141d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 15:54:45 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
51202
expires
Sun, 22 May 2022 23:02:28 GMT
2738630.jpg
kor.ill.in.ua/m/400x253/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2738630.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7024db6f01805ec43e0dcc954529f93d4033860c54149a2bebdb953c04476b13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 12:44:53 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
66031
expires
Sun, 22 May 2022 23:11:09 GMT
2738629.jpg
kor.ill.in.ua/m/400x253/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2738629.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
de84be89f4da1b8452fea7684f5dda865aa5c2aa76c2eb10b796b382a28d1267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 12:25:25 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
15875
expires
Sun, 22 May 2022 23:05:41 GMT
2738628.jpg
kor.ill.in.ua/m/400x253/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2738628.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1d777b13030d3f464aaffa86cbb483d45a2fb453ed3f1212a0cb9fce90a2d059

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 12:08:09 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
50994
expires
Sun, 22 May 2022 23:11:09 GMT
2738618.jpg
kor.ill.in.ua/m/400x253/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2738618.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d2f1e42b846f82e9c210c1dcd3425b138750c63d8f57584eac56e1b9a0e64ca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 11:34:37 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
44761
expires
Sun, 22 May 2022 23:03:34 GMT
ajax.gif
ua.korrespondent.net/i/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.korrespondent.net/i/ajax.gif
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dd4fb84ef463207662efa03dbd05515afb3aee6a71fa7c5e56e7b0b13504a7b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2016 11:44:00 GMT
server
cloudflare
age
3559
x-powered-by
ASP.NET
etag
"0c0d08369dbd11:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
cf-ray
70f92b3f0a5b9b74-FRA
content-length
5483
2738654.jpg
kor.ill.in.ua/m/190x120/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738654.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
89b55d06853fca416c4f1e282233cfff2fd4c5994a425be58dca7c630d9866f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 18:09:12 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
17044
expires
Sun, 22 May 2022 23:11:09 GMT
2738595.jpg
kor.ill.in.ua/m/190x120/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738595.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3bb68a613a2fdf1c797553951a6face42bc49e3d479a90d0a66f270f1239ca7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 06:42:22 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
13002
expires
Sun, 22 May 2022 23:15:26 GMT
2738414.jpg
kor.ill.in.ua/m/190x120/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738414.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4a88fd34f0104bb7d4e3a171ec38de5f109a149bb07bbabbb6422da76b428b6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Fri, 20 May 2022 15:05:04 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
13478
expires
Sun, 22 May 2022 23:10:09 GMT
2738380.jpg
kor.ill.in.ua/m/190x120/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738380.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5cf11ee568650a4eed6bd550cf827d01d0d10c0b995af2195509a886c59a1e98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Fri, 20 May 2022 13:19:07 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
15288
expires
Sun, 22 May 2022 23:11:09 GMT
blank.gif
ua.korrespondent.net/i/ 		45 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.korrespondent.net/i/blank.gif
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f2688cfce6737668af724081900a94bfdcf6437cf8372189005178964e7d1831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2016 11:43:59 GMT
server
cloudflare
age
18
x-powered-by
ASP.NET
etag
"f5e98f8369dbd11:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
cf-ray
70f92b3f1a749b74-FRA
content-length
45
2738672.jpg
kor.ill.in.ua/m/190x120/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738672.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bad8a5211e4d7b19ddadfc5d521e57b22d3830b86589195cbc928df83ee47c5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 20:41:48 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
14065
expires
Sun, 22 May 2022 23:00:49 GMT
2738510.jpg
kor.ill.in.ua/m/190x120/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738510.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
196584ddbe825b4430d7fb25a78a856299a55bbf8e95b5838d41730bf81aacd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sat, 21 May 2022 13:11:48 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
8667
expires
Sun, 22 May 2022 23:11:08 GMT
2738488.jpg
kor.ill.in.ua/m/190x120/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738488.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
22ee10595127a65dbac817c1840854f1f495df8146df804f9efdb3e9d0355671

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sat, 21 May 2022 07:07:46 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
14840
expires
Sun, 22 May 2022 23:13:34 GMT
2738485.jpg
kor.ill.in.ua/m/190x120/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738485.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fa638b32cd16ef21015c980eaf4340cf615d2af11319bd54439b4dad47dddb0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sat, 21 May 2022 05:20:38 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
14739
expires
Sun, 22 May 2022 23:10:09 GMT
2738477.jpg
kor.ill.in.ua/m/190x120/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738477.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c33525735a8385af8a1c9f2ac1037e4bb262762bcdd8edbc59736d2c5819fdf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sat, 21 May 2022 01:14:43 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
13845
expires
Sun, 22 May 2022 23:03:15 GMT
2738471.jpg
kor.ill.in.ua/m/190x120/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738471.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
df650c4f8fe03a470f9019f258d6bea6471f0588eb4217ad791d2bb7ae73ef01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sat, 21 May 2022 00:44:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
14880
expires
Sun, 22 May 2022 23:08:09 GMT
2738460.jpg
kor.ill.in.ua/m/190x120/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738460.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b44c36ce3dd6e68a67458e902c6b8fe3fdeab5b929c6a00ac2c4fe83403854c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Fri, 20 May 2022 22:40:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
10814
expires
Sun, 22 May 2022 23:11:09 GMT
2738459.jpg
kor.ill.in.ua/m/190x120/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738459.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1a17a0a2156f6da84f84417acc4820df47848982483ca3892d83cfac8dc19e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Fri, 20 May 2022 22:14:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
6654
expires
Sun, 22 May 2022 23:06:14 GMT
2738457.jpg
kor.ill.in.ua/m/190x120/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738457.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9759a0cd7b14cd2620cda94f55ff5933968c00633992e2c58ea8757345a039b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Fri, 20 May 2022 21:26:58 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
13866
expires
Sun, 22 May 2022 23:11:08 GMT
2738416.png
kor.ill.in.ua/m/190x120/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738416.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1b903a5f6578f672cf5fab63321e7e76272fa9c659b6c8df4eac821102419308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Fri, 20 May 2022 15:08:40 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/png
cache-control
public
content-length
52853
expires
Sun, 22 May 2022 23:10:09 GMT
2738392.jpg
kor.ill.in.ua/m/190x120/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/190x120/2738392.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
51c77910c0db796081281f11b066ee3883e2ea581332c7029502c8a054f8412f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Fri, 20 May 2022 13:50:12 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
14819
expires
Sun, 22 May 2022 23:08:09 GMT
2715997.jpg
kor.ill.in.ua/m/86x115/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/86x115/2715997.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ee83c984c733b9c55a91f42e6cf39ba90c22bc0789296f4b7a5ec189ef24afbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 27 Feb 2022 21:34:42 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
8895
expires
Sun, 22 May 2022 23:01:33 GMT
disclaimer.min.js
ui.ill.in.ua/s/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.ill.in.ua/s/disclaimer.min.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
193.29.200.140 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
2356de1d2ca4b622f2949c68f0659a08d577e86204c4700c439132c5164d17ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:35 GMT
Content-Encoding
gzip
ETag
"d67f5a9ce421d51:0"
Last-Modified
Thu, 13 Jun 2019 12:36:23 GMT
Server
Microsoft-IIS/7.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=31536
Accept-Ranges
bytes
Content-Length
1352
icon-sprite.png
csskor.ill.in.ua/i/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/i/icon-sprite.png
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83ab5047e820c4c9edf0823374a8a31e0119fae38f345a88caa81b46184dfe5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0ef6440fe69cf1:0"
content-type
image/png
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
29852
blank.gif
csskor.ill.in.ua/css/ 		45 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/css/blank.gif
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/royalslider.min.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f2688cfce6737668af724081900a94bfdcf6437cf8372189005178964e7d1831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/royalslider.min.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
last-modified
Tue, 25 Feb 2014 11:20:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"066d961b32cf1:0"
content-type
image/gif
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
45
preloader.gif
csskor.ill.in.ua/i/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/i/preloader.gif
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
90102a5b0d498a0928a1923216a5e922fa4dd138a5c7ecad85c6f5b6cdd6bdab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0ef6440fe69cf1:0"
content-type
image/gif
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
6154
2738453.jpg
kor.ill.in.ua/m/67x43/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2738453.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
91c00c3119d0351f293a28573346b82b584131d772ae79049b270b6747d8debb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sat, 21 May 2022 13:01:28 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2776
expires
Sun, 22 May 2022 23:08:09 GMT
2736414.jpg
kor.ill.in.ua/m/67x43/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2736414.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8f79f887d772a5870b19fc8feaf5e8f2a311498e7fc9b9ede43faeb65a547440

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 19:50:17 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2994
expires
Sun, 22 May 2022 23:05:48 GMT
2737832.jpg
kor.ill.in.ua/m/67x43/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2737832.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
debc9db868fe231a02b2c684896a796e2dea48c8b056b67227531be2df9c5b58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Wed, 18 May 2022 13:49:04 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
3040
expires
Sun, 22 May 2022 23:07:20 GMT
2738414.jpg
kor.ill.in.ua/m/67x43/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2738414.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2001079198446573a757c1679d6ba62a8676f57a0a8806ac3a88b880c0583f53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Fri, 20 May 2022 15:05:04 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
2961
expires
Sun, 22 May 2022 23:04:36 GMT
2738580.jpg
kor.ill.in.ua/m/67x43/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/67x43/2738580.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f4b807507320aafb90ca23edf6ccf0b9b032e374bce232ff34fee99a75a8ed3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 02:02:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
3114
expires
Sun, 22 May 2022 23:07:13 GMT
subscribe.png
csskor.ill.in.ua/i/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/i/subscribe.png
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
84510fffe17fea544ae340bc9373b62106bfccc148f93e8ac4bbed045c64e9a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0ef6440fe69cf1:0"
content-type
image/png
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
4138
s
r.i.ua/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.i.ua/s?u1647&p4&n0.5135032129681918&c1&d24&w1600&h1200&r/ua.korrespondent.net/
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2afdc1c6bf3c9db905a13f09a4c8788ec8991b0e727ceb4d2ce484a62d3116db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-type
image/png
cache-control
no-cache, must-revalidate
cf-ray
70f92b3f989a9229-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
e.js
cdn.umh.ua/libs/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.umh.ua/libs/e.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block;
last-modified
Tue, 01 Mar 2022 15:54:34 GMT
server
nginx
etag
W/"621e41ba-16f4"
access-control-max-age
1728000
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER
expires
Mon, 23 May 2022 23:00:36 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame 6C92 		738 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 23:00:36 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc37
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/46506/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:15 GMT
server
nginx
etag
W/"6282426f-5d41"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/46506/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:04 GMT
server
nginx
etag
W/"62824264-12c39"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
load
z.cdn.umh.ua/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1261666467&div=zone_1261666467&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=913&pl=3&mi=4&me=8&hc=4&n=1653260435396&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=1370070167
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
d82103e020d17c34fa3e22141c5ec1391415c87c3c9a8ad43444a070fd3aa78e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
812
expires
-1
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1609229-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5150
date
Sun, 22 May 2022 21:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 22 May 2022 23:34:46 GMT
mwayss_invocation.min.js
ad.mox.tv/mox/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1261666467&div=zone_1261666467&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=913&pl=3&mi=4&me=8&hc=4&n=1653260435396&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=1370070167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 23 May 2022 00:00:36 GMT
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1711661489&t=pageview&_s=1&dl=https%3A%2F%2Fua.korrespondent.net%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=206402817&gjid=1524962145&cid=1369755530.1653260436&tid=UA-1609229-9&_gid=1857324167.1653260436&_r=1&gtm=2ou5b0&z=915064687
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		102 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P7KPL8
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
921030cf95168038fc608d7e7243d72ec0f5443515e9675a23a2f326ccf737f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40429
x-xss-protection
0
last-modified
Sun, 22 May 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 22 May 2022 23:00:36 GMT
load
z.cdn.umh.ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1479810766&div=zone_1479810766&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=913&pl=3&mi=4&me=8&hc=4&n=1653260435396&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=1370070167
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
6511f2563b8a0b06466f47a1785af3387b643aa7d45ecb7e3f666e72d2e50927

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
988
expires
-1
load
z.cdn.umh.ua/ 		1 KB
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1526170517&div=zone_1526170517&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=913&pl=3&mi=4&me=8&hc=4&n=1653260435396&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=1370070167
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
0e74f0e4f1b6a8d6f80d418a9ca68e9db2d8a43270e77cbb2c600bf5b976396c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
765
expires
-1
s
h.holder.com.ua/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b2222&c1&r22702311&dholder_2222_hp&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
de93670e44de33a8ced08749bb05b1ca2588a7561a7e2d5e9e68c1d868d903cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
1365
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3292&c1&r22702311&dholder_300x60_92&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
load
z.cdn.umh.ua/ 		75 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1624934371&div=zone_1624934371&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=913&pl=3&mi=4&me=8&hc=4&n=1653260435396&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=1370070167
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
97cb426b07a50b994eb79c3e0b49d747c69bbdaf5587f55fe6a8f6b5b2e08929

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
xgemius.js
gaua.hit.gemius.pl/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
59b7f3bff218252c356e1b38ae9289a63b4f16a2d8196ea2222e0418b90cfdd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 10:55:58 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
14060
expires
Mon, 23 May 2022 11:00:36 GMT
user.hnd
id.korrespondent.net/aut/ 		9 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.korrespondent.net/aut/user.hnd?_1653260435566=
Requested by
Host: jskor.ill.in.ua
URL: https://jskor.ill.in.ua/js/jq/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bc788950c34406808d0a6d40ee7d7a0a585a3cebcd266cb72b1a4a8a252f1331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private
weather.hnd
ua.korrespondent.net/widget/ 		2 KB
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/widget/weather.hnd
Requested by
Host: jskor.ill.in.ua
URL: https://jskor.ill.in.ua/js/jq/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9d929d0768d8e1e18f2873c1d0e0ca3419fae7e33b48aa6707d58472e5ca7d3a

Request headers

Accept
*/*
Referer
https://ua.korrespondent.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 22 May 2022 22:59:41 GMT
server
cloudflare
age
55
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
private
cf-ray
70f92b40ece89b74-FRA
preloader_photo-gray.gif
csskor.ill.in.ua/i/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csskor.ill.in.ua/i/preloader_photo-gray.gif
Requested by
Host: csskor.ill.in.ua
URL: https://csskor.ill.in.ua/css/royalslider.min.css?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aa850796db9400b694644339634f8708ffd14e3ac9843972954dcb4571dcb939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csskor.ill.in.ua/css/royalslider.min.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:35 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0ef6440fe69cf1:0"
content-type
image/gif
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
5916
2738672.jpg
kor.ill.in.ua/m/400x253/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2738672.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
79d806d9e341273f6ce864db71c80ff54b60068934c6566700463959e69f5f08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 20:41:48 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
48778
expires
Sun, 22 May 2022 23:04:20 GMT
2738627.jpg
kor.ill.in.ua/m/400x253/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kor.ill.in.ua/m/400x253/2738627.jpg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
de5808ea932124d6b13e1b1139deebc4827635de9c9b2c0dc47a06002699109b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Sun, 22 May 2022 11:54:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
cache-control
public
content-length
52305
expires
Sun, 22 May 2022 23:11:09 GMT
s
h.holder.com.ua/ 		290 B
872 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3279&c1&r22702311&dmain_content_400x400&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
0436ff8bc8306bee2d37b6bb4eabf54814e9cfc3ff948d967d7cf81bc70b80da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
290
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3285&c1&r22702311&dholder_300x60_85&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3286&c1&r22702311&dholder_300x60_86&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3300&c1&r22702311&dholder_300x60_0&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b7718&c1&r22702311&dholder_300x60_18&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b7719&c1&r22702311&dholder_300x60_19&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b7824&c1&r22702311&dholder_300x100_24&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3684&c1&r22702311&dholder_300x60_84&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b6100&c1&r22702311&dholder_300x30_0&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b8040&c1&r22702311&dholder_300x30_40&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b2890&c1&r22702311&dholder_2890_ros&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/ 		258 B
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b8420&c1&r22702311&dfixed_news_link_400x30&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
ed358df033efc26a5d7f285bfd8cd2741a423fbb05a07d1e14bae729068c3744

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
258
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s
h.holder.com.ua/ 		258 B
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b3284&c1&r22702311&dfixed_news_block_400x30&hhttps%3A//ua.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
04290a943779ef9c997c8a1623e2be2702292926baf698f41239d27e72abe874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:36 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
258
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1609229-9&cid=1369755530.1653260436&jid=206402817&gjid=1524962145&_gid=1857324167.1653260436&_u=YEBAAUAAAAAAAC~&z=1652431209
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 22 May 2022 23:00:36 GMT
content-type
text/plain
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
impress
ad.mox.tv/delivery/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1554&height=288&width=400&tld=korrespondent.net&in_iframe=&position=btf&screen_width=1600&screen_height=1200&top_domain=ua.korrespondent.net&top_url=https%3A%2F%2Fua.korrespondent.net%2F&domain=ua.korrespondent.net&url=https%3A%2F%2Fua.korrespondent.net%2F&referrer=&async=1&uid=1971458428
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
78598255cbfd5cfde5f88b784bf81c49982b5d04837a5de8d01814b53473bab1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1479810766&div=zone_1479810766&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=913&pl=3&mi=4&me=8&hc=4&n=1653260435396&url=ua.korrespondent.net%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&zyx=1370070167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7ad51b5a92ebf42399a7c00d4dce62fb61b9a87057af39d2abdf93b8546daea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Origin
https://ua.korrespondent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56442
x-xss-protection
0
server
cafe
etag
6990587102760820985
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 22 May 2022 23:00:36 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame 26AF 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 23:00:36 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc37
67.png
ua.korrespondent.net/i/weather/icon/ 		480 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ua.korrespondent.net/i/weather/icon/67.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
67886b28d90c1245d2cb1b26da3dc8c3c47f56b2bb5c8060fbe8398765281adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2016 11:44:00 GMT
server
cloudflare
age
996
x-powered-by
ASP.NET
etag
"0c0d08369dbd11:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
cf-ray
70f92b41be3b9b74-FRA
content-length
480
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1609229-9&cid=1369755530.1653260436&jid=206402817&_u=YEBAAUAAAAAAAC~&z=1672545462
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1609229-9&cid=1369755530.1653260436&jid=206402817&_u=YEBAAUAAAAAAAC~&z=1672545462
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
10255282
fly-request-id
01FT5BT4R4R9T5XAD97TJZYFJT
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70f92b432b569b2b-FRA
achernar.min.js
ad.mox.tv/js/achernar/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/achernar.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 14:47:09 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6213a5ed-2b1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 23 May 2022 00:00:36 GMT
prebid.js
ad.mox.tv/js/achernar/ 		237 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/prebid.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
last-modified
Fri, 22 Apr 2022 10:13:13 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62627fb9-3b3ea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 23 May 2022 00:00:36 GMT
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9b8aa3c3922ebc7b97f7cc6b6260c9ddbc02a9d97fe7114e598670e6125b864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28588
x-xss-protection
0
server
sffe
etag
"1223 / 581 of 1000 / last-modified: 1653084304"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 22 May 2022 23:00:36 GMT
swiper-bundle.min.js
unpkg.com/swiper@7.3.0/ 		132 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
7217770
fly-request-id
01FWZWKMW4D5XZVDAAQ34HNM8B-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70f92b432b589b2b-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c9cbd7fddb22326efb7e646b53dee5a23d95bca1a168928eaf0d5262c5c9b4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56429
x-xss-protection
0
server
cafe
etag
10688870527740078463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 22 May 2022 23:00:36 GMT
mwayss_invocation.min.css
ad.mox.tv/mox/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-a0a"
vary
Accept-Encoding
content-type
text/css
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
magic.png
bgstats.mox.tv/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
sync
ad.vidver.to/delivery/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3D7a1b11ff-3ef2-4dee-afaa-5010608b...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=aba9628a-c095-4000-aa2f-02433781728b&expires=30&ssp=prodoohmox&bsw_param=7a1b11ff-3ef2-4dee-afaa-5010608bc125&gdpr=0&gdpr_consent=
  • https://ad.mox.tv/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125
  • https://ad.mediawayss.com/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
  • https://ad.outstream.today/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
  • https://ad.adopx.net/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG...
  • https://ad.invamia.com/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVy...
  • https://ad.vidverto.io/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQudmlkdmVyLnRv
  • https://ad.vidver.to/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=
0
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ad.vidver.to/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=
date
Sun, 22 May 2022 23:00:38 GMT
server
nginx/1.14.0 (Ubuntu)
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
result
ua.korrespondent.net/cdn-cgi/bm/cv/ 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ua.korrespondent.net/cdn-cgi/bm/cv/result?req_id=70f92b3c1e619b74
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
server
cloudflare
cf-ray
70f92b422efe9b74-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
login.js
id.korrespondent.net/js/ 		27 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.korrespondent.net/js/login.js?v=4
Requested by
Host: id.korrespondent.net
URL: https://id.korrespondent.net/js/profile.js?v=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
018370cdea1810ad5387e8a6f4ea890e03221d4d87b0d412968a23ba0948af98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
etag
"80801572e0e7d51:0"
last-modified
Thu, 20 Feb 2020 11:25:25 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
4896
dsp.aspx
inv-nets.admixer.net/ 		222 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=1555465260793975.5&cpv=0596db73-8a89-e151-0fce-3d013f452b74&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2274924b03-beda-c7f0-e5c4-185fd3c24f11%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fua.korrespondent.net%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2282d19769-6874-5072-6964-57079bf7f135%22%2C%22tagid%22%3A%22e5fd91e8-bd2f-4dfd-8828-56f30e9914b6%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1624934371%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
b8e6fc57081f56de69a8c4e6e14dbca12ca2e993b9faa5f8a2f7d984db0fab12
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:36 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
199
X-Xss-Protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1609229-30&cid=1369755530.1653260436&jid=558993883&gjid=1306802905&_gid=1857324167.1653260436&_u=aGDAgUABAAAAAG~&z=1503582058
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 22 May 2022 23:00:36 GMT
content-type
text/plain
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1711661489&t=pageview&_s=1&dl=https%3A%2F%2Fua.korrespondent.net%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%20-%20Korrespondent.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUABAAAAAC~&jid=558993883&gjid=1306802905&cid=1369755530.1653260436&tid=UA-1609229-30&_gid=1857324167.1653260436&gtm=2wg5b0P7KPL8&z=897503646
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 02:07:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75160
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
mwayss_invocation.min.js
ad.mox.tv/mox/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6795&height=250&width=300&tld=korrespondent.net&ctype=iframe
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b2222&c1&r22702311&dholder_2222_hp&hhttps%3A//ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 23 May 2022 00:00:36 GMT
cmeter_an.js
source.mmi.bemobile.ua/cm/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://source.mmi.bemobile.ua/cm/cmeter_an.js
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b2222&c1&r22702311&dholder_2222_hp&hhttps%3A//ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 07:55:53 GMT
server
nginx/1.13.0
etag
W/"5dc27c89-2699"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
expires
Thu, 07 Nov 2019 07:55:53 GMT
fpdata.js
gaua.hit.gemius.pl/ 		286 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=ua.korrespondent.net
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
92cfd2cbea08ee212c320cf2f122335c415863cf22c1b86ae04419ab626b6dad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
286
expires
Tue, 21 Jun 2022 23:00:36 GMT
lsget.html
ls.hit.gemius.pl/ Frame F797 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS
ip56.ip-145-239-237.eu
Software
GHC /
Resource Hash
55ca784d80417111156b37461a488cd4c4e210fb2acfe0e1ffbf94bc23fc6364

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2724
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:37 GMT
etag
PRIVATE7520710249
expires
Tue, 21 Jun 2022 23:00:37 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
gsconf.js
gaua.hit.gemius.pl/ 		67 B
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/gsconf.js?gst=parent&href=ua.korrespondent.net&gsver=326&v=459388
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
e70792957a2d6b9fe4f3b638d557b304e23215b8031d9e14e2f61be37f008399

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
last-modified
Thu, 19 May 2022 10:55:58 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
67
expires
Mon, 23 May 2022 03:00:36 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/ 		310 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ef86eb0982f12c78695d9ffcf9b0de9ca0ddb5ec9dd9bb09ecf999fe965cc4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113361
x-xss-protection
0
server
cafe
etag
17650104571078416947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 22 May 2022 23:00:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame E80D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1178
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 22:40:59 GMT
etag
1428802124239944296
expires
Sun, 05 Jun 2022 22:40:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&frequency=0.01&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&tcfv1=0&tcfv2=0&usp=0&fc=0&ptt=9&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=modern_js&fy=2019&supports=true&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1609229-30&cid=1369755530.1653260436&jid=558993883&_u=aGDAgUABAAAAAG~&z=1439196547
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1609229-30&cid=1369755530.1653260436&jid=558993883&_u=aGDAgUABAAAAAG~&z=1439196547
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
login_ua.js
id.korrespondent.net/js/lang/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.korrespondent.net/js/lang/login_ua.js
Requested by
Host: jskor.ill.in.ua
URL: https://jskor.ill.in.ua/js/jq/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
89e0c888f3370962831869b407034daafaa6c60858e9f27b95275439c18697c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:36 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=86400
expires
Mon, 23 May 2022 09:00:37 GMT
impress
ad.mox.tv/delivery/ 		1 KB
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=iframe&pzoneid=6795&height=250&width=300&tld=korrespondent.net&in_iframe=&position=btf&screen_width=1600&screen_height=1200&top_domain=ua.korrespondent.net&top_url=https%3A%2F%2Fua.korrespondent.net%2F&domain=ua.korrespondent.net&url=https%3A%2F%2Fua.korrespondent.net%2F&referrer=&async=1&uid=260039191
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6795&height=250&width=300&tld=korrespondent.net&ctype=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
640165c8919352c6bd41be2ac1cb97c6efab8a7429d8bcc9b396d08d6e3fe336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=166&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Warning%3A%20Do%20not%20add%20multiple%20property%20codes%20with%20AdSense%20tag%20to%20avoid%20seeing%20unexpected%20behavior.%20These%20codes%20were%20found%20on%20the%20page%20ca-pub-3690534485164634%2C%20ca-pub-3755662197386269%0Aat%20bq%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A245%3A301)%0Aat%20aq%20(adsbygoogle.js%3A244%3A326)%0Aat%20adsbygoogle.js%3A259%3A679%0Aat%20Ai.n.qa%20(adsbygoogle.js%3A91%3A794)%0Aat%20rj%20(adsbygoogle.js%3A106%3A1098)%0Aat%20adsbygoogle.js%3A259%3A365%0Aat%20adsbygoogle.js%3A261%3A141%0Aat%20adsbygoogle.js%3A262%3A4&shv=r20220518&mjsv=m202205170101&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&url=https%3A%2F%2Fua.korrespondent.net%2F
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=ua.korrespondent.net&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=3&tms=200&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		221 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ua.korrespondent.net&callback=_gfp_s_&client=ca-pub-3755662197386269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3feac673a0c1d2700195541d9f824c4cf27de3d85cc54d0d88b76c2414cb3bd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0024 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1653260436&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fua.korrespondent.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435834&bpp=3&bdt=944&idt=231&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2533302168077&frm=20&pv=2&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=260
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:37 GMT
expires
Sun, 22 May 2022 23:00:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6795&height=250&width=300&tld=korrespondent.net&ctype=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:37 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
mwayss_invocation.min.js
ad.mox.tv/mox/ Frame 51EB 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 23 May 2022 00:00:37 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 51EB 		377 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6795&height=250&width=300&tld=korrespondent.net&ctype=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c92ee2460b4063f46ccd0ad0e0a68d212c6b756c4a0ef3a7fdf0afe0989781b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128852
x-xss-protection
0
expires
Sun, 22 May 2022 23:00:37 GMT
mwayss_invocation.min.css
ad.mox.tv/mox/ Frame 51EB 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6795&height=250&width=300&tld=korrespondent.net&ctype=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-a0a"
vary
Accept-Encoding
content-type
text/css
mwayss_invocation.iframe.min.css
ad.mox.tv/mox/ Frame 51EB 		40 B
200 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.iframe.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6795&height=250&width=300&tld=korrespondent.net&ctype=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
334ff4c8e9f20c31bfe49e4f097a08ab9a249180d04b2939832f45eb594eb835

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-28"
vary
Accept-Encoding
content-type
text/css
magic.png
bgstats.mox.tv/ 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B90F 		79 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1653260436&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435837&bpp=2&bdt=947&idt=306&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JOgUUmbZuL&p=https%3A//ua.korrespondent.net&dtd=319
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17f309ca47bb09c5d0f56b864f67856f69f9a21fb59afb1308861a98b821d27d
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPaB1Yib9PcCFSRMHgIdMOwN2g&gqi=lcCKYpOwDdWLjuwPwpiQ4Aw&layout=/sadbundle/%24csp%253Der3%24/10755105540443996160/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
26378
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPaB1Yib9PcCFSRMHgIdMOwN2g&gqi=lcCKYpOwDdWLjuwPwpiQ4Aw&layout=/sadbundle/%24csp%253Der3%24/10755105540443996160/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:37 GMT
expires
Sun, 22 May 2022 23:00:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/46506/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:20 GMT
server
nginx
etag
W/"62824274-702f"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:29+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:29 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/46506/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:21 GMT
server
nginx
etag
W/"62824275-a793"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:29+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:29 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/46506/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:13 GMT
server
nginx
etag
W/"6282426d-326c"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:29+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:29 GMT
7103cce7fa6705169441.b.js
cdn.admixer.net/scripts3/46506/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/7103cce7fa6705169441.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:12 GMT
server
nginx
etag
W/"6282426c-2a79"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:29+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:29 GMT
5927ef40e4a80e0040be.b.js
cdn.admixer.net/scripts3/46506/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:11 GMT
server
nginx
etag
W/"6282426b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:29+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:29 GMT
pubads_impl_2022051801.js
securepubads.g.doubleclick.net/gpt/ 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
71f7b22f7b615b6a6cb2240ba7516fb2e83d2028607d5983fd64d1b755fd11f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221950
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127552
x-xss-protection
0
last-modified
Wed, 18 May 2022 08:34:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 May 2023 09:21:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		571 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ua.korrespondent.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
77b1332c0394c83625516b21a3e9e7ad11aa4f0b942a9a2f1a583dfd58637d69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Sun, 22 May 2022 23:00:37 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C481 		75 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a958eca711fbc6dd8dc686bdbc6aa827b38f7e9abed98a76cc41957571289d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
30184
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:37 GMT
expires
Sun, 22 May 2022 23:00:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cm.js
source.mmi.bemobile.ua/cm/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://source.mmi.bemobile.ua/cm/cm.js
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cmeter_an.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 07:55:53 GMT
server
nginx/1.13.0
etag
W/"5dc27c89-d0f6"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
expires
Thu, 07 Nov 2019 07:55:53 GMT
rexdot.js
gaua.hit.gemius.pl/__/_1653260436227/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1653260436227/rexdot.js?l=100&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fua.korrespo...
  • https://gaua.hit.gemius.pl/__/_1653260436227/rexdot.js?l=100&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fua.korre...
169 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1653260436227/rexdot.js?l=100&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fua.korrespondent.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=iK3Q6F7M_o4jAOVuVqyYD0rmQvPhFhWcUZyGqd5KZV3.p7o3SnEdjl6ykEQqA2M.E_1WfkA7PmAsqFm1KDxWWmBR0TB9/LKy1QwibqnkZd/&ltime=420&fpdata=BFkaAV1Gp32N1sPaR3BHCIcpx6NswKzHHz3wU5gYh6P.87&fpcap=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
d3693edfe12eb6e8fc3c76dcc61e944b4278c792f1534e8cdf343e7998106bf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:37 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Sat, 21 May 2022 23:00:37 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:37 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1653260436227/rexdot.js?l=100&id=1wBKWGd1z2BevM2S0QWUz2YTLXTZ.xuGJ5mshikJ.pr.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fua.korrespondent.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=iK3Q6F7M_o4jAOVuVqyYD0rmQvPhFhWcUZyGqd5KZV3.p7o3SnEdjl6ykEQqA2M.E_1WfkA7PmAsqFm1KDxWWmBR0TB9/LKy1QwibqnkZd/&ltime=420&fpdata=BFkaAV1Gp32N1sPaR3BHCIcpx6NswKzHHz3wU5gYh6P.87&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sat, 21 May 2022 23:00:37 GMT
impress
ad.mox.tv/delivery/ Frame 51EB 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=6798&height=250&width=300&tld=korrespondent.net&in_iframe=1&position=atf&screen_width=1600&screen_height=1200&top_domain=ua.korrespondent.net&top_url=https%3A%2F%2Fua.korrespondent.net%2F&domain=ua.korrespondent.net&url=https%3A%2F%2Fua.korrespondent.net%2F&referrer=&async=1&uid=4581239583
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a6c2fa4216a664c2154e7078becf3a3e79ab7602d1467b3fb61ed0961f6d6812

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ Frame 51EB 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:37 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
ad.vidver.to/delivery/ Frame 51EB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=1d5f3162-9159-528f-a74f-4cdcc5c58c49&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://ad.mox.tv/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125
  • https://ad.mediawayss.com/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
  • https://ad.outstream.today/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
  • https://ad.adopx.net/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG...
  • https://ad.invamia.com/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVy...
  • https://ad.vidverto.io/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=YWQudmlkdmVyLnRv
  • https://ad.vidver.to/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=
0
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ad.vidver.to/delivery/sync?userid=7a1b11ff-3ef2-4dee-afaa-5010608bc125&inner_redirect=1&inner_uuid=0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68&redirect_host_list=
date
Sun, 22 May 2022 23:00:38 GMT
server
nginx/1.14.0 (Ubuntu)
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ Frame 51EB 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
10255283
fly-request-id
01FT5BT4R4R9T5XAD97TJZYFJT
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70f92b45be539b2b-FRA
achernar.min.js
ad.mox.tv/js/achernar/ Frame 51EB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/achernar.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 14:47:09 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6213a5ed-2b1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 23 May 2022 00:00:37 GMT
prebid.js
ad.mox.tv/js/achernar/ Frame 51EB 		237 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/prebid.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
last-modified
Fri, 22 Apr 2022 10:13:13 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62627fb9-3b3ea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 23 May 2022 00:00:37 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 51EB 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cbcfeb9b6e64526967c4cd689a6bf25404c437fecff623856da96d292e8e65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28589
x-xss-protection
0
server
sffe
etag
"1223 / 192 of 1000 / last-modified: 1653084277"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 22 May 2022 23:00:37 GMT
swiper-bundle.min.js
unpkg.com/swiper@7.3.0/ Frame 51EB 		132 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
7217771
fly-request-id
01FWZWKMW4D5XZVDAAQ34HNM8B-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70f92b45be569b2b-FRA
/
onetag-sys.com/usync/ Frame 396F 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
magic.png
bgstats.mox.tv/ Frame 51EB 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		451 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3976599010063820&correlator=3835965316092039&eid=31067689%2C44761477&output=ldjh&gdfp_req=1&vrg=2022051801&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_korrespondent.net_S_WW_336x280&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C336x280%7C336x90%7C321x123%7C320x100%7C320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=621783494&sfv=1-0-38&ecs=20220522&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3Dd3a2dfc05a4ee392-223670b999cd0076%3AT%3D1653260437%3ART%3D1653260437%3AS%3DALNI_Mb6bVzaZb2YHGMKlIxH0PDX-Im9vA&abxe=1&dt=1653260436402&lmt=1653260436&dlt=1653260434890&idt=1456&biw=1600&bih=1200&adxs=-168&adys=1208&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fua.korrespondent.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&fws=516&ohw=0&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=true&btvi=1&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
431f820dab5119a26ed0098d79e71c0677655219eb2bef7f18e2b6ec5c54ddbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6DCF 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:37 GMT
expires
Mon, 22 May 2023 23:00:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cds.js
pa.tns-ua.com/viewability/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cds.js
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
last-modified
Mon, 02 Jul 2018 17:27:00 GMT
server
nginx/1.13.0
accept-ranges
bytes
etag
"5b3a6064-9c3"
content-length
2499
content-type
application/javascript; charset=utf-8
pubads_impl_2022051701.js
securepubads.g.doubleclick.net/gpt/ Frame 51EB 		366 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
3bd4eb2ece0fe98f279a14bb2b61ecbbcd501a598b50f1f8b211f76ecd420996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 19:41:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127273
x-xss-protection
0
last-modified
Tue, 17 May 2022 08:34:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 22 May 2023 19:41:53 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 02B4 		497 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1653260436&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435837&bpp=2&bdt=947&idt=306&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JOgUUmbZuL&p=https%3A//ua.korrespondent.net&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5157cdc5963c4c9f350c75669e14168190ddef3114048d63d672b29252fc917
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
520174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
46522
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 16 May 2022 22:31:03 GMT
expires
Tue, 16 May 2023 22:31:03 GMT
last-modified
Fri, 25 Mar 2022 06:51:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame B90F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COmFplcCKYrbjDqSY-cAPsNi30A2okNzgZpTy7rKSEOmagOD7KhABIMbgi3lglcqZgqwHoAGFvqbzA8gBCakCgL3IDMe4sT6oAwHIAwKqBPIBT9BPUWutVp-g0BZlFlFPqQlVN8H8U3vlWdIML5kf0WM7k8fr8YO0yrM8T0QBDaeh-tLwhiv10A7gZ_hy3vdHPcWoKtmvVT4OB-wUMOuedK6aXSZGSm_UE205KGipltyIv0vJ-qkYYDbQkWzpUSuHQZ9w2zTOVirIheRfOTDFJzbesklWut3YWAeH5NRbKFsdA3dE5HHROC_6MitsZKv8Y7suf5_Es0qHz3QD50rx5rcrn7-sdeQeRHiW2coKq72OuBPy5-hkqmEWZwJl8QK-WF6b4RftO4GlfU2DbC0biuX-Um9-_P_3ASUdzu2SR02X-9DABKOhnJb6A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAZdgAfjwdkMqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQoPsF0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTM3NTU2NjIxOTczODYyNjkYAA&sigh=hgYNckgpOkY&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1653260436&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435837&bpp=2&bdt=947&idt=306&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JOgUUmbZuL&p=https%3A//ua.korrespondent.net&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1653260436&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435837&bpp=2&bdt=947&idt=306&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JOgUUmbZuL&p=https%3A//ua.korrespondent.net&dtd=319
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 22 May 2022 23:00:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 22 May 2022 23:00:37 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 83D6 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1653260436&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435837&bpp=2&bdt=947&idt=306&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JOgUUmbZuL&p=https%3A//ua.korrespondent.net&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1653260436&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435837&bpp=2&bdt=947&idt=306&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JOgUUmbZuL&p=https%3A//ua.korrespondent.net&dtd=319
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3062
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 22:09:35 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame B90F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1653260436&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435837&bpp=2&bdt=947&idt=306&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JOgUUmbZuL&p=https%3A//ua.korrespondent.net&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:58:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:58:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame B90F 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1653260436&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435837&bpp=2&bdt=947&idt=306&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JOgUUmbZuL&p=https%3A//ua.korrespondent.net&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7211
x-xss-protection
0
server
cafe
etag
2988716039725867132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:56:19 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 83D6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1653260436&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435837&bpp=2&bdt=947&idt=306&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JOgUUmbZuL&p=https%3A//ua.korrespondent.net&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 23:00:37 GMT
expires
Sun, 22 May 2022 23:00:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 23:00:37 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 51EB 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
prebid.1.2.aspx
inv-nets.admixer.net/ Frame 51EB 		42 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:37 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://ua.korrespondent.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
a.min.js
0.code.cotsta.ru/dist/ Frame 48F6 		290 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0.code.cotsta.ru/dist/a.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/achernar.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.119.59.4 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
353757-ce44784.tmweb.ru
Software
nginx/1.14.1 /
Resource Hash
52843d80d9ae9d8b68ec95209a51d1cf09949d770d786ac40a859a4dd92e1188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:06:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 May 2022 11:47:04 GMT
Server
nginx/1.14.1
ETag
W/"628239b8-489a3"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
c
prebid.a-mo.net/a/ Frame 51EB 		0
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Sun, 22 May 2022 23:00:37 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
180
vary
origin, Accept-Encoding
integrator.js
adservice.google.de/adsid/ Frame 51EB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 51EB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 51EB 		472 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1300921671937608&correlator=3556331061509852&eid=44761478%2C31060888&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_korrespondent.net_banner_300x250_fixed_C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=1&adks=3668429923&sfv=1-0-38&ecs=20220522&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3Dd3a2dfc05a4ee392-223670b999cd0076%3AT%3D1653260437%3ART%3D1653260437%3AS%3DALNI_Mb6bVzaZb2YHGMKlIxH0PDX-Im9vA&cdm=ua.korrespondent.net&abxe=1&dt=1653260436674&lmt=1653260436&dlt=1653260436103&idt=503&biw=1600&bih=1200&isw=300&ish=250&adxs=2725&adys=1259&ucis=1mnfajbrszeh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=1800x-1&msz=1800x-1&fws=260&ohw=300&ea=0&ga_vid=1369755530.1653260436&ga_sid=1653260437&ga_hid=2036923303&ga_fc=true&btvi=1&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f50f58a5e3fc8ae871e89c5958bb624c7da2d62402dc2a4e243df1901d4980a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
254
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 51EB 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1300921671937608&correlator=3556331061509852&eid=44761478%2C31060888&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_korrespondent.net_banner_300x250_fixed_C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=2&adks=3977331167&sfv=1-0-38&ecs=20220522&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3Dd3a2dfc05a4ee392-223670b999cd0076%3AT%3D1653260437%3ART%3D1653260437%3AS%3DALNI_Mb6bVzaZb2YHGMKlIxH0PDX-Im9vA&cdm=ua.korrespondent.net&abxe=1&dt=1653260436680&lmt=1653260436&dlt=1653260436103&idt=503&biw=1600&bih=1200&isw=300&ish=250&adxs=4525&adys=1259&ucis=nkazcp1pom6c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=1800x-1&msz=1800x-1&fws=260&ohw=300&ea=0&ga_vid=1369755530.1653260436&ga_sid=1653260437&ga_hid=2036923303&ga_fc=true&btvi=2&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
acb21d8377e8190573889c939b98d1366533b9227f49e65ec6b7c2d89aad2697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9961
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 51EB 		463 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1300921671937608&correlator=3556331061509852&eid=44761478%2C31060888&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Ckorrespondent.net_banner_300x250_fixed_C_%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=3&adks=1395645057&sfv=1-0-38&ecs=20220522&fsapi=false&sc=1&cookie=ID%3Dd3a2dfc05a4ee392-223670b999cd0076%3AT%3D1653260437%3ART%3D1653260437%3AS%3DALNI_Mb6bVzaZb2YHGMKlIxH0PDX-Im9vA&cdm=ua.korrespondent.net&abxe=1&dt=1653260436683&lmt=1653260436&dlt=1653260436103&idt=503&biw=1600&bih=1200&isw=300&ish=250&adxs=6325&adys=1259&ucis=3b4x3le8xwdk&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=1800x-1&msz=1800x-1&fws=260&ohw=300&ea=0&ga_vid=1369755530.1653260436&ga_sid=1653260437&ga_hid=2036923303&ga_fc=true&btvi=3&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
60f1c85dbbef3e89fedff162c213a848dc9ead94b1dba4f8bfa83c3769a4783e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 51EB 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1300921671937608&correlator=3556331061509852&eid=44761478%2C31060888&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Ckorrespondent.net_banner_300x250_fixed_C&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=3686253521&sfv=1-0-38&ecs=20220522&fsapi=false&prev_scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm51%26yb_tt%3Dtt5%26yb_ff%3D0%26yb_th%3D15%26yb_tm%3D0%26yb_wd%3D0&sc=1&cookie=ID%3Dd3a2dfc05a4ee392-223670b999cd0076%3AT%3D1653260437%3ART%3D1653260437%3AS%3DALNI_Mb6bVzaZb2YHGMKlIxH0PDX-Im9vA&cdm=ua.korrespondent.net&abxe=1&dt=1653260436685&lmt=1653260436&dlt=1653260436103&idt=503&biw=1600&bih=1200&isw=300&ish=250&adxs=8125&adys=1259&ucis=dwztsfmbghap&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=1800x-1&msz=1800x-1&fws=260&ohw=300&ea=0&ga_vid=1369755530.1653260436&ga_sid=1653260437&ga_hid=2036923303&ga_fc=true&btvi=4&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1be8c5a90295c4bb3b882389de29b488ca7ab241e97ddb80dd65351de86a0754
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9762
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 51EB 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1300921671937608&correlator=3556331061509852&eid=44761478%2C31060888&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21621488598%2CMAT_korrespondent.net_banner_fixed_b&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=1946969117&sfv=1-0-38&ecs=20220522&fsapi=false&sc=1&cookie=ID%3Dd3a2dfc05a4ee392-223670b999cd0076%3AT%3D1653260437%3ART%3D1653260437%3AS%3DALNI_Mb6bVzaZb2YHGMKlIxH0PDX-Im9vA&cdm=ua.korrespondent.net&abxe=1&dt=1653260436687&lmt=1653260436&dlt=1653260436103&idt=503&biw=1600&bih=1200&isw=300&ish=250&adxs=13525&adys=1259&ucis=10hgbks26eyr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=1800x-1&msz=1800x-1&fws=260&ohw=300&ea=0&ga_vid=1369755530.1653260436&ga_sid=1653260437&ga_hid=2036923303&ga_fc=true&btvi=5&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
0f7b7e7dbea86d27cdaf800c118f55d38effd1f010a2613b92040aa9829b59c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9939
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 51EB 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
792ebe0442d0f1520de0b4574c3c88b8a8a6f1a286732d6a21d89e67ceb79d28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10740
x-xss-protection
0
container.html
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 873C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:37 GMT
expires
Mon, 22 May 2023 23:00:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 02B4 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:regular,700italic,700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89267b521cf50ae50c48425074e409de9710c7c970613cfb25a5bb018f03ba8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 22 May 2022 23:00:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 22 May 2022 23:00:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 22 May 2022 23:00:37 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 02B4 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55850
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 May 2022 07:29:47 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 02B4 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 14:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 May 2022 14:22:05 GMT
cm.html
pa.tns-ua.com/viewability/ Frame BA65 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cm.html
Requested by
Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 22 May 2022 23:00:37 GMT
etag
W/"5b31038d-b5f"
last-modified
Mon, 25 Jun 2018 15:00:29 GMT
server
nginx/1.13.0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B90F 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6218171218&adk=3638426950&adf=2457552020&pi=t.ma~as.6218171218&w=728&lmt=1653260436&psa=0&format=728x90&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435837&bpp=2&bdt=947&idt=306&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JOgUUmbZuL&p=https%3A//ua.korrespondent.net&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:37 GMT
truncated
/ Frame B90F 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66f378fb92b0dd8e7705ccc269ee8672cd383c31ad0561ecd02f2b9cce1f0ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		88 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3976599010063820&correlator=3835965316092039&eid=31067689%2C44761477&output=ldjh&gdfp_req=1&vrg=2022051801&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_korrespondent.net_S_WW_336x280&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C336x280%7C336x90%7C321x123%7C320x100%7C320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=3875702543&sfv=1-0-38&ecs=20220522&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3Dd3a2dfc05a4ee392%3AT%3D1653260437%3AS%3DALNI_MYoh47LuJwChdTwreypbD6-adnXRA&abxe=1&dt=1653260436764&lmt=1653260436&dlt=1653260434890&idt=1456&biw=1600&bih=1200&adxs=-168&adys=1208&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fua.korrespondent.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&fws=516&ohw=0&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=true&btvi=2&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
58a6cb7702209f21ae3d0de2fa4adbd78f71bc20103357cf25c382ee6e6a2355
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37153
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 51EB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:37 GMT
5487733100544620629
tpc.googlesyndication.com/simgad/ Frame C481 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5487733100544620629
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0071aee3d5d9dad166a8e2a22b32bd4450f15241ccac1644cdbd5929e6364aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 04:36:43 GMT
x-content-type-options
nosniff
age
239034
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65461
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 12:44:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 May 2023 04:36:43 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame C481 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
884
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8611
x-xss-protection
0
server
cafe
etag
11030745046341915621
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:45:53 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C481 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:47:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C481 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C481 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7211
x-xss-protection
0
server
cafe
etag
2988716039725867132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:56:19 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C481 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06460c5ac2ac6f0dcecb946cb8160e58c2c1b81977086c1ac9d2a181fc73d92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9451
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12929
x-xss-protection
0
server
cafe
etag
1407223271217901296
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 20:23:06 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 02B4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700italic,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 12:29:20 GMT
x-content-type-options
nosniff
age
556277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 May 2023 12:29:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 02B4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular,700italic,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 19:07:55 GMT
x-content-type-options
nosniff
age
532362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 May 2023 19:07:55 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C481 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1N4WlcCKYuurEcyN-cAPp6OKkA-qxbPGaZ3q1fu9D8-3vs-IChABIMbgi3lglcqZgqwHoAGC67vBAsgBA6kCgL3IDMe4sT6oAwHIA8kEqgT-AU_Q-xRxLctCUegCwyabM5SCXwHjQqlW_XHqTC39twUlA2wKR3mzmtAsECSQQM6W_xcLl5zoHiQHU4JwNvi0QrmQCU0q1slgy69gVnRqu3HtNTMXQRy8oXWzGE7LSkHu4iG-OTPcoSQk6mRKpmNHlaxN9YsofJw_B0M-SE4MgNm2l02zsEciM2rHOFtY9XFwnNof_cZbS8AYWibQ_ZIYW-Lft9s0Y5NLNdtycLaKD8GBRYfPPj24V4FS2ULbirK-JMNw08fitgQPijO3BPBn8aGE1rUnOheuNh4DOB2eOWA5SS8IFKloPh4g2mnuZ65XvoddwvIyB5uENpkt9zvawASN6-uCywOSBQQIBBgBkgUECAUYBKAGA4AH5pTEvgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDtujjSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMzc1NTY2MjE5NzM4NjI2ORgA&sigh=DW2i49EnHPc&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 22 May 2022 23:00:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BDF9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 20:35:50 GMT
expires
Mon, 22 May 2023 20:35:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B47E 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b607965864024a1d586ffc7f9faad23a2bc2c3768a32769ece058956086a5397
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-t7FCmlYWwW52WiuBsief9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-t7FCmlYWwW52WiuBsief9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:37 GMT
expires
Sun, 22 May 2022 23:00:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:38 GMT
server
nginx/1.18.0
content-length
36
content-type
application/json
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=F5E9A531453A46B983DA67FBDC15776F&time=1653260436498&location=https%3A%2F%2Fua.korrespondent.net%2F&referrer=&is_flash=0&session_id=1029744225&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm,holder&param1=~cm_timer~&param2=0&param3=1200&param5=2&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:38 GMT
server
nginx/1.18.0
content-length
36
content-type
application/json
pic.gif
pa.tns-ua.com/bug/ 		56 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?uid=F5E9A531453A46B983DA67FBDC15776F&time=1653260436921
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
cache-control
no-cache
server
nginx/1.13.0
expires
Thu, 01 Jan 1970 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 358F 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3062
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 22:09:35 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
container.html
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A972 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:37 GMT
expires
Mon, 22 May 2023 23:00:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ Frame 51EB 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=YVJTZWY0SVc1MnN0Zll1RmRhcXVNQXJTemtNSjh0WHpqdGNjZUlJTXNYNHdMMmNWb2RrRE5HL1lzM1R1RExlNUdzVEpHQTRpMzJRK2w0eFRDenFCYkJ3MlFmdVlaRURHZHFxWEptTThtQUVtTDlPMVU5LzlnMEo5V2lmQVVybWVrakxpZXJvTjJ0c0dmTTFtcjhoUU5vS04zUDEyeFBOQUMyUVVjajVyN2VsNlhQNFdKUUJCZk9oa0c3Vi9zUXM1cFpNMVA4Uzk2eHVkU3N1UTV6SEpENXk4YXV6L0lGdlQ2cUQzQXJFUjRTQjA2UVppOEVGa1FZb1pmNDQ0Z0ZpSw%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame B47E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051701&jk=1300921671937608&rc=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
container.html
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 098C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:37 GMT
expires
Mon, 22 May 2023 23:00:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ Frame 51EB 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=Z2tRamEvOEtuMWJ4STNBdWcvbXZMbnY5cVdqQnhoVDRhblpsTVpyTTA1L0Q3SnQ1SHZIQmU2blR4LzRlZzRLRXFrQmwyOUZQaUJSQ1VKNWFNcTZ5NmpwYzVmTW9hUnRVUXRsVXNiUVAvVEtVK0ZRS2ZXaHYxQnhEK2E0SVF5MXBtTm9LYzBSM09sOFBFeERFdjVleXZBTzVOWWtWcUJwbC9CTm55S3AvUUUzL0xzcnE0YWFrRjArQ0FFMlY3c1luWUo0SXBrNWFtbG9GbXFOQ1lFTmNTME5kSmtMZ3JuR0E0R2djRUlEeG9HMENrNkwzdy9uT3ppQytoNGRjREpoYnRVbTFaNVdGa2JUN09xTDVwR1Q4OUE9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
si
googleads.g.doubleclick.net/pagead/drt/ Frame 358F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 23:00:38 GMT
expires
Sun, 22 May 2022 23:00:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 23:00:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame BDF9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
54356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 07:54:42 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=3&event=js_init&ex_pl_id=none&pl_id=none
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:38 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
getPartnership
a.cotsta.ru/ Frame 48F6 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.cotsta.ru/getPartnership?title=&keywords=&description=&os=Windows&viewport_width=1200&viewport_height=1600&browser_name=Chrome&browser_version=101&language=en-US&timezone=0&init_ref=&user_hash=YlR5cGU9Q2hyb21lJmJWZXJzaW9uPTEwMSZyV2lkdGg9MTIwMCZySGVpZ2h0PTE2MDA%3D&ref=https%3A%2F%2Fua.korrespondent.net%2F
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.215.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.235.215.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/7.4.19
Resource Hash
27e00c470bbcebfe10096d9536d5aeef284970dcebf540b7ee26a73743e26027

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:38 GMT
Content-Encoding
gzip
Server
nginx/1.14.1
X-Powered-By
PHP/7.4.19
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=0&event=server_request&ex_pl_id=none&pl_id=none
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:38 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
Robotunits_Logo_mini.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 02B4 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Robotunits_Logo_mini.svg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f256a316271a085b13428e78d7eeb014343f633be0382bb21b04bcf19b87fcea
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
226320
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1134
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 06:51:02 GMT
server
sffe
date
Fri, 20 May 2022 08:08:38 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 May 2023 08:08:38 GMT
robotunits_Logo_Claim_-_Genial_Einfach-Einfach_Genial.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 02B4 		5 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/robotunits_Logo_Claim_-_Genial_Einfach-Einfach_Genial.svg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee3c83c278e037e85b1ad63a4df8bd0165b3a80a5bd4d83d855262a0c80f6f0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
226320
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1486
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 06:51:02 GMT
server
sffe
date
Fri, 20 May 2022 08:08:38 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 May 2023 08:08:38 GMT
Warenkorb.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 02B4 		1 KB
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Warenkorb.svg
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9815fe31ba2b6c43e2d63695ca42125ca432eb115200487a6a0a9d7e53473765
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
511667
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
606
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 06:51:02 GMT
server
sffe
date
Tue, 17 May 2022 00:52:51 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 17 May 2023 00:52:51 GMT
Zahnriemenf_rderer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 02B4 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Zahnriemenf_rderer.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9438ae7f5b873bcca594875785a94a8632686955a34fd717b5130b86a6511747
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
490747
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16731
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 06:51:02 GMT
server
sffe
date
Tue, 17 May 2022 06:41:31 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 17 May 2023 06:41:31 GMT
Rollenf_rderer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 02B4 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Rollenf_rderer.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c35bef7abeed70f2a1eca573aa12c16969b0a0293cc27e463a2dc54da8c118d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
226517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15879
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 06:51:02 GMT
server
sffe
date
Fri, 20 May 2022 08:05:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 May 2023 08:05:21 GMT
Gurtf_rderer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 02B4 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Gurtf_rderer.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e284c728470401d1d5eed56d4eacdd4ca5da82286f6864263b4d5374d68fa0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
520761
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12481
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 06:51:02 GMT
server
sffe
date
Mon, 16 May 2022 22:21:17 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 16 May 2023 22:21:17 GMT
Modulbandf_rderer_gerade.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 02B4 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Modulbandf_rderer_gerade.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f663f0b96b83e0f3dc34fea3253eef5bed2e88494ed48a3990e7fd136eb5e6a3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
505001
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19136
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 06:51:02 GMT
server
sffe
date
Tue, 17 May 2022 02:43:57 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 17 May 2023 02:43:57 GMT
Modulbandf_rderer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 02B4 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Modulbandf_rderer.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39b74fcc99f4b56758d56aafe6defc0cfa26c325f5d028705ec5e19f4d916909
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
588411
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28632
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 06:51:02 GMT
server
sffe
date
Mon, 16 May 2022 03:33:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 16 May 2023 03:33:47 GMT
Verlauf_Weiss_-_336x280px.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 02B4 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Verlauf_Weiss_-_336x280px.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffbfc4fd7443146da8af0ffb6a17df8c9775e427799f67e022e12f519163b44d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
226517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22872
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 06:51:02 GMT
server
sffe
date
Fri, 20 May 2022 08:05:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 May 2023 08:05:21 GMT
Montage_F_rderband.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 02B4 		214 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Montage_F_rderband.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b44eebebc320ee341ccc3f50543909bde3a7082487ad914588c3d91281a38b97
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
226517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
219340
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 06:51:02 GMT
server
sffe
date
Fri, 20 May 2022 08:05:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 May 2023 08:05:21 GMT
F_rderband.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 02B4 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/F_rderband.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de4e5164bf9562da35c90965354e0e45917c428a76f9aa2e5954a2b192f43caa
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
498161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28763
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 06:51:02 GMT
server
sffe
date
Tue, 17 May 2022 04:37:57 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 17 May 2023 04:37:57 GMT
Universum_Background.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/ Frame 02B4 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/Universum_Background.png
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
605f6d52fb8dc1615d01dd5c10abc70a79c2fe8eba17bba2602ceeee1bf195cb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
226517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81195
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 06:51:02 GMT
server
sffe
date
Fri, 20 May 2022 08:05:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 May 2023 08:05:21 GMT
container.html
ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 463B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:37 GMT
expires
Mon, 22 May 2023 23:00:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=WGgzc041TnlsV0ZZMDAyT2N0SmZRNDRXQTM3QmF5T3pNZjVUaWF3ckE5ZGpiUlFTY0Y1NklyMHpHUHVFeGNPN3FXTWZ6bHorRmhqK3RDVjN2b1JhcE1LMVp3L3lzaXlhMmh2MDkwT292S3o2M3lVc1RyRER2Z3BYcEN0d01ETm9tTXhIeUc3Y1FsRCtQL0h4MjFXbTY5UjlQSGJUYjFjZjZMV2c4NklwaE94dUtlb2l2RTRjdTJ3aVkrdHBQNFNsQ1Y0ZFl3UjNiM2NKMmJpUlh6djdobTR4TnRMZjJiZnZ3K0w3cGFRV2lTM3VXNVBsOUltcHNhRmN1VXMySFB2ZA%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8B9F 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNX0ZPATPV7J-67dHLzARpqzoweJ5yjblQ59FEvV7TYRgp3jo-6wXzjRnY3ChTwTou0-wapfFmcmL2GEScXBLMKBhuJmjO4QufDwRfLpco6uLDyctHTTt6r6LFuazZGgtskLld1e3fWMzfxJPJoNMcARmsB0zMLoKAqJAMTHfa7RFUiyDYAmLXymufLfoHFd3W06uCoA
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:38 GMT
expires
Sun, 22 May 2022 23:00:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame A972 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bteo9K4F34do0sNEqp3EWnHISWla7EzB3YlITTflfJzw084aQ9GyA8jTkhNXeyVzfcpciUxSmkfefrXPPTob_gtldbsOwFjKIt6lpXSq9Fi-UcqIovM7b5o8hZVJ3FQ1ZbEN5fu365h_ebv6lzMGSoo-cskQ&dbm_d=AKAmf-CH2x0_nfDjyT1kyOsXxT0UaDU6QsCeOD4clfcKokDiz9rXs8OaomyG-qXjSSDxFJ4gXJQ9OPVQ1a8diskf8Xi1v7uBlh6sZKVqMUCrDfusjD6BcYH_doy6_Blvt7P-ULU1XJwLVbgK_3yrzfNYoe7T3W3bE-7ZqZ4Ciz8dIZky-DAQpkZvi15QiKN-hlVnAsFOz8rFmJeT1UUnVGSoAGsVYex3gORHftZCmnvhooCjCsTwgDJJR92SEgFHhGubO7VTeHdM_gT_x48_q-zXTeG9K4tqfS6wbZTfg_mhNC6UKuyQpMs2KAsI5DmDqvEKc8v9B8BxV7jPMF2YRjN5UqBfe1lGRstMmPGu99SJRLYjvioVZLv-1gSJhj344xs2W-MtHYix9u9stj6FRZdmSmxA7DRHjTbOipYoZUono-zllvRKlBoHhw79XPEnrVcFpVrTC0MsYLefKB3anasIe7p7nl0N2-lhFaGTwlMT8GSPJRDPIvzPsR_3qzd4WueLU9bepTOjIvfYTLoWRHInX8X5y4muLq-XbuGrIDokT1FgyDLRcjR-CeUsaa4nlsk91h3Ktfuy0-8CnQ_CATd8e16tF3hhS3BoC8rgiqdEu7pIi0AfHue6wc9KlLRzbp5UY_GU2A8bpVYSKaKnTv2NMjOkUp-wvBC8TXpn7ruVTb2PpdN31VCKdNM7lW_4sZJqVqLYqxtvfeFG_rHwSCGJ-dDAliby0UPQhVQjL0RPcxA9xSSAwS_SDFa8YXXVtBd3qdVLJ8gXqLZr9YYyoZQuW3Lc2kcB4Ntu-G64mMVHi0wMvkzQrj4R1c6LVYF4edIaipj7P8p1pRsxyDtFCzOpsSRQB7sYnxOPUMtIIBcc0Xsz8H4LSiu1dhcTvw9X9a39hF3rgYpdx86_5pletw_1WG81wQWSWjpM7KWG8x-upp3J5mKVSsP9HWwSrzxntS8L9by8-J5BQ5VOXaQsYIfvE2fyC5CQkmk1VbU_QMoyMdy42uAJ3jIVqzgQQMuZEUyBCNLdHMP6Xl9LRRLgIg7xqWHeYt7OCyNfdS78hXP8bjUysS7b75kLPvTiaixBG2Z0IOqYBglwgya8zXF04wI4OD-uGZnzaz3IJ7nXavAct6gxIDfBr17--mbnBPboc3g4PKmybPcPywwW3uIiiXospKHXLd4-7BGncF9pAJtUvcmkS7TuFUK4WKR7ZJDL1sAo-6OSF0fUtLb3VcqN6nd3QbH13EkQ_oAG1gv_c1T9uEtLSubS66TooejDMuF1E2r9irpNHI2BrDwa2gHc67_GFIR_lzsHWVwhiNlV8lupCRM6qrvjZoNxUvWqRuXQ8YwFoj9pLniYMid7fLR8aPA4r1_3kt_tz8QSwDFHlQ4D_54XZspAnorpjVoo1r258BBmWF0gg2e_aF3g9bBAIe5UMYhtQcx2VpsN3Ifs31CTovBACwkFCqXlphTX2tOZ_HKWyNRdKah8NOy9OBuAgtDlTkb4HaKYX-bvkEtTGamOTa2dgKOhH1y0_0Hc3KCQQGSFqoaNSDt5Lj60uXWfSp1ZPJvav6_36GTb3z6KfJs4cqWchfGf4tmAe0GO8Vvs4Ct0V1sZOLkjrgphWDH-j1KkPfAEGdWYW9OQ3NP5wwtIGs0AohJ7bSx624B3EROA_Q-2LlNI9R9WJSEBLbpiqPvARu5wN5QSqkrDsrnsbt5o3rJH8EeT-4CY1bjFXoRAB5tTYHKgiXZ7rfMb-gXJBq6FVXRm0njzw6xtPyiAnSEFadNATYJUQ42XOwP_5Ghk7MInHz9oRqOl5nGSVVXn1312G1TYLS-cjUv0BAozI-EoxgDY5YAHa6nzl9pBMu8fXskURibrhZsgo390_UQVp0oejYd-RcdwxooZbxStR_vQfXoeQCR6H3vwyZBpsoG0ooGu6DEGtjXrqjt3en7OLF07Tae28GGLnE69rAdJeuL7mHDHXmrrd9SUQ1AygLKbTptFTMmyR7OENVCsk_e2o_aAJPHtF2HOCyqr0xRWrqeQHWlLCoEnqKYIGGy0H-_uPWYpccB8vdLK1ECNWG3vezBL0u6O8sFVpZFfKkdDw_R6mxtfLERxYI7GUQ3TOfHhSn4gxzZ-aQOh8WcFXMbcUFDTSTsvyzAkltAzpKtwhs1sqLKm6L0VtskhI9l2wrQsP2lfYzC7tsM4KxaJpG5rBD1TvsMqsp2OBJk2NWyT4dYwcDfCQRA5Ksak2PBxeJbEPuoDO5oCu3oSWPVt6FDT_BvTtHsq53hcOaeVD6KkfHWzfUFYt4OMCdwf5uMWg_4OT4UlVGZkEXSyH-Icv3o_7yMOKrdCxkR2gklDzb8KobXdYu3_qE5TyFQ1OW0CPfln08Of2G5cpIv5PshiAM5-8TWwfla4aTXQp7oQYSYIuls9kEza_UBbWGB7rg-CYxfE8beLfxXE4c_ZZMnfE-ai4bqck1916NSPJ2OAAM30FjKckEqhUjLw8rImR91AdGrMlPSQVPaJ_NjX_wISKyTFZ_H4CsGbzYhrDw5I7bszxyqtZzepyTXxAUULz-2koWjd2-wRp2OeTlwY96Q5wVYHRBe7wpl8RST2KwvEkUAQeVShRiWKlZ7vXUvWViJMDEfwBSem92vM1ohoClUwakM7_HJ5orvXSJ4unFbwwh_5USN8GNA5aIFx3RgDjJqwcas7ommVcPuili_rnCH4HKfMSc5QcUKKHlx1TGawt3wYts0-ARRh7JUwhBSgs3JF8g-w9GYk0DJgjQhV0Mh9qjXxAh0dDZ5TRZFreiYs5UQhRUWQlz01YtuSfl7_-7I0mR8pR2rJTkgnfUYusgN_wAANSHXPkXCXoVS3vkhfv28cx04dM5zFpNsfqcxAlR-_3ukFy6P3QuCsFfrplb88-BMgaWjBCpFE2gUGNUz3-_6OZoD_PviHEFK5DoNZRK7eAcrZoUEWPj-WWA-_xbpCAwa2D4tLqBs6gNHDMoUEIn1AwCSGvdQemk-s_Vb7mQPd-MpzPAAja5HIKt0nHl9dj3NSH409_T1l0IQnEXvM1tvro0hcNmqc8cFbZBKOkSgQs6vV3vWeoyLKncYLb2yznxvva2UXi6SXTKimp-f-MhAam0EQuoC3O81DAFvalG3HLk2BvHpMECwIRJM6yBd5UUiiK7ztEuO5LQdY8J27RJKLX5ZGr6r8mXZyDQO5GSFR-RXfYiIoQS4R4aRWwzdzOpChEQW-jV1v1dFP1a_zjhXvAV-nl9ehKu7_Tlnb8IvW5bNLzMhGMY3rGgSoO6mYN7MYP1cerJLO83HWN6oZHxeu5XB7pa7iaxXBgbq37UnUUE9oJ0ddi_BedhaDGuJd7GPOx8mTLsqptXNMvx-2Zj7EBAia2w69k41ODjOEPzleOvgyQ6SEgPs9K5Ij1L13mpaq8sppyvJQzgu9X-visnF6du4Z5KsEo28UqL-1wqU92i-zveUFgv0ObqhbiEQG0xYGtaDfMRqZym3Slw&cid=CAASJeRoq3F7JIIjNd4Qxids7O5P_hp5Xw68lDU6vlDum7iEs3cwxiI&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%242%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
499d7bbaf0cd4c91803138697d2e8c3777556188b6924371ca8418a7b2d1b080
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33789
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A972 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BeQFfyhmIH4aSqTeBKfqOjrnXR06atsAeG0mNGvaLuninw8qA1doDBVeNj-iBXSvKIVka_uUxUSZfOpZnKji9Q0sRZSergfLGYCTnvwba-M85D5kk
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame A972 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:47:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A972 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame A972 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7211
x-xss-protection
0
server
cafe
etag
2988716039725867132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:56:19 GMT
l
www.google.com/ads/measurement/ Frame A972 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSe4fz3cWr1gI5lWzx0sr7Rh4fRTCjlxZtWRtrMuao5709xcz8PgGTshQmQzxZOarbJF29_TIDuB4JEsyl0NSfRbwip3w
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1FE0 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUnBk_mT6csM3q_79kcXjG6z7AtVEUFCh4e4XVvqo_02vo35k1JHEoZ2fHscxv6oxwPgm41RuLW4PssVBqedQr4FNgAbPS5ono1UtT8SAinIs54mv-OaYqwqNVW9_vY-uwbSgXPNWDjOVxrXCjFB1uK1xb0Il8qB16Bxr94cpFG6GrsQrI
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:38 GMT
expires
Sun, 22 May 2022 23:00:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 098C 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Brug0EY9PTS1MUaQvSizGGHZpL8KDYD9BIJAHvrzKErItK5PBnDZwEhA1pQP0xQltrZ8PKdBbsFphJ6kQlZ5NrSn7gx32gKY9DRHlNlVeJq7SixAI56d1e2F14rcY4iZjDDX6kQ-RsnvK6-_DyQVFVh6UzSQ&dbm_d=AKAmf-CN6O75-Q_gur5M8W0TqaonVLOJ1wFk6GyrUHJX3ovAeVdl5JGvVlQ3UsH7cRtn_ZRZd0x2ozz50ibfSpMGwl8-B6hk3xQPOSvTHJGW4bBRM7et-Bjdf-wZ1X8CnkKd5AnHtKoHNV6_mpJw1N26DW-LgT0br5G4ZUd5tdJvhjxR8oENTRVWmpeE-7jxMzO1hHLJ_KKKfYihmUPpMSB9MrN6WM6MGPgj2nuVWQRJmF5bWgB4LbhKY9ZvSq3UF2EWh_kVdle6QrVR_4d46FNqseDddREp60l4IsczBvxz05s4800zcR-YwMHiFApAL3J7asyvAk_c0dBQ-GsbNJiBLRerD_zLutRSydNGFm1LeXibviC6sSRFYigfZZyePfDLd7xzAmC1LPqpNulxOS_XxIxYVkKq-F-BDWsJbtWC_NYs-U2eY5Fm3cTFclN5iEWybCPq33EwBIn0dUy8Fs-R7M2htLIu3QhcDUUwIfCgna0rKlfoOmI8XfEgwHiD7NKV7g2jzEOx5bia3_ixBsODyunD3MYx9v0KvYSx-pwL1NQv06PhMtnikwbG94sJG0n7qsGrhak3Gkxm28RVvQxAwH-1eFz2RceLkc9lTWbf2CFVBlr2mNLNcE1ZCY_ShQaIlIepkxXpbq-9ur8Jmv6QyhZTXwAVx7V9M-LtpvLOFjtSxWNspQ5bq2eMvBqd_ma_175TG8drU4XODH7g4_iO9X2zbIVsgE_BpOKokVXSpuq7PVqj55MHVjk_AnyZH-FTESD-xfesAYcsbuz9IiEaZuLe-LxKdqJWtfvEeY7sOnrSgN32v-cVgF5R0wxg9SkA6WHeWfkLzcqA4hiuOQyb-ozLxaUgd41xcTtoACERUkYfBJ0etgb1v6E5tfDsVZXzYkGRsv9T-Ks44Rv8GUU2Sl4bZIIAMWsKGBZsMzS0nsr8a8YKbnAIT7cvmzM6e1DJU_VBXFr16jjAhfZfF45BoZL2pQhzgyMpZ-C2gs4OIgpAFpr-XkLEay2mUiqEWpJRaiMx02jmBffiwQP29PEghQUEpoFTInLiAodB2xxDXWcvsH8yOGoTBfTNFYSaQd_ndfn1QvgK75EDxAVuScZGEQopJ8x-2ztEEALgGuZhIvb5OmXp2727JfGd33Ttv11USq4EQuTiTxDYDA-qVGmQCOWpKUETql57phfBl8iXLfhvZyBicAcab4euEJIItLp2XcjZR2AX7PPHyyEdfAtGArWU-7HrrltBKgdtUvHx1LgyI5F_Xn38sb3hSoKo39Zbyb8icaqmMzD2i7s6opus86fwDXyljhVUXyXBj-Lyo6u8fR4uU1AqdGWFjtH3t1tFTl56puYAltZ0_LmIdpitsb4xVAogIy__UEnMdHnLX2PiNg7mvSziSSOua6dLE4G4TuxoOwQAziB2ejkbfezAvI1nD0fnVzIcTII8qb5mLKvlvR83Yg_aLttcE8S1hYBFuBPpx3mw1iH7wV5oMgl68k5RuYNbVX5x4NXUo_j8ErLc_Q0VuMLfz8ngifcy6emVtzGCAdISpQnxngvnjMHqsxG-TyzrBBK6U57kufEKhtezTKD_4WwwBbK6_GmKZh4wfEKWMwg4iU9P_sxCNHbvfk-ApPnYg-oIh141BHj8_FLxC80pvG5Qc9jnMo57curfEKXMur_aineI8dnoNLQ3rSQGEaBwP78KPk9droHBBbFpFa26YNrq5dQ0i97f3KV53IAHtCleQSVO5nam-cLtv4iyOrRp9XbHOlNQAOnrrndySotxjij-iMCPAOkTgm5XSZrpkioSbRMYh1n_9DQwg-C-coQKsZtdeziNiAqs-52mZAMnfHV7aTjrFKL8LXQu2_N2sELgCv5W5q_s2dogwMTplpKs_8rs3NUBS37gEhP0wTffoHdTtRXatFQUx6FcztvMBh38HgVB4Uf9Moaszp_8C5EtTGu_vROIFnAdqOHorXIwkDHpyuZdi1bIiE6dDXHW2kSN002lLBIncfi9D5XGg6_4-2peRbW85ek82jli-8l_yv-JprY_nszyrIJJpzytZYGplCM59VPam9mYTiGrMrzjK12XxEx5jUNZYt6C6bQVTH-FwSfM_w-qV3FQgkFPS0qAWbGsfgalZXEfhADVqZdHKNsv6VLNVq3fSaI2c2QAj3pvD7ZfytmbbhE_F0KHxIfECqeZsrRUO4mlq5LzYPwXOCagkkLVVMAEIASwmqwqCWeNf0zL8CSC1BnWSlQThjW4Bj136-CaZpduh5bOA_CBcLqR8ExrWTvyUdILw1gRDwnYgf2T5QiZODXRLqvQVZRKmEFye-3ozlGK4jTqlvV98-bzORTrdi-W8X83zvEy3vdp9dNzHCOftUY6xC3Xb0wrMbuYcB4KNm_hydRYjrCCZlBYVZWINR3Edg5Seiz9F6I-plE87EsxI2jWPH9j13xN31oTmwS2yj6XzcbUE5228M-x4XC-uCa2qiqn3HacfBWzb8PstbY3WLH1qePa_JFr9AJ0OCHajxp0wu471-qhQZnoJzONBR-98ix_ez4eLjtn7vDYbZoktOB-TtvdoI7Kit0FR2Z9hwFW9-n6zTK95sYs3K63EVQUdWRtsMBsraf0Pt-Ev3ifBkDcjBAnT1XSF9aah8pWG4b-N9ItWS_dEKbTkQeAhlN87_Juu-O6P4kTlkfwZPOwuCf4vopOIypei-ufNCqV-c1XWS68_wamYX-DeZ7jMEUIHF7UO9UQTEpLiHdZGroFN2EyI2OJ1mpJcvF8n_VKwAFNfWjoruB0zzIKH83eHLkuHukRcnoJpEg8qXKPYMolP1QhYxAa5YQweTdg1aIwU4t5HAa7TvltmgyoA535uiA2lAH3CNCK7p2nM9qP6mGZ3iGknleTF6UT9HRL30_5SJ0lwJ3-vfrcyqnhDpBGjPouKFbQt0vu0yKDTYoHg0fgEQdfZRzobLD8d3L-MwoSjTgdx8ESs_K_AW4oDgyXUQNIHUdye4XCk6KyV31e-nMvwfueGmlvVNvSJzmu1g7djVrgRGBrPPA6HJdFDdJpB-PfH46QqRiBOLrHiTXAWtpTdORCgF8szUCKE1GjWAiiehsuhPbpdt3jrvEFt-aMvyt0tGWXbOkOD5l2R1wyDj-GfDJCazdMehWqzkMf3bN3-litVkX9tC_tCu6i04OB3bU72i4DYBdw2GA6I4dKmpjaFvmmh-FcI1hXWdOIJ0P3YIzzVSKzuGQZBSA-3TbpXrV1yAIEzUh1BlvVOkx9c59NmGexG8BkpmZPdXuv6id8MJFK0eF8FA-WCZsqG7qVGhPpfAde7-Cl5v6k-tEYTe5Fjk4oLenSX_s_EiI0Ia2ZDStDGNWnTPYugQ&cid=CAASJeRo5A9CzjkzXzPmXY8H9RKrWpVa6UN1R2nkzJf3-tfv69r_XOo&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%242%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4aafb409b39d2aab767c4ee4096988592f93d1a134b5e1af5500da0c48c202f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33814
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 098C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BmdHg9nOS1oa24jRlilpvy8dUAwDKbLTEuDQGRk_bZ-O1MCCI2pefYJ9gi_Wd9d9XU9yVhaXaOp9uMEr8AiYzaX0yY7uQDFIctX-D5a6lVyjo4w4k
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 098C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:47:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 098C 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 098C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7211
x-xss-protection
0
server
cafe
etag
2988716039725867132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:56:19 GMT
l
www.google.com/ads/measurement/ Frame 098C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHKZP-iubnUYCLM-Y2KeSygdm6nPVmTrClqUJen9RybEue4RsUNwRv4iCLCeZ5JsPmsFG0QXYoHrJrQrHmxXI_Qy3m0A
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
header-bidding.js
yandex.ru/ads/system/ Frame 48F6 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
163774cd5c049aff7b911b53e9978795bb17d5fd99e796498d0fcdbafb07b060
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1653260438446777-2809759644881080230-sas3-0749-7ac-sas-l7-balancer-8080-BAL-403
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 23 May 2022 00:00:38 GMT
p4.41.0.js
0.code.cotsta.ru/dist/ Frame 48F6 		281 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0.code.cotsta.ru/dist/p4.41.0.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.119.59.4 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
353757-ce44784.tmweb.ru
Software
nginx/1.14.1 /
Resource Hash
9d2ae8c80a6f17e7068957051ed9b2de5217215c2741b2671f3ae1a1e9ea4922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:06:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Jun 2021 11:49:04 GMT
Server
nginx/1.14.1
ETag
W/"60b8c1b0-46548"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
apstag.js
c.amazon-adsystem.com/aax2/ Frame 48F6 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
617
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1DYD9H0TXD01RWK1GE3S
date
Sun, 22 May 2022 22:56:04 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
y2KLxs_4OGUs7V-tNv3L7WGaOK6b3JdKh8xRD6tBvvvS83EdGd3KEw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 48F6 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e9b8aa3c3922ebc7b97f7cc6b6260c9ddbc02a9d97fe7114e598670e6125b864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28588
x-xss-protection
0
server
sffe
etag
"1223 / 667 of 1000 / last-modified: 1653084304"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 22 May 2022 23:00:38 GMT
code.js
top-fwz1.mail.ru/js/ Frame 48F6 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Wed, 22 Dec 2021 12:22:53 GMT
server
nginx
etag
W/"61c3189d-6a23"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Mon, 23 May 2022 00:00:38 GMT
tag.js
mc.yandex.ru/metrika/ Frame 48F6 		210 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7f5df690427eed33c008ebfd42120023d160238a5e707c2efb31208ae9a8154c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
br
last-modified
Wed, 18 May 2022 10:11:23 GMT
etag
"62849c1b-11f93"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73619
expires
Mon, 23 May 2022 00:00:38 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=159&event=document_ready&ex_pl_id=none&pl_id=none
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:38 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame F2CC 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYjoHUyQEwAQ&v=APEucNW0x0js24uF_RAOnFnZtHtvn29QqBLu-69yvNRxY5A8NUGEucFVg_2_-RU-h8bVsmmwzLLlgZQgLjNQP2QgSRwuh5Z70Vk98loykRQCrrynpCTQdoefe53VTf5vhmW_KDAvmV-M8559mZ73cPLTkaaOAZY4dMcqOtJ5qSv1F6k5NTALAZU
Requested by
Host: ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
URL: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 463B 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
Origin
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:47:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 07:47:56 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 463B 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:38:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15706
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 18:38:52 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 463B 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2021.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91daca9ccd622b2be13b23a5c2ec4a57c149b23b2c8d27b3f4400558b57cc389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 20:10:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8578
x-xss-protection
0
server
cafe
etag
80073637329448240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 20:10:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 463B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWvlrRgNAXfh8UHX-FGy3MEb6CcWe9L8onqzae29x6uLIs-hnpufW1ggJY8SrojTETj4sshQtkO5PfGdbTyFqNDgjHjZt97C286iwdfz9CffT7RRI
Requested by
Host: ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
URL: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 463B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2021.js
Requested by
Host: ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
URL: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1546
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:34:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 463B 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
URL: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 463B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
URL: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2637ded6ce007b316a9c5e971a20daab4be2b60d85cde6181ead7d406bfe68d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7175
x-xss-protection
0
server
cafe
etag
14106299915199171216
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:04:02 GMT
l
www.google.com/ads/measurement/ Frame 463B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMn5eyE4ueusRFkUg_fFr5rkQw4Sh9hw3nJfvn-__e1aYhI20MUeLHkUpfMQ5pQny-e9IHo-BUXrtOrD8BtTHAmrHj6A
Requested by
Host: ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
URL: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=160&event=ad_apply&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:38 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 8B9F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNX0ZPATPV7J-67dHLzARpqzoweJ5yjblQ59FEvV7TYRgp3jo-6wXzjRnY3ChTwTou0-wapfFmcmL2GEScXBLMKBhuJmjO4QufDwRfLpco6uLDyctHTTt6r6LFuazZGgtskLld1e3fWMzfxJPJoNMcARmsB0zMLoKAqJAMTHfa7RFUiyDYAmLXymufLfoHFd3W06uCoA
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:38 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8B9F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YorAlj6DHKWdlS.o0q0o5wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNX0ZPATPV7J-67dHLzARpqzoweJ5yjblQ59FEvV7TYRgp3jo-6wXzjRnY3ChTwTou0-wapfFmcmL2GEScXBLMKBhuJmjO4QufDwRfLpco6uLDyctHTTt6r6LFuazZGgtskLld1e3fWMzfxJPJoNMcARmsB0zMLoKAqJAMTHfa7RFUiyDYAmLXymufLfoHFd3W06uCoA
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:38 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8B9F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELNcwOlTcBv5_Yeb5B-4tsE&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELNcwOlTcBv5_Yeb5B-4tsE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNX0ZPATPV7J-67dHLzARpqzoweJ5yjblQ59FEvV7TYRgp3jo-6wXzjRnY3ChTwTou0-wapfFmcmL2GEScXBLMKBhuJmjO4QufDwRfLpco6uLDyctHTTt6r6LFuazZGgtskLld1e3fWMzfxJPJoNMcARmsB0zMLoKAqJAMTHfa7RFUiyDYAmLXymufLfoHFd3W06uCoA
Protocol
HTTP/1.1
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:38 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fd2450bb-6461-41c9-8650-32fa92d9eaf5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELNcwOlTcBv5_Yeb5B-4tsE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8B9F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MzgwNDAxNjA1MDYwMDQ5NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MzgwNDAxNjA1MDYwMDQ5NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNX0ZPATPV7J-67dHLzARpqzoweJ5yjblQ59FEvV7TYRgp3jo-6wXzjRnY3ChTwTou0-wapfFmcmL2GEScXBLMKBhuJmjO4QufDwRfLpco6uLDyctHTTt6r6LFuazZGgtskLld1e3fWMzfxJPJoNMcARmsB0zMLoKAqJAMTHfa7RFUiyDYAmLXymufLfoHFd3W06uCoA
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:38 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c162a90a-02ba-40a6-bfe3-315de9d7f060
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MzgwNDAxNjA1MDYwMDQ5NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1FE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUnBk_mT6csM3q_79kcXjG6z7AtVEUFCh4e4XVvqo_02vo35k1JHEoZ2fHscxv6oxwPgm41RuLW4PssVBqedQr4FNgAbPS5ono1UtT8SAinIs54mv-OaYqwqNVW9_vY-uwbSgXPNWDjOVxrXCjFB1uK1xb0Il8qB16Bxr94cpFG6GrsQrI
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:38 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1FE0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YorAlj6DHKWdlS.o0q0o5wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUnBk_mT6csM3q_79kcXjG6z7AtVEUFCh4e4XVvqo_02vo35k1JHEoZ2fHscxv6oxwPgm41RuLW4PssVBqedQr4FNgAbPS5ono1UtT8SAinIs54mv-OaYqwqNVW9_vY-uwbSgXPNWDjOVxrXCjFB1uK1xb0Il8qB16Bxr94cpFG6GrsQrI
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:38 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFn9qnemlg2SYcEZrE88rSQ&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1FE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELNcwOlTcBv5_Yeb5B-4tsE&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELNcwOlTcBv5_Yeb5B-4tsE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUnBk_mT6csM3q_79kcXjG6z7AtVEUFCh4e4XVvqo_02vo35k1JHEoZ2fHscxv6oxwPgm41RuLW4PssVBqedQr4FNgAbPS5ono1UtT8SAinIs54mv-OaYqwqNVW9_vY-uwbSgXPNWDjOVxrXCjFB1uK1xb0Il8qB16Bxr94cpFG6GrsQrI
Protocol
HTTP/1.1
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:38 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
67903af8-b968-4ae1-a26a-3fe032da4a15
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELNcwOlTcBv5_Yeb5B-4tsE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1FE0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MzgwNDAxNjA1MDYwMDQ5NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MzgwNDAxNjA1MDYwMDQ5NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUnBk_mT6csM3q_79kcXjG6z7AtVEUFCh4e4XVvqo_02vo35k1JHEoZ2fHscxv6oxwPgm41RuLW4PssVBqedQr4FNgAbPS5ono1UtT8SAinIs54mv-OaYqwqNVW9_vY-uwbSgXPNWDjOVxrXCjFB1uK1xb0Il8qB16Bxr94cpFG6GrsQrI
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:38 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
aafa8faa-f396-41f9-8df2-0ab14b43534f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MzgwNDAxNjA1MDYwMDQ5NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame A972 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
Origin
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:47:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 07:47:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame A972 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bteo9K4F34do0sNEqp3EWnHISWla7EzB3YlITTflfJzw084aQ9GyA8jTkhNXeyVzfcpciUxSmkfefrXPPTob_gtldbsOwFjKIt6lpXSq9Fi-UcqIovM7b5o8hZVJ3FQ1ZbEN5fu365h_ebv6lzMGSoo-cskQ&dbm_d=AKAmf-CH2x0_nfDjyT1kyOsXxT0UaDU6QsCeOD4clfcKokDiz9rXs8OaomyG-qXjSSDxFJ4gXJQ9OPVQ1a8diskf8Xi1v7uBlh6sZKVqMUCrDfusjD6BcYH_doy6_Blvt7P-ULU1XJwLVbgK_3yrzfNYoe7T3W3bE-7ZqZ4Ciz8dIZky-DAQpkZvi15QiKN-hlVnAsFOz8rFmJeT1UUnVGSoAGsVYex3gORHftZCmnvhooCjCsTwgDJJR92SEgFHhGubO7VTeHdM_gT_x48_q-zXTeG9K4tqfS6wbZTfg_mhNC6UKuyQpMs2KAsI5DmDqvEKc8v9B8BxV7jPMF2YRjN5UqBfe1lGRstMmPGu99SJRLYjvioVZLv-1gSJhj344xs2W-MtHYix9u9stj6FRZdmSmxA7DRHjTbOipYoZUono-zllvRKlBoHhw79XPEnrVcFpVrTC0MsYLefKB3anasIe7p7nl0N2-lhFaGTwlMT8GSPJRDPIvzPsR_3qzd4WueLU9bepTOjIvfYTLoWRHInX8X5y4muLq-XbuGrIDokT1FgyDLRcjR-CeUsaa4nlsk91h3Ktfuy0-8CnQ_CATd8e16tF3hhS3BoC8rgiqdEu7pIi0AfHue6wc9KlLRzbp5UY_GU2A8bpVYSKaKnTv2NMjOkUp-wvBC8TXpn7ruVTb2PpdN31VCKdNM7lW_4sZJqVqLYqxtvfeFG_rHwSCGJ-dDAliby0UPQhVQjL0RPcxA9xSSAwS_SDFa8YXXVtBd3qdVLJ8gXqLZr9YYyoZQuW3Lc2kcB4Ntu-G64mMVHi0wMvkzQrj4R1c6LVYF4edIaipj7P8p1pRsxyDtFCzOpsSRQB7sYnxOPUMtIIBcc0Xsz8H4LSiu1dhcTvw9X9a39hF3rgYpdx86_5pletw_1WG81wQWSWjpM7KWG8x-upp3J5mKVSsP9HWwSrzxntS8L9by8-J5BQ5VOXaQsYIfvE2fyC5CQkmk1VbU_QMoyMdy42uAJ3jIVqzgQQMuZEUyBCNLdHMP6Xl9LRRLgIg7xqWHeYt7OCyNfdS78hXP8bjUysS7b75kLPvTiaixBG2Z0IOqYBglwgya8zXF04wI4OD-uGZnzaz3IJ7nXavAct6gxIDfBr17--mbnBPboc3g4PKmybPcPywwW3uIiiXospKHXLd4-7BGncF9pAJtUvcmkS7TuFUK4WKR7ZJDL1sAo-6OSF0fUtLb3VcqN6nd3QbH13EkQ_oAG1gv_c1T9uEtLSubS66TooejDMuF1E2r9irpNHI2BrDwa2gHc67_GFIR_lzsHWVwhiNlV8lupCRM6qrvjZoNxUvWqRuXQ8YwFoj9pLniYMid7fLR8aPA4r1_3kt_tz8QSwDFHlQ4D_54XZspAnorpjVoo1r258BBmWF0gg2e_aF3g9bBAIe5UMYhtQcx2VpsN3Ifs31CTovBACwkFCqXlphTX2tOZ_HKWyNRdKah8NOy9OBuAgtDlTkb4HaKYX-bvkEtTGamOTa2dgKOhH1y0_0Hc3KCQQGSFqoaNSDt5Lj60uXWfSp1ZPJvav6_36GTb3z6KfJs4cqWchfGf4tmAe0GO8Vvs4Ct0V1sZOLkjrgphWDH-j1KkPfAEGdWYW9OQ3NP5wwtIGs0AohJ7bSx624B3EROA_Q-2LlNI9R9WJSEBLbpiqPvARu5wN5QSqkrDsrnsbt5o3rJH8EeT-4CY1bjFXoRAB5tTYHKgiXZ7rfMb-gXJBq6FVXRm0njzw6xtPyiAnSEFadNATYJUQ42XOwP_5Ghk7MInHz9oRqOl5nGSVVXn1312G1TYLS-cjUv0BAozI-EoxgDY5YAHa6nzl9pBMu8fXskURibrhZsgo390_UQVp0oejYd-RcdwxooZbxStR_vQfXoeQCR6H3vwyZBpsoG0ooGu6DEGtjXrqjt3en7OLF07Tae28GGLnE69rAdJeuL7mHDHXmrrd9SUQ1AygLKbTptFTMmyR7OENVCsk_e2o_aAJPHtF2HOCyqr0xRWrqeQHWlLCoEnqKYIGGy0H-_uPWYpccB8vdLK1ECNWG3vezBL0u6O8sFVpZFfKkdDw_R6mxtfLERxYI7GUQ3TOfHhSn4gxzZ-aQOh8WcFXMbcUFDTSTsvyzAkltAzpKtwhs1sqLKm6L0VtskhI9l2wrQsP2lfYzC7tsM4KxaJpG5rBD1TvsMqsp2OBJk2NWyT4dYwcDfCQRA5Ksak2PBxeJbEPuoDO5oCu3oSWPVt6FDT_BvTtHsq53hcOaeVD6KkfHWzfUFYt4OMCdwf5uMWg_4OT4UlVGZkEXSyH-Icv3o_7yMOKrdCxkR2gklDzb8KobXdYu3_qE5TyFQ1OW0CPfln08Of2G5cpIv5PshiAM5-8TWwfla4aTXQp7oQYSYIuls9kEza_UBbWGB7rg-CYxfE8beLfxXE4c_ZZMnfE-ai4bqck1916NSPJ2OAAM30FjKckEqhUjLw8rImR91AdGrMlPSQVPaJ_NjX_wISKyTFZ_H4CsGbzYhrDw5I7bszxyqtZzepyTXxAUULz-2koWjd2-wRp2OeTlwY96Q5wVYHRBe7wpl8RST2KwvEkUAQeVShRiWKlZ7vXUvWViJMDEfwBSem92vM1ohoClUwakM7_HJ5orvXSJ4unFbwwh_5USN8GNA5aIFx3RgDjJqwcas7ommVcPuili_rnCH4HKfMSc5QcUKKHlx1TGawt3wYts0-ARRh7JUwhBSgs3JF8g-w9GYk0DJgjQhV0Mh9qjXxAh0dDZ5TRZFreiYs5UQhRUWQlz01YtuSfl7_-7I0mR8pR2rJTkgnfUYusgN_wAANSHXPkXCXoVS3vkhfv28cx04dM5zFpNsfqcxAlR-_3ukFy6P3QuCsFfrplb88-BMgaWjBCpFE2gUGNUz3-_6OZoD_PviHEFK5DoNZRK7eAcrZoUEWPj-WWA-_xbpCAwa2D4tLqBs6gNHDMoUEIn1AwCSGvdQemk-s_Vb7mQPd-MpzPAAja5HIKt0nHl9dj3NSH409_T1l0IQnEXvM1tvro0hcNmqc8cFbZBKOkSgQs6vV3vWeoyLKncYLb2yznxvva2UXi6SXTKimp-f-MhAam0EQuoC3O81DAFvalG3HLk2BvHpMECwIRJM6yBd5UUiiK7ztEuO5LQdY8J27RJKLX5ZGr6r8mXZyDQO5GSFR-RXfYiIoQS4R4aRWwzdzOpChEQW-jV1v1dFP1a_zjhXvAV-nl9ehKu7_Tlnb8IvW5bNLzMhGMY3rGgSoO6mYN7MYP1cerJLO83HWN6oZHxeu5XB7pa7iaxXBgbq37UnUUE9oJ0ddi_BedhaDGuJd7GPOx8mTLsqptXNMvx-2Zj7EBAia2w69k41ODjOEPzleOvgyQ6SEgPs9K5Ij1L13mpaq8sppyvJQzgu9X-visnF6du4Z5KsEo28UqL-1wqU92i-zveUFgv0ObqhbiEQG0xYGtaDfMRqZym3Slw&cid=CAASJeRoq3F7JIIjNd4Qxids7O5P_hp5Xw68lDU6vlDum7iEs3cwxiI&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%242%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:57:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame A972 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bteo9K4F34do0sNEqp3EWnHISWla7EzB3YlITTflfJzw084aQ9GyA8jTkhNXeyVzfcpciUxSmkfefrXPPTob_gtldbsOwFjKIt6lpXSq9Fi-UcqIovM7b5o8hZVJ3FQ1ZbEN5fu365h_ebv6lzMGSoo-cskQ&dbm_d=AKAmf-CH2x0_nfDjyT1kyOsXxT0UaDU6QsCeOD4clfcKokDiz9rXs8OaomyG-qXjSSDxFJ4gXJQ9OPVQ1a8diskf8Xi1v7uBlh6sZKVqMUCrDfusjD6BcYH_doy6_Blvt7P-ULU1XJwLVbgK_3yrzfNYoe7T3W3bE-7ZqZ4Ciz8dIZky-DAQpkZvi15QiKN-hlVnAsFOz8rFmJeT1UUnVGSoAGsVYex3gORHftZCmnvhooCjCsTwgDJJR92SEgFHhGubO7VTeHdM_gT_x48_q-zXTeG9K4tqfS6wbZTfg_mhNC6UKuyQpMs2KAsI5DmDqvEKc8v9B8BxV7jPMF2YRjN5UqBfe1lGRstMmPGu99SJRLYjvioVZLv-1gSJhj344xs2W-MtHYix9u9stj6FRZdmSmxA7DRHjTbOipYoZUono-zllvRKlBoHhw79XPEnrVcFpVrTC0MsYLefKB3anasIe7p7nl0N2-lhFaGTwlMT8GSPJRDPIvzPsR_3qzd4WueLU9bepTOjIvfYTLoWRHInX8X5y4muLq-XbuGrIDokT1FgyDLRcjR-CeUsaa4nlsk91h3Ktfuy0-8CnQ_CATd8e16tF3hhS3BoC8rgiqdEu7pIi0AfHue6wc9KlLRzbp5UY_GU2A8bpVYSKaKnTv2NMjOkUp-wvBC8TXpn7ruVTb2PpdN31VCKdNM7lW_4sZJqVqLYqxtvfeFG_rHwSCGJ-dDAliby0UPQhVQjL0RPcxA9xSSAwS_SDFa8YXXVtBd3qdVLJ8gXqLZr9YYyoZQuW3Lc2kcB4Ntu-G64mMVHi0wMvkzQrj4R1c6LVYF4edIaipj7P8p1pRsxyDtFCzOpsSRQB7sYnxOPUMtIIBcc0Xsz8H4LSiu1dhcTvw9X9a39hF3rgYpdx86_5pletw_1WG81wQWSWjpM7KWG8x-upp3J5mKVSsP9HWwSrzxntS8L9by8-J5BQ5VOXaQsYIfvE2fyC5CQkmk1VbU_QMoyMdy42uAJ3jIVqzgQQMuZEUyBCNLdHMP6Xl9LRRLgIg7xqWHeYt7OCyNfdS78hXP8bjUysS7b75kLPvTiaixBG2Z0IOqYBglwgya8zXF04wI4OD-uGZnzaz3IJ7nXavAct6gxIDfBr17--mbnBPboc3g4PKmybPcPywwW3uIiiXospKHXLd4-7BGncF9pAJtUvcmkS7TuFUK4WKR7ZJDL1sAo-6OSF0fUtLb3VcqN6nd3QbH13EkQ_oAG1gv_c1T9uEtLSubS66TooejDMuF1E2r9irpNHI2BrDwa2gHc67_GFIR_lzsHWVwhiNlV8lupCRM6qrvjZoNxUvWqRuXQ8YwFoj9pLniYMid7fLR8aPA4r1_3kt_tz8QSwDFHlQ4D_54XZspAnorpjVoo1r258BBmWF0gg2e_aF3g9bBAIe5UMYhtQcx2VpsN3Ifs31CTovBACwkFCqXlphTX2tOZ_HKWyNRdKah8NOy9OBuAgtDlTkb4HaKYX-bvkEtTGamOTa2dgKOhH1y0_0Hc3KCQQGSFqoaNSDt5Lj60uXWfSp1ZPJvav6_36GTb3z6KfJs4cqWchfGf4tmAe0GO8Vvs4Ct0V1sZOLkjrgphWDH-j1KkPfAEGdWYW9OQ3NP5wwtIGs0AohJ7bSx624B3EROA_Q-2LlNI9R9WJSEBLbpiqPvARu5wN5QSqkrDsrnsbt5o3rJH8EeT-4CY1bjFXoRAB5tTYHKgiXZ7rfMb-gXJBq6FVXRm0njzw6xtPyiAnSEFadNATYJUQ42XOwP_5Ghk7MInHz9oRqOl5nGSVVXn1312G1TYLS-cjUv0BAozI-EoxgDY5YAHa6nzl9pBMu8fXskURibrhZsgo390_UQVp0oejYd-RcdwxooZbxStR_vQfXoeQCR6H3vwyZBpsoG0ooGu6DEGtjXrqjt3en7OLF07Tae28GGLnE69rAdJeuL7mHDHXmrrd9SUQ1AygLKbTptFTMmyR7OENVCsk_e2o_aAJPHtF2HOCyqr0xRWrqeQHWlLCoEnqKYIGGy0H-_uPWYpccB8vdLK1ECNWG3vezBL0u6O8sFVpZFfKkdDw_R6mxtfLERxYI7GUQ3TOfHhSn4gxzZ-aQOh8WcFXMbcUFDTSTsvyzAkltAzpKtwhs1sqLKm6L0VtskhI9l2wrQsP2lfYzC7tsM4KxaJpG5rBD1TvsMqsp2OBJk2NWyT4dYwcDfCQRA5Ksak2PBxeJbEPuoDO5oCu3oSWPVt6FDT_BvTtHsq53hcOaeVD6KkfHWzfUFYt4OMCdwf5uMWg_4OT4UlVGZkEXSyH-Icv3o_7yMOKrdCxkR2gklDzb8KobXdYu3_qE5TyFQ1OW0CPfln08Of2G5cpIv5PshiAM5-8TWwfla4aTXQp7oQYSYIuls9kEza_UBbWGB7rg-CYxfE8beLfxXE4c_ZZMnfE-ai4bqck1916NSPJ2OAAM30FjKckEqhUjLw8rImR91AdGrMlPSQVPaJ_NjX_wISKyTFZ_H4CsGbzYhrDw5I7bszxyqtZzepyTXxAUULz-2koWjd2-wRp2OeTlwY96Q5wVYHRBe7wpl8RST2KwvEkUAQeVShRiWKlZ7vXUvWViJMDEfwBSem92vM1ohoClUwakM7_HJ5orvXSJ4unFbwwh_5USN8GNA5aIFx3RgDjJqwcas7ommVcPuili_rnCH4HKfMSc5QcUKKHlx1TGawt3wYts0-ARRh7JUwhBSgs3JF8g-w9GYk0DJgjQhV0Mh9qjXxAh0dDZ5TRZFreiYs5UQhRUWQlz01YtuSfl7_-7I0mR8pR2rJTkgnfUYusgN_wAANSHXPkXCXoVS3vkhfv28cx04dM5zFpNsfqcxAlR-_3ukFy6P3QuCsFfrplb88-BMgaWjBCpFE2gUGNUz3-_6OZoD_PviHEFK5DoNZRK7eAcrZoUEWPj-WWA-_xbpCAwa2D4tLqBs6gNHDMoUEIn1AwCSGvdQemk-s_Vb7mQPd-MpzPAAja5HIKt0nHl9dj3NSH409_T1l0IQnEXvM1tvro0hcNmqc8cFbZBKOkSgQs6vV3vWeoyLKncYLb2yznxvva2UXi6SXTKimp-f-MhAam0EQuoC3O81DAFvalG3HLk2BvHpMECwIRJM6yBd5UUiiK7ztEuO5LQdY8J27RJKLX5ZGr6r8mXZyDQO5GSFR-RXfYiIoQS4R4aRWwzdzOpChEQW-jV1v1dFP1a_zjhXvAV-nl9ehKu7_Tlnb8IvW5bNLzMhGMY3rGgSoO6mYN7MYP1cerJLO83HWN6oZHxeu5XB7pa7iaxXBgbq37UnUUE9oJ0ddi_BedhaDGuJd7GPOx8mTLsqptXNMvx-2Zj7EBAia2w69k41ODjOEPzleOvgyQ6SEgPs9K5Ij1L13mpaq8sppyvJQzgu9X-visnF6du4Z5KsEo28UqL-1wqU92i-zveUFgv0ObqhbiEQG0xYGtaDfMRqZym3Slw&cid=CAASJeRoq3F7JIIjNd4Qxids7O5P_hp5Xw68lDU6vlDum7iEs3cwxiI&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%242%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10463
x-xss-protection
0
server
cafe
etag
17671883673189222985
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:54:26 GMT
sd
us-u.openx.net/w/1.0/ Frame F2CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENqx9Pcx-yZ_1FM1NAQKgt8&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENqx9Pcx-yZ_1FM1NAQKgt8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYjoHUyQEwAQ&v=APEucNW0x0js24uF_RAOnFnZtHtvn29QqBLu-69yvNRxY5A8NUGEucFVg_2_-RU-h8bVsmmwzLLlgZQgLjNQP2QgSRwuh5Z70Vk98loykRQCrrynpCTQdoefe53VTf5vhmW_KDAvmV-M8559mZ73cPLTkaaOAZY4dMcqOtJ5qSv1F6k5NTALAZU
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
via
1.1 google
server
OXGW/18.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENqx9Pcx-yZ_1FM1NAQKgt8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame F2CC 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYjoHUyQEwAQ&v=APEucNW0x0js24uF_RAOnFnZtHtvn29QqBLu-69yvNRxY5A8NUGEucFVg_2_-RU-h8bVsmmwzLLlgZQgLjNQP2QgSRwuh5Z70Vk98loykRQCrrynpCTQdoefe53VTf5vhmW_KDAvmV-M8559mZ73cPLTkaaOAZY4dMcqOtJ5qSv1F6k5NTALAZU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame F2CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEGRHY36KDRb_eUAet7670vQ&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEGRHY36KDRb_eUAet7670vQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYjoHUyQEwAQ&v=APEucNW0x0js24uF_RAOnFnZtHtvn29QqBLu-69yvNRxY5A8NUGEucFVg_2_-RU-h8bVsmmwzLLlgZQgLjNQP2QgSRwuh5Z70Vk98loykRQCrrynpCTQdoefe53VTf5vhmW_KDAvmV-M8559mZ73cPLTkaaOAZY4dMcqOtJ5qSv1F6k5NTALAZU
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 22 May 2022 23:00:38 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEGRHY36KDRb_eUAet7670vQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame F2CC 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYjoHUyQEwAQ&v=APEucNW0x0js24uF_RAOnFnZtHtvn29QqBLu-69yvNRxY5A8NUGEucFVg_2_-RU-h8bVsmmwzLLlgZQgLjNQP2QgSRwuh5Z70Vk98loykRQCrrynpCTQdoefe53VTf5vhmW_KDAvmV-M8559mZ73cPLTkaaOAZY4dMcqOtJ5qSv1F6k5NTALAZU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 22 May 2022 23:00:38 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 098C 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
Origin
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:47:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 07:47:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 098C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Brug0EY9PTS1MUaQvSizGGHZpL8KDYD9BIJAHvrzKErItK5PBnDZwEhA1pQP0xQltrZ8PKdBbsFphJ6kQlZ5NrSn7gx32gKY9DRHlNlVeJq7SixAI56d1e2F14rcY4iZjDDX6kQ-RsnvK6-_DyQVFVh6UzSQ&dbm_d=AKAmf-CN6O75-Q_gur5M8W0TqaonVLOJ1wFk6GyrUHJX3ovAeVdl5JGvVlQ3UsH7cRtn_ZRZd0x2ozz50ibfSpMGwl8-B6hk3xQPOSvTHJGW4bBRM7et-Bjdf-wZ1X8CnkKd5AnHtKoHNV6_mpJw1N26DW-LgT0br5G4ZUd5tdJvhjxR8oENTRVWmpeE-7jxMzO1hHLJ_KKKfYihmUPpMSB9MrN6WM6MGPgj2nuVWQRJmF5bWgB4LbhKY9ZvSq3UF2EWh_kVdle6QrVR_4d46FNqseDddREp60l4IsczBvxz05s4800zcR-YwMHiFApAL3J7asyvAk_c0dBQ-GsbNJiBLRerD_zLutRSydNGFm1LeXibviC6sSRFYigfZZyePfDLd7xzAmC1LPqpNulxOS_XxIxYVkKq-F-BDWsJbtWC_NYs-U2eY5Fm3cTFclN5iEWybCPq33EwBIn0dUy8Fs-R7M2htLIu3QhcDUUwIfCgna0rKlfoOmI8XfEgwHiD7NKV7g2jzEOx5bia3_ixBsODyunD3MYx9v0KvYSx-pwL1NQv06PhMtnikwbG94sJG0n7qsGrhak3Gkxm28RVvQxAwH-1eFz2RceLkc9lTWbf2CFVBlr2mNLNcE1ZCY_ShQaIlIepkxXpbq-9ur8Jmv6QyhZTXwAVx7V9M-LtpvLOFjtSxWNspQ5bq2eMvBqd_ma_175TG8drU4XODH7g4_iO9X2zbIVsgE_BpOKokVXSpuq7PVqj55MHVjk_AnyZH-FTESD-xfesAYcsbuz9IiEaZuLe-LxKdqJWtfvEeY7sOnrSgN32v-cVgF5R0wxg9SkA6WHeWfkLzcqA4hiuOQyb-ozLxaUgd41xcTtoACERUkYfBJ0etgb1v6E5tfDsVZXzYkGRsv9T-Ks44Rv8GUU2Sl4bZIIAMWsKGBZsMzS0nsr8a8YKbnAIT7cvmzM6e1DJU_VBXFr16jjAhfZfF45BoZL2pQhzgyMpZ-C2gs4OIgpAFpr-XkLEay2mUiqEWpJRaiMx02jmBffiwQP29PEghQUEpoFTInLiAodB2xxDXWcvsH8yOGoTBfTNFYSaQd_ndfn1QvgK75EDxAVuScZGEQopJ8x-2ztEEALgGuZhIvb5OmXp2727JfGd33Ttv11USq4EQuTiTxDYDA-qVGmQCOWpKUETql57phfBl8iXLfhvZyBicAcab4euEJIItLp2XcjZR2AX7PPHyyEdfAtGArWU-7HrrltBKgdtUvHx1LgyI5F_Xn38sb3hSoKo39Zbyb8icaqmMzD2i7s6opus86fwDXyljhVUXyXBj-Lyo6u8fR4uU1AqdGWFjtH3t1tFTl56puYAltZ0_LmIdpitsb4xVAogIy__UEnMdHnLX2PiNg7mvSziSSOua6dLE4G4TuxoOwQAziB2ejkbfezAvI1nD0fnVzIcTII8qb5mLKvlvR83Yg_aLttcE8S1hYBFuBPpx3mw1iH7wV5oMgl68k5RuYNbVX5x4NXUo_j8ErLc_Q0VuMLfz8ngifcy6emVtzGCAdISpQnxngvnjMHqsxG-TyzrBBK6U57kufEKhtezTKD_4WwwBbK6_GmKZh4wfEKWMwg4iU9P_sxCNHbvfk-ApPnYg-oIh141BHj8_FLxC80pvG5Qc9jnMo57curfEKXMur_aineI8dnoNLQ3rSQGEaBwP78KPk9droHBBbFpFa26YNrq5dQ0i97f3KV53IAHtCleQSVO5nam-cLtv4iyOrRp9XbHOlNQAOnrrndySotxjij-iMCPAOkTgm5XSZrpkioSbRMYh1n_9DQwg-C-coQKsZtdeziNiAqs-52mZAMnfHV7aTjrFKL8LXQu2_N2sELgCv5W5q_s2dogwMTplpKs_8rs3NUBS37gEhP0wTffoHdTtRXatFQUx6FcztvMBh38HgVB4Uf9Moaszp_8C5EtTGu_vROIFnAdqOHorXIwkDHpyuZdi1bIiE6dDXHW2kSN002lLBIncfi9D5XGg6_4-2peRbW85ek82jli-8l_yv-JprY_nszyrIJJpzytZYGplCM59VPam9mYTiGrMrzjK12XxEx5jUNZYt6C6bQVTH-FwSfM_w-qV3FQgkFPS0qAWbGsfgalZXEfhADVqZdHKNsv6VLNVq3fSaI2c2QAj3pvD7ZfytmbbhE_F0KHxIfECqeZsrRUO4mlq5LzYPwXOCagkkLVVMAEIASwmqwqCWeNf0zL8CSC1BnWSlQThjW4Bj136-CaZpduh5bOA_CBcLqR8ExrWTvyUdILw1gRDwnYgf2T5QiZODXRLqvQVZRKmEFye-3ozlGK4jTqlvV98-bzORTrdi-W8X83zvEy3vdp9dNzHCOftUY6xC3Xb0wrMbuYcB4KNm_hydRYjrCCZlBYVZWINR3Edg5Seiz9F6I-plE87EsxI2jWPH9j13xN31oTmwS2yj6XzcbUE5228M-x4XC-uCa2qiqn3HacfBWzb8PstbY3WLH1qePa_JFr9AJ0OCHajxp0wu471-qhQZnoJzONBR-98ix_ez4eLjtn7vDYbZoktOB-TtvdoI7Kit0FR2Z9hwFW9-n6zTK95sYs3K63EVQUdWRtsMBsraf0Pt-Ev3ifBkDcjBAnT1XSF9aah8pWG4b-N9ItWS_dEKbTkQeAhlN87_Juu-O6P4kTlkfwZPOwuCf4vopOIypei-ufNCqV-c1XWS68_wamYX-DeZ7jMEUIHF7UO9UQTEpLiHdZGroFN2EyI2OJ1mpJcvF8n_VKwAFNfWjoruB0zzIKH83eHLkuHukRcnoJpEg8qXKPYMolP1QhYxAa5YQweTdg1aIwU4t5HAa7TvltmgyoA535uiA2lAH3CNCK7p2nM9qP6mGZ3iGknleTF6UT9HRL30_5SJ0lwJ3-vfrcyqnhDpBGjPouKFbQt0vu0yKDTYoHg0fgEQdfZRzobLD8d3L-MwoSjTgdx8ESs_K_AW4oDgyXUQNIHUdye4XCk6KyV31e-nMvwfueGmlvVNvSJzmu1g7djVrgRGBrPPA6HJdFDdJpB-PfH46QqRiBOLrHiTXAWtpTdORCgF8szUCKE1GjWAiiehsuhPbpdt3jrvEFt-aMvyt0tGWXbOkOD5l2R1wyDj-GfDJCazdMehWqzkMf3bN3-litVkX9tC_tCu6i04OB3bU72i4DYBdw2GA6I4dKmpjaFvmmh-FcI1hXWdOIJ0P3YIzzVSKzuGQZBSA-3TbpXrV1yAIEzUh1BlvVOkx9c59NmGexG8BkpmZPdXuv6id8MJFK0eF8FA-WCZsqG7qVGhPpfAde7-Cl5v6k-tEYTe5Fjk4oLenSX_s_EiI0Ia2ZDStDGNWnTPYugQ&cid=CAASJeRo5A9CzjkzXzPmXY8H9RKrWpVa6UN1R2nkzJf3-tfv69r_XOo&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%242%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:57:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 098C 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Brug0EY9PTS1MUaQvSizGGHZpL8KDYD9BIJAHvrzKErItK5PBnDZwEhA1pQP0xQltrZ8PKdBbsFphJ6kQlZ5NrSn7gx32gKY9DRHlNlVeJq7SixAI56d1e2F14rcY4iZjDDX6kQ-RsnvK6-_DyQVFVh6UzSQ&dbm_d=AKAmf-CN6O75-Q_gur5M8W0TqaonVLOJ1wFk6GyrUHJX3ovAeVdl5JGvVlQ3UsH7cRtn_ZRZd0x2ozz50ibfSpMGwl8-B6hk3xQPOSvTHJGW4bBRM7et-Bjdf-wZ1X8CnkKd5AnHtKoHNV6_mpJw1N26DW-LgT0br5G4ZUd5tdJvhjxR8oENTRVWmpeE-7jxMzO1hHLJ_KKKfYihmUPpMSB9MrN6WM6MGPgj2nuVWQRJmF5bWgB4LbhKY9ZvSq3UF2EWh_kVdle6QrVR_4d46FNqseDddREp60l4IsczBvxz05s4800zcR-YwMHiFApAL3J7asyvAk_c0dBQ-GsbNJiBLRerD_zLutRSydNGFm1LeXibviC6sSRFYigfZZyePfDLd7xzAmC1LPqpNulxOS_XxIxYVkKq-F-BDWsJbtWC_NYs-U2eY5Fm3cTFclN5iEWybCPq33EwBIn0dUy8Fs-R7M2htLIu3QhcDUUwIfCgna0rKlfoOmI8XfEgwHiD7NKV7g2jzEOx5bia3_ixBsODyunD3MYx9v0KvYSx-pwL1NQv06PhMtnikwbG94sJG0n7qsGrhak3Gkxm28RVvQxAwH-1eFz2RceLkc9lTWbf2CFVBlr2mNLNcE1ZCY_ShQaIlIepkxXpbq-9ur8Jmv6QyhZTXwAVx7V9M-LtpvLOFjtSxWNspQ5bq2eMvBqd_ma_175TG8drU4XODH7g4_iO9X2zbIVsgE_BpOKokVXSpuq7PVqj55MHVjk_AnyZH-FTESD-xfesAYcsbuz9IiEaZuLe-LxKdqJWtfvEeY7sOnrSgN32v-cVgF5R0wxg9SkA6WHeWfkLzcqA4hiuOQyb-ozLxaUgd41xcTtoACERUkYfBJ0etgb1v6E5tfDsVZXzYkGRsv9T-Ks44Rv8GUU2Sl4bZIIAMWsKGBZsMzS0nsr8a8YKbnAIT7cvmzM6e1DJU_VBXFr16jjAhfZfF45BoZL2pQhzgyMpZ-C2gs4OIgpAFpr-XkLEay2mUiqEWpJRaiMx02jmBffiwQP29PEghQUEpoFTInLiAodB2xxDXWcvsH8yOGoTBfTNFYSaQd_ndfn1QvgK75EDxAVuScZGEQopJ8x-2ztEEALgGuZhIvb5OmXp2727JfGd33Ttv11USq4EQuTiTxDYDA-qVGmQCOWpKUETql57phfBl8iXLfhvZyBicAcab4euEJIItLp2XcjZR2AX7PPHyyEdfAtGArWU-7HrrltBKgdtUvHx1LgyI5F_Xn38sb3hSoKo39Zbyb8icaqmMzD2i7s6opus86fwDXyljhVUXyXBj-Lyo6u8fR4uU1AqdGWFjtH3t1tFTl56puYAltZ0_LmIdpitsb4xVAogIy__UEnMdHnLX2PiNg7mvSziSSOua6dLE4G4TuxoOwQAziB2ejkbfezAvI1nD0fnVzIcTII8qb5mLKvlvR83Yg_aLttcE8S1hYBFuBPpx3mw1iH7wV5oMgl68k5RuYNbVX5x4NXUo_j8ErLc_Q0VuMLfz8ngifcy6emVtzGCAdISpQnxngvnjMHqsxG-TyzrBBK6U57kufEKhtezTKD_4WwwBbK6_GmKZh4wfEKWMwg4iU9P_sxCNHbvfk-ApPnYg-oIh141BHj8_FLxC80pvG5Qc9jnMo57curfEKXMur_aineI8dnoNLQ3rSQGEaBwP78KPk9droHBBbFpFa26YNrq5dQ0i97f3KV53IAHtCleQSVO5nam-cLtv4iyOrRp9XbHOlNQAOnrrndySotxjij-iMCPAOkTgm5XSZrpkioSbRMYh1n_9DQwg-C-coQKsZtdeziNiAqs-52mZAMnfHV7aTjrFKL8LXQu2_N2sELgCv5W5q_s2dogwMTplpKs_8rs3NUBS37gEhP0wTffoHdTtRXatFQUx6FcztvMBh38HgVB4Uf9Moaszp_8C5EtTGu_vROIFnAdqOHorXIwkDHpyuZdi1bIiE6dDXHW2kSN002lLBIncfi9D5XGg6_4-2peRbW85ek82jli-8l_yv-JprY_nszyrIJJpzytZYGplCM59VPam9mYTiGrMrzjK12XxEx5jUNZYt6C6bQVTH-FwSfM_w-qV3FQgkFPS0qAWbGsfgalZXEfhADVqZdHKNsv6VLNVq3fSaI2c2QAj3pvD7ZfytmbbhE_F0KHxIfECqeZsrRUO4mlq5LzYPwXOCagkkLVVMAEIASwmqwqCWeNf0zL8CSC1BnWSlQThjW4Bj136-CaZpduh5bOA_CBcLqR8ExrWTvyUdILw1gRDwnYgf2T5QiZODXRLqvQVZRKmEFye-3ozlGK4jTqlvV98-bzORTrdi-W8X83zvEy3vdp9dNzHCOftUY6xC3Xb0wrMbuYcB4KNm_hydRYjrCCZlBYVZWINR3Edg5Seiz9F6I-plE87EsxI2jWPH9j13xN31oTmwS2yj6XzcbUE5228M-x4XC-uCa2qiqn3HacfBWzb8PstbY3WLH1qePa_JFr9AJ0OCHajxp0wu471-qhQZnoJzONBR-98ix_ez4eLjtn7vDYbZoktOB-TtvdoI7Kit0FR2Z9hwFW9-n6zTK95sYs3K63EVQUdWRtsMBsraf0Pt-Ev3ifBkDcjBAnT1XSF9aah8pWG4b-N9ItWS_dEKbTkQeAhlN87_Juu-O6P4kTlkfwZPOwuCf4vopOIypei-ufNCqV-c1XWS68_wamYX-DeZ7jMEUIHF7UO9UQTEpLiHdZGroFN2EyI2OJ1mpJcvF8n_VKwAFNfWjoruB0zzIKH83eHLkuHukRcnoJpEg8qXKPYMolP1QhYxAa5YQweTdg1aIwU4t5HAa7TvltmgyoA535uiA2lAH3CNCK7p2nM9qP6mGZ3iGknleTF6UT9HRL30_5SJ0lwJ3-vfrcyqnhDpBGjPouKFbQt0vu0yKDTYoHg0fgEQdfZRzobLD8d3L-MwoSjTgdx8ESs_K_AW4oDgyXUQNIHUdye4XCk6KyV31e-nMvwfueGmlvVNvSJzmu1g7djVrgRGBrPPA6HJdFDdJpB-PfH46QqRiBOLrHiTXAWtpTdORCgF8szUCKE1GjWAiiehsuhPbpdt3jrvEFt-aMvyt0tGWXbOkOD5l2R1wyDj-GfDJCazdMehWqzkMf3bN3-litVkX9tC_tCu6i04OB3bU72i4DYBdw2GA6I4dKmpjaFvmmh-FcI1hXWdOIJ0P3YIzzVSKzuGQZBSA-3TbpXrV1yAIEzUh1BlvVOkx9c59NmGexG8BkpmZPdXuv6id8MJFK0eF8FA-WCZsqG7qVGhPpfAde7-Cl5v6k-tEYTe5Fjk4oLenSX_s_EiI0Ia2ZDStDGNWnTPYugQ&cid=CAASJeRo5A9CzjkzXzPmXY8H9RKrWpVa6UN1R2nkzJf3-tfv69r_XOo&rfl=2%2Chttps%253A%252F%252Fua.korrespondent.net%242%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10463
x-xss-protection
0
server
cafe
etag
17671883673189222985
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:54:26 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 48F6 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fua.korrespondent.net&pubid=5c3c4d42-c5ae-4bf5-a931-2f0dc2cf7912
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 19:19:48 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
server
Server
age
13250
x-cache
Hit from cloudfront
access-control-allow-origin
https://ua.korrespondent.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
vuKlyrvQxNd6tSpuEfLZA5t0lntHn2oIwkoT8-p7igmGdQ1TuSnYUg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 48F6 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
69558
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Sun, 22 May 2022 03:41:25 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
5xuH0X1QPfuY3XWEh_NImgtqlnAXz2S5MQNk_wRmP8PzTzo7Vg4K-A==
pubads_impl_2022051801.js
securepubads.g.doubleclick.net/gpt/ Frame 48F6 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
71f7b22f7b615b6a6cb2240ba7516fb2e83d2028607d5983fd64d1b755fd11f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127552
x-xss-protection
0
last-modified
Wed, 18 May 2022 08:34:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 May 2023 09:21:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 463B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
URL: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 May 2023 13:38:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F489 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
URL: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61614
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 05:53:44 GMT
etag
48472445140208031
expires
Mon, 23 May 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/14782411303688353274/ Frame 3688 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14782411303688353274/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
304284
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2422
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 19 May 2022 10:29:14 GMT
expires
Fri, 19 May 2023 10:29:14 GMT
last-modified
Thu, 05 May 2022 07:03:38 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 463B 		0
306 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvSzcn-d6cquHXYACh6puQkSGbCx2zMFgHmbcABbXIcgpA58b_du5YpzpVgw3jHGxKngTSDb87PxKob62bONerxYAG8PWma3geB1mO7vYP5-12SUc3llzT8Kg8vQa-huuLNMAD1NEbo4sbYimpmq0rAaFJnqG930NDVH5ca872WJOf5K_lrOLjZcr1t0vIzqdlkuQQXHUtkE8x0L2Di09W7NxvAiLi-jlHgvIsdFNZ8iqCrOJR9b2K_ZP8ZA9VbGk1B1HuThaMDLsBR-qqsekNH5zlUMLGrvKZtYhi-IMNoslMgDe6Rl4cMOm138CUmX5fzF4gVIXl0Dgm5HTcwJmlQYeMoyPXFGp0C1Mnww-JYqHM1p77NcattLktFpan3haL-ij_LjqHcmNdTjsVT0F7wz_71RRogsKkxjAceT6J56kXUuSbGQb9utot8zEmoU1cPeF0DPTPTUfL99nx5cataNNLQBQdBfXoSWkrcZEGJVt5GjASGh3f1RLkL7yy9Xh5vnzvZOeNZX_5OkJmdIwhmvO0wHaMOFcn0XEth0789fsfu4mltuGTjtFDiVzNq8kD79agYm8YTZYPV8pjuWMHEOlv5gL3n4U2bZb6MiVo1Pkxpt1rUuPTNg7TUFvGBrW-S7AhyW-M06Laka0aQQx0t5xQ1jBjL-0c8x-e03VBuSoVGHTXdTxdosLeU-mb961UWUYoY5_F169HZjqb6uymf4_ANGRty_M_DNwjSDS6_pnh-TP667wf0D5oh5PYcG4zv--nOVcdVfmxGGTg4aXYkcJAVhS8cwOKUPzUihdRFz1rTJMJbqEG_VxXD8l8CPytcCH2hkUsETIINVlqO0hWumgfTxgbhL8xmE_0EpunwiQY0xvJI3FJJRZ0GmI3QRjgLakGNzWtyACu976Vm2cXRxvcsMvqAjzdc1ewTGRBrCObafQT2GR7DnX1cVXkv59DZNacbamTcVS8yjuLvRIXrnuP5c9Xfbam4l01CychmIthhmgzJuObKifRCvHQzisA7DdjJQJHfY43IzFw_0T53EieD2HMNdR6gX0clnDrMKoSdiKa1QIPsorA1TvpGLfEMohV1IYYHLBBzBi7GDuDK4bmSXg-uSkX6ftDv5KQnSP7GcyIbAjXavfBFZ4w5-Iu2TIJg6GUIKV3bX2MWvJNvP6eWC0b9Sc_fy_kQ1G_nbc0YPsFwazDn9Es0MY9lWMd6zNdOKnPvOaiTmggUuqrb4j3ZxUW-hQ_dtP9vkAuDHt6K8T7SgCCQ7u32zmpF2d8ddwHwIDLxw7PIeivXrKm4ntQWurjVeg&sai=AMfl-YQZVw18y7Dowg0pjkFRwL1gJc0vjwxiJpbS2yWUgW7Y7GK_UmDE8adrE0hieqaCtyE6-npKIEZBTIRC1-mNUoqCsxTj0P1FSCRCyNceVoWwTYoNeQmzKAIWhstfljuHkFIHJ2wHI8vK0kXKuMUYXM2GLjFTu3H-ZGAfKSdi99h2e7tFoM1i8GaFHUMTiST4Ec_LSCQy2clKAKNCHvXYG5rnDtEy0rJWkbbk3GCliD7K84ul0wPUVxmohfk1g_a4CHnxCWtfU_BW_X4qMj34Qz9VyrjCoIBkFCli976nmEYi&sig=Cg0ArKJSzNTVjq-yGYHLEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=218&cbvp=1&cstd=214&cisv=r20220518.46964&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 22 May 2022 23:00:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 098C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 May 2023 13:38:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 291D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61614
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 05:53:44 GMT
etag
48472445140208031
expires
Mon, 23 May 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6449 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7e7c9a58c561d93f29fab3943724cefdd1bb12a6183e2b449a56236f8cc783b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
249604
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1568
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 01:40:34 GMT
expires
Sat, 20 May 2023 01:40:34 GMT
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A972 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstI53WkJQUkGcDoS102Y6YNnI6bDCNrKffK2u8zdIaMY88Lm5iEtAtbveUZXcPw8vfTJtUzbz4Ccp0JKEKAzo1MrnAacUO6DkSt-WSIBQDl6yaqmGtUbW2O0HOjXvrScXLtdeta4mP0UQqbSCXfwF5yQnPyMTyhrsSTl2HVKISYqz0ghUB82RNGlZHO8MLB9wBhBu4bvc63I4fcZZnGLURhkode1P0NYWI1S7lpP1p9yH_0xT9Len2og0swwHP7VEmv1WnRNcOwNOUBEb9Ew0iclwOAcqsteYLElx9p0CkoCQw1avcB5x-41PW6jvygWl-huvhbfgZflltj4Krbvw7WrUphw6cKVks2Yll_A9aRPTZ94YmH_ymnaxauLiohKeMicm3ydxQ_DCfeOl853ffyAr0e0RIxKS5IXrOBqdkEW1apgRaj5wc3IjbKiraKmeIE83A8xL_EPzCS1HXKpWZ4cryB7P63Wux3L2RhdlAyFR4d1DUZiyz4CzdW-NbV8w4M46XGvEGSXo9m_0F3bIR9cFGGhSG7y2bvXNtQixPmxd5QOcPydAHiVJLmoFk4NV30Rm3ZrI6Dw6p6BEbCczaAo8ujmE7cLOc283EKKY1kQPIBJHy4jHiH1eSyZBqZVWfaxjmEn6Lq4cFaHIz5RLbOPxdRD8AnWYo2UIL33KaSReO3RKIHHGVrUSzgU84xhlsDzmO16BeiJnzX3ni_SCWELSzrDqJhECuvkzY2ZNjK95xNfkE-gHEHlg7iOGWg3BseBVf1CfKCUw4Q9h_rtCPwyILtDBFxB6MfR2RUrgzoZAxshx2RwpYH6P-qecnH639vcJB-8GZQ_r_2-iKHFkGKbxXelQesWURWQtR2QPrkzzaOBD1iJbzmMt1iOfRRRE2WMVg-vH0AD9DbzbmfPiL6bxqyboQ7_c8hjWEXp0Hc3BDgtxgI6wjTO-kW7npwKK5CnMZbXAX9YyacYnhvjQaJWickCmTL311W8Vday8vvBUHeMyEIAsBYWf0XM-6Clf8mRqhqQZOm8k3BH5_ixDmbtrf0mubzwPCNieMbsz-YiUUi1i_fduNUBc-UrRI4thc2Luoil6hPvjp5FfGb6sVUQQ3fcH_9KxWrdIKPPMnG5vE7kDXV8hKMgXPFgzxqqUSsfVCafr8szIRGMCUg5i0WlUcjnNnxV28DnyktUBSe1WgphcSNHNMbDmSrgg9yTLK1j5Kpxvg9IbwOeT4bgIG5423OdIu88lcbFYHt1dAYIDMFDMaLuIosG7yLyo4iiAqocY_DNWlPJ5Z2ClnNQjiKIiD6j5J4S8r_e94RQ_onp7biqlQv4Iyq4TSouTW6n8MzDR4uCAgpCBpwjLYhtkrogRKdtZeFAQ0&sai=AMfl-YRitaoW6e2YwOIiEsMlBPEiAvhk18nk62KFIwtamBvevnsnuatndKg9KJ8jZitelvJ2APLr2ToIReTiufQFOaFzqBajy3U-bZodEHJzFuEDuIGD0fblSdtES2Z-nxiQdG60Da3-psb5Ysed7mZ72gEzlAaP2sa-d_POmW1_54HhxMrE2kMcK4s6vVQF7MC-3giY8TiiOAW24HCs3IoEmFhm&sig=Cg0ArKJSzB-rM1QOt2LwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=180&cbvp=1&cstd=178&cisv=r20220518.67205&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 22 May 2022 23:00:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
px.gif
d.adtriba.com/ Frame A972
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
3.125.240.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-240-25.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:38 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Sun, 22 May 2022 23:00:38 GMT
Last-Modified
Sun, 22 May 2022 23:00:38 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A972 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 May 2023 13:38:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 53F0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61614
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 05:53:44 GMT
etag
48472445140208031
expires
Mon, 23 May 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6650 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7e7c9a58c561d93f29fab3943724cefdd1bb12a6183e2b449a56236f8cc783b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
249604
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1568
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 01:40:34 GMT
expires
Sat, 20 May 2023 01:40:34 GMT
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 098C 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0bexa4kvyFkIvruiP-6ezeptURH5DHsTz7tlBO4as-b4re4YhUiij1nr9Tfqxj3rYsODAY69eadiK1rvjwfe_uTU_R_rbW1YeQzTHuYfQSTAxPnYp3-0EWSKt0VwtND2ES8AM0MaoiK7r-0uzYtDcwO9N7Eam7V4xEJlrvXzZEcgpbrlZEFn3w4xorxV8GYkE9I0ApOaWT0dduw3fbnpKrLDYbaAXOuWhIE2Z5xSVgs_RnFljtGRSvbe8M1Fz1_i-0FVw4r22YpD2a0jclB7xESoz3Ino0gX227raEP9Rog0HLSuTKoPneMExJnteV_7INcXAv_ir4Q6JkYtjI_rWbR0JF_Ii5Ts1UBMJh0sIB5Btz-6oGPJ_LEU0Nm2aySVRJX_g0Oj4EEoyZzxWR1v2TS-2lJs08oYuxci2mE_Mtm5rwGNX_H3MfYdo-ZN6PglxJXMYWWc97jheCJ97l3JaVU0HXEiWdkvFkgpqVyTnRwL1LqlSGei_ZY6yK3ojdSMkHMYr3jAzJlakHo24KvYP1OEnWUUYW7hk_O-AJXHWFiJi7ERH_k0EHFP36a3QkWKiS3RXsgeXSggpj6GtWJ6pW7lQk2upwwmpBC4vkzbsqN3d0MLxR9sSkw0HOmJJEXH0-RPFBcbzBAQvU05jQd_aNh01mG7zGHGLVLtz8DjROF8ZI0wt2COz-WPOVFyJ0Nijuvm6svmt0obvTFOp_1x8dzWLahuF7BlX8K7HS8Tn1z-Drx5M0FiHSRqn3Zcx_2zR8CiHYvspn91vnujTYIu5wpQoEdF8cq0bgZuqq_Rysl4Ss--FtAwnec4K-xbJU8B18N6InN8_n7tMb0OLs4z6TcTO-0idx-QfC4ZBfotXGOQWzn2Nvee7S6pXk2gDAMPlZR-ETFe_2xigFdWyMLi_VKLYWxAFk6kl0nY6ouUiwnQNN336-pzLD_d08vURPAV6cenaYGYdtGbmY7bF1l-Sl2OKt4LFCPg8OGeQWis8bLerSteSmfwwKcycFmO6synjlOVNs46SFsxVOKHJkhMc2UIqC67kjahEfXCYKcT4R2saSuu5y6C1j6m5YKuw_TnBjopSQTIi3w3XFofAu4FruxCFEpJOTp3997d-Tolotoznf5lwWIFks7rM4o8mCensJHS9g83S7wfZyvuBTvzwYw-5b35W1RYhLl8Htj9S_UFtRr066icjubKSkxf_7WKSkUXVI-FzGXgnE8EgMqRbvEwR3IVVDogueJjuPq-glsCSU6vy1B7M0p7wwXkTvNI_d2q4fOPd-K5uQ96RnQ7nydHAJoc&sai=AMfl-YS7WYBdHWBrWnXdqZc_1jxaNlDbIAbDnbim6-_5b1UYgl_ded_YwlwQYN8qSxg-BibEXI1m-14WyaVgwquwjqUQrAfAN-_07Q-dT0Ugk2TS7HIfGca0qA0xsHa2TCHux1eCHEmEtdluE5JAOAevrR4uokc9X4s6TVeJWnHdBrDBBrNobfWdhxuteEHw1Z8FXdaCHR5KQEGw-rpLwMV2Iwqo&sig=Cg0ArKJSzOYjIccZH8EuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=174&cbvp=1&cstd=172&cisv=r20220518.35096&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 22 May 2022 23:00:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
px.gif
d.adtriba.com/ Frame 098C
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
3.125.240.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-240-25.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:38 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Sun, 22 May 2022 23:00:38 GMT
Last-Modified
Sun, 22 May 2022 23:00:38 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame BDF9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?F56ahQ
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7305 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
206542
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 13:38:16 GMT
expires
Sat, 20 May 2023 13:38:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
getcookie
matchid.adfox.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ua.korrespondent.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ua.korrespondent.net
content-length
0
date
Sun, 22 May 2022 23:00:38 GMT
timing-allow-origin
*
x-content-type-options
nosniff
getcookie
matchid.adfox.yandex.ru/ Frame 48F6 		240 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8eeeec46336317236f133556fbd2a293ba05c1ca821ad93ffd644a47767561e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
timing-allow-origin
*
content-length
240
x-content-type-options
nosniff
content-type
application/json
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3688 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14782411303688353274/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14782411303688353274/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 22 May 2022 23:00:38 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3688 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14782411303688353274/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14782411303688353274/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 22 May 2022 23:00:38 GMT
main.js
s0.2mdn.net/sadbundle/14782411303688353274/ Frame 3688 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14782411303688353274/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14782411303688353274/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4629d0b183da48a1475d36a5c1842c7b39d94affc1522f802472410ee84e3b85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14782411303688353274/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 10:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304284
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2578
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:03:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 May 2023 10:29:14 GMT
styles.css
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6449 		1 KB
520 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93dd9bdfb4786776e0be67aeb0f1bd07f2c8164d05c859888ea58aa5130afb2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 19:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270977
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
491
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 May 2023 19:44:21 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6449 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 22 May 2022 23:00:38 GMT
main.js
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6449 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2182
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 23:00:38 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EC56 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
206542
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 13:38:16 GMT
expires
Sat, 20 May 2023 13:38:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
styles.css
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6650 		1 KB
520 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93dd9bdfb4786776e0be67aeb0f1bd07f2c8164d05c859888ea58aa5130afb2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 19:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270977
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
491
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 May 2023 19:44:21 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6650 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 22 May 2022 23:00:38 GMT
main.js
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6650 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 15:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2182
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 15:09:08 GMT
1
mc.yandex.com/watch/61684903/ Frame 48F6
Redirect Chain
  • https://mc.yandex.com/watch/61684903?wmode=7&page-url=https%3A%2F%2Fua.korrespondent.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anw88wxnrj5w8iczvruuw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
  • https://mc.yandex.com/watch/61684903/1?wmode=7&page-url=https%3A%2F%2Fua.korrespondent.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anw88wxnrj5w8iczvruuw%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
338 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/61684903/1?wmode=7&page-url=https%3A%2F%2Fua.korrespondent.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anw88wxnrj5w8iczvruuw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A1366514416859%3Ahid%3A540311642%3Az%3A0%3Ai%3A20220522230037%3Aet%3A1653260438%3Ac%3A1%3Arn%3A239565621%3Arqn%3A1%3Au%3A1653260438127775828%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1653260436645%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C5%2C0%2C5%2C5%2C0%2C5%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1653260438%3At%3A&t=gdpr%2814%29mtb%280%29aw%281%29rqnt%281%29cs%281%29efid%281%29ti%282%29
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
5a6e1e4dd2a44369fcff33ac8eccf923249b2fcad984025ebf178ceb76f2d71e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 22-May-2022 23:00:38 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Sun, 22-May-2022 23:00:38 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
last-modified
Sun, 22-May-2022 23:00:38 GMT
location
/watch/61684903/1?wmode=7&page-url=https%3A%2F%2Fua.korrespondent.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anw88wxnrj5w8iczvruuw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A1366514416859%3Ahid%3A540311642%3Az%3A0%3Ai%3A20220522230037%3Aet%3A1653260438%3Ac%3A1%3Arn%3A239565621%3Arqn%3A1%3Au%3A1653260438127775828%3Aw%3A300x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1653260436645%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C5%2C0%2C5%2C5%2C0%2C5%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1653260438%3At%3A&t=gdpr%2814%29mtb%280%29aw%281%29rqnt%281%29cs%281%29efid%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ua.korrespondent.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 22-May-2022 23:00:38 GMT
dpixel
cms.quantserve.com/ Frame F489 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN0uAHx4NDvOhK0g-v7QSg4&google_cver=1&google_push=AYg5qPLQQiQO27Z4iM0uG5lBb2ObojYt_a0qvX7m0sC-a-1IdLpu5nL-e8khQVCQsa247IQZu0qdz8YqE-Ho2R-HiXA38AOqx5DZ
Requested by
Host: ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
URL: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame F489
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAcxvEL8EVle5nPIAU5gB3Q&google_cver=1&google_push=AYg5qPIp6045xXOdMxu44HCPNbXbyFyXaqOPXp4ewfSX-gewj6BABo7cvTZn9hRFh7yxIblipMTXHfYN9_-AVikboMPafPHxyYfm&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAcxvEL8EVle5nPIAU5gB3Q&google_cver=1&google_push=AYg5qPIp6045xXOdMxu44HCPNbXbyFyXaqOPXp4ewfSX-gewj6BABo7cvTZn9hRFh7yxIblipMTXHfYN9_-AVikboMPafPHxyYf...
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAcxvEL8EVle5nPIAU5gB3Q&google_cver=1&google_push=AYg5qPIp6045xXOdMxu44HCPNbXbyFyXaqOPXp4ewfSX-gewj6BABo7cvTZn9hRFh7yxIblipMTXHfYN9_-AVikboMPafPHxyYfm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIp6045xXOdMxu44HCPNbXbyFyXaqOPXp4ewfSX-gewj6BABo7cvTZn9hRFh7yxIblipMTXHfYN9_-AVikboMPafPHxyYfm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
URL: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
70f92b506ef49a09-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
99
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
70f92b4ead159a09-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAcxvEL8EVle5nPIAU5gB3Q&google_cver=1&google_push=AYg5qPIp6045xXOdMxu44HCPNbXbyFyXaqOPXp4ewfSX-gewj6BABo7cvTZn9hRFh7yxIblipMTXHfYN9_-AVikboMPafPHxyYfm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIp6045xXOdMxu44HCPNbXbyFyXaqOPXp4ewfSX-gewj6BABo7cvTZn9hRFh7yxIblipMTXHfYN9_-AVikboMPafPHxyYfm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F489
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECHvRGYKkzl4yuE0CzVBBs0&google_cver=1&google_push=AYg5qPK7ZRtXOkp5pHFDEbgXW6FSq2VN3390m_5kxHx349VhohhQyBPw_Ne5RR3bpMlxaeXlpIXP0d4eTc6-ku...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDY5OTUxMjk5NjgyMTE0Mw%3D%3D&google_push=AYg5qPK7ZRtXOkp5pHFDEbgXW6FSq2VN3390m_5kxHx349VhohhQyBPw_Ne5RR3bpMlxaeXlpIXP0d4eTc6-kuSB-e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDY5OTUxMjk5NjgyMTE0Mw%3D%3D&google_push=AYg5qPK7ZRtXOkp5pHFDEbgXW6FSq2VN3390m_5kxHx349VhohhQyBPw_Ne5RR3bpMlxaeXlpIXP0d4eTc6-kuSB-e0gHQ7_peFh
Requested by
Host: ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
URL: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDY5OTUxMjk5NjgyMTE0Mw%3D%3D&google_push=AYg5qPK7ZRtXOkp5pHFDEbgXW6FSq2VN3390m_5kxHx349VhohhQyBPw_Ne5RR3bpMlxaeXlpIXP0d4eTc6-kuSB-e0gHQ7_peFh
Date
Sun, 22 May 2022 23:00:38 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
attr
cm.g.doubleclick.net/pixel/ Frame F489 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_gj6Tbura6lOgln43tVRgg07JkZsGovMWQ5mmOqLRqA
Requested by
Host: ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
URL: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1A13 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
206542
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 13:38:16 GMT
expires
Sat, 20 May 2023 13:38:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 291D 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKZRK3l-WF5lbih2s3LhXu0&google_cver=1&google_push=AYg5qPJlvCsV8u_4L7srdPJACfF3yOIlW7RjRRH8pFWHb8jKT_dB9vJY4lxHkwJgU3I8Tp2rSNcZ0FpHn7ZKXo8VSlzGLMTWh14
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 291D
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIcloNQCWBnsaJwjQ9x4gRvWwrQ1D6f40WFdgT...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9yQWxnQUFCR0FNV1VscA&google_push=AYg5qPIcloNQCWBnsaJwjQ9x4gRvWwrQ1D6f40WFdgTrKqcX0UhE6AO9fTBGa8C78LqnxBQcUGlZNhUewJSy7uOMAPLsfD65fKsV
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9yQWxnQUFCR0FNV1VscA&google_push=AYg5qPIcloNQCWBnsaJwjQ9x4gRvWwrQ1D6f40WFdgTrKqcX0UhE6AO9fTBGa8C78LqnxBQcUGlZNhUewJSy7uOMAPLsfD65fKsV
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9yQWxnQUFCR0FNV1VscA&google_push=AYg5qPIcloNQCWBnsaJwjQ9x4gRvWwrQ1D6f40WFdgTrKqcX0UhE6AO9fTBGa8C78LqnxBQcUGlZNhUewJSy7uOMAPLsfD65fKsV
Date
Sun, 22 May 2022 23:00:38 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
dds
rtb.openx.net/sync/ Frame 291D 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEKBcHfPrLzH_VwZrRxLIm9E&google_cver=1&google_push=AYg5qPL-nviyhSq-ozCDw6PFXaJjHgkrxkPo7updGyqVo6jR0pk1-bSAAt-AYb0CbOI3MKHoN9KuUWXhgqZ8funvqxYKYTG4biEx
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
drr61fuh52t0atqjlouqqs65lem0c1d1
pixel
cm.g.doubleclick.net/ Frame 291D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fN9TtjE2QHe-NtyI3hJBSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fN9TtjE2QHe-NtyI3hJBSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUPI_MSF3pASOjKLkY43YieuyEy1WzWa8J-N3VeObdibdRiEvr-bpYmbo8WNrhVq3ShHlBGBqZY585v1cVtXPrzNe36oxU
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fN9TtjE2QHe-NtyI3hJBSQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUPI_MSF3pASOjKLkY43YieuyEy1WzWa8J-N3VeObdibdRiEvr-bpYmbo8WNrhVq3ShHlBGBqZY585v1cVtXPrzNe36oxU
date
Sun, 22 May 2022 23:00:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 291D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM-__DDD9VUp1M6fg3cfFUo&google_cver=1&google_push=AYg5qPL75i9PkO7raBhxEzkg8lySyaiuCxrmNxj0BJIBM8TJSffzjO6az7mkx212g6bg3RsSggK...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIV0tVWEctMTEtSTlJQw==&google_push=AYg5qPL75i9PkO7raBhxEzkg8lySyaiuCxrmNxj0BJIBM8TJSffzjO6az7mkx212g6bg3RsSggKhudSHyHNhZWoBTlJuaeBPc9Bx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIV0tVWEctMTEtSTlJQw==&google_push=AYg5qPL75i9PkO7raBhxEzkg8lySyaiuCxrmNxj0BJIBM8TJSffzjO6az7mkx212g6bg3RsSggKhudSHyHNhZWoBTlJuaeBPc9Bx
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIV0tVWEctMTEtSTlJQw==&google_push=AYg5qPL75i9PkO7raBhxEzkg8lySyaiuCxrmNxj0BJIBM8TJSffzjO6az7mkx212g6bg3RsSggKhudSHyHNhZWoBTlJuaeBPc9Bx
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 291D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMaegtGuk1P3utgOOaYgAXQ&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&google_push=AYg5qPLJR4wJZHEIPDrXqD4Pl050e5WybOaQpQiWzCTCAJiIK_QLBpzGVBt9ZmUR5iEW4K5clwloTuGZEYv17-S2H1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&google_push=AYg5qPLJR4wJZHEIPDrXqD4Pl050e5WybOaQpQiWzCTCAJiIK_QLBpzGVBt9ZmUR5iEW4K5clwloTuGZEYv17-S2H14fB3NQEYI&google_gid=CAESEMaegtGuk1P3utgOOaYgAXQ&google_cver=1
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&google_push=AYg5qPLJR4wJZHEIPDrXqD4Pl050e5WybOaQpQiWzCTCAJiIK_QLBpzGVBt9ZmUR5iEW4K5clwloTuGZEYv17-S2H14fB3NQEYI&google_gid=CAESEMaegtGuk1P3utgOOaYgAXQ&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
459
Expires
Sun, 22 May 2022 23:00:38 GMT
trk
ag.innovid.com/ Frame 291D 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMjxXZKh9XYoz0CmeKsdLQw&google_cver=1&google_push=AYg5qPKn7QCfyo6wQN8krMFdytqMqt3zfzCBXOVFTgS6Wk_yRXKyP2igTC0KGFwAtnF4VH_Aylf_Pk6VkNFyopZFyLIIxpjgdsw
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 291D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJvq5WPl6lhoHMGz-7Phhae6ogsf3gMlt4HlMyiGZhUGRDcBX0VLBmsolmasJk6rzqKKj9
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
advert.gif
mc.yandex.com/metrika/ Frame 48F6 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
last-modified
Wed, 18 May 2022 10:11:23 GMT
etag
"62849c1b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 23 May 2022 00:00:38 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=693&event=init_creative&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:38 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 48F6 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3de3568be598a2fd15b7bda1211ec8f6e6bf998a7ef1f90e381481afaea1c6c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56652
x-xss-protection
0
server
cafe
etag
7999464303976294986
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 22 May 2022 23:00:38 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=696&event=start_auction&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:38 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 53F0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBkVtka8j5XLH6aPQp2Jrm0&google_cver=1&google_push=AYg5qPJMVBYkyDhlgQclIc3EIKhqLhqJdCcByusYOnZSaIvw-Z3L0KGpHYq7dNH1GZ92o3wxa9atBqCrcaQxv23A...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=q6liisCVQACqLwJDN4Fyiw&google_push=AYg5qPJMVBYkyDhlgQclIc3EIKhqLhqJdCcByusYOnZSaIvw-Z3L0KGpHYq7dNH1GZ92o3wxa9atBqCrcaQxv23AOFuz8PF1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=q6liisCVQACqLwJDN4Fyiw&google_push=AYg5qPJMVBYkyDhlgQclIc3EIKhqLhqJdCcByusYOnZSaIvw-Z3L0KGpHYq7dNH1GZ92o3wxa9atBqCrcaQxv23AOFuz8PF13Stz
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 22 May 2022 23:00:38 GMT
Server
MT3 4419 e1034d5 master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=q6liisCVQACqLwJDN4Fyiw&google_push=AYg5qPJMVBYkyDhlgQclIc3EIKhqLhqJdCcByusYOnZSaIvw-Z3L0KGpHYq7dNH1GZ92o3wxa9atBqCrcaQxv23AOFuz8PF13Stz
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 22 May 2022 23:00:37 GMT
pixel
cm.g.doubleclick.net/ Frame 53F0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDcPZaELR1k7eCa9gRTN-kg&google_cver=1&google_push=AYg5qPLjATqvOxUc5Ffg3Q_JG2m-o-uOjxmd_UeR8_C3NtpU-AIPeQ0K3y1mZYDQw3kkylFSPovFTcy9...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDcPZaELR1k7eCa9gRTN-kg&google_cver=1&google_push=AYg5qPLjATqvOxUc5Ffg3Q_JG2m-o-uOjxmd_UeR8_C3NtpU-AIPeQ0K3y1mZYDQw3kkylFSPov...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwMDM2NzM3NjEzMjY2NDk3&google_push=AYg5qPLjATqvOxUc5Ffg3Q_JG2m-o-uOjxmd_UeR8_C3NtpU-AIPeQ0K3y1mZYDQw3kkylFSPovFTcy9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwMDM2NzM3NjEzMjY2NDk3&google_push=AYg5qPLjATqvOxUc5Ffg3Q_JG2m-o-uOjxmd_UeR8_C3NtpU-AIPeQ0K3y1mZYDQw3kkylFSPovFTcy9ApPgMt7gi48EY0jpSkks
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwMDM2NzM3NjEzMjY2NDk3&google_push=AYg5qPLjATqvOxUc5Ffg3Q_JG2m-o-uOjxmd_UeR8_C3NtpU-AIPeQ0K3y1mZYDQw3kkylFSPovFTcy9ApPgMt7gi48EY0jpSkks
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
us
sync.go.sonobi.com/ Frame 53F0 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPIersR9a1aGRIW9gpivSzlgUjoGPs3pW0tsVo0ya6_H9sWg3kfucsmLScNhj8TK2kds66XUGNYkYmFzEAn-5bxwSVrFflaF%26google_hm%3D%5BUID%5D&google_gid=CAESEFhwqJDsGd9j7tpgpQndDPU&google_cver=1
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:39 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-37
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 53F0
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED6ybLAOpUCZdTn0FfQOAqA&google_cver=1&google_push=AYg5qPIncl8sXr_ufnRWO1zNoKxNZdEdi_wQxK0zxObgjj_x6MA7Uj6su-995Bvk-Kv08xyUstZnjH5j1tdl6nlJ9DV4MtcRSIbV
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPIncl8sXr_ufnRWO1zNoKxNZdEdi_wQxK0zxObgjj_x6MA7Uj6su-995Bvk-Kv08xyUstZnjH5j1tdl6nlJ9DV4MtcRSIb...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA0NDIwNDE3MDIwMzk4NTkxNjg0MA%3D%3D&google_push=AYg5qPIncl8sXr_ufnRWO1zNoKxNZdEdi_wQxK0zxObgjj_x6MA7Uj6s...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA0NDIwNDE3MDIwMzk4NTkxNjg0MA%3D%3D&google_push=AYg5qPIncl8sXr_ufnRWO1zNoKxNZdEdi_wQxK0zxObgjj_x6MA7Uj6su-995Bvk-Kv08xyUstZnjH5j1tdl6nlJ9DV4MtcRSIbV
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTA0NDIwNDE3MDIwMzk4NTkxNjg0MA%3D%3D&google_push=AYg5qPIncl8sXr_ufnRWO1zNoKxNZdEdi_wQxK0zxObgjj_x6MA7Uj6su-995Bvk-Kv08xyUstZnjH5j1tdl6nlJ9DV4MtcRSIbV
date
Sun, 22 May 2022 23:00:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 53F0
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEMg3HxlXel_D-94q_jdzUq4&google_cver=1&google_push=AYg5qPLiOjP432SOhstyunYqY61EPMtCb6Kl3hk1849ONZd7-qVd5IAqDnCputE2Tkpr-U1IjhY9pa8Z9tTFK0pfUIX-QcoMVWFl
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk2MjYyMDM4ODI4MDM4NjAwMFYxMA%3d%3d&mn_hm=Mjk2MjYyMDM4ODI4MDM4NjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLiOjP432SOhstyunYqY61EPMt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk2MjYyMDM4ODI4MDM4NjAwMFYxMA%3d%3d&mn_hm=Mjk2MjYyMDM4ODI4MDM4NjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLiOjP432SOhstyunYqY61EPMtCb6Kl3hk1849ONZd7-qVd5IAqDnCputE2Tkpr-U1IjhY9pa8Z9tTFK0pfUIX-QcoMVWFl&gdpr=&gdpr_consent=
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:38 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk2MjYyMDM4ODI4MDM4NjAwMFYxMA%3d%3d&mn_hm=Mjk2MjYyMDM4ODI4MDM4NjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLiOjP432SOhstyunYqY61EPMtCb6Kl3hk1849ONZd7-qVd5IAqDnCputE2Tkpr-U1IjhY9pa8Z9tTFK0pfUIX-QcoMVWFl&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Sun, 22 May 2022 23:00:38 GMT
dot.gif
s0.2mdn.net/ Frame 53F0 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESECtp27Ltj-60f4BSpHXPIm0&google_cver=1&google_push=AYg5qPICiGKezwiXtgK0UFdXQHaLXHMBHI3Jbd1XodZ0GA_6jhUkfF7wTBMYY9pPGEQy2pOMvWcbr70qJfXh3lL1I-jur3R9W3fA
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 23:00:38 GMT
um
cs.emxdgt.com/ Frame 53F0 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEOyJ1nEhHt6pPvJAcm5qbfE&google_cver=1&google_push=AYg5qPK3MFFMST70VrOOrIqp3t9eAh92I2Xs5B8PaSlYDuTCf_J_oSlXXsumwWtw5hhJLNdDiDIx_4KT_UkmRIGcqH6U103efOjuAQ
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-length
0
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 53F0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ISf_tF6e-wtNsHx-mpMdX52qErJhxq_5SOX5k9nL9z0AEDIem3CIcQZmUH5vCrkJHF89p4eGo
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 48F6 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220522
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ed5574dadbe3709842d2118b941d9caf67cebe2abe361ca8f00e44a5455952b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28780
x-jsd-version
1.0.1349
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19164-FRA, cache-iad-kiad7000036-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"670-RA4MW9M/KMI4WtFFvVB4k+dqIrU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m091rzprO63Uph0J3vFU6bsi3aEUrh2gjN5O7bFGu5pEgIIIJZGePoKnD3L1Cxm2H0iG2keAIWah9ygaL1C46NnWAxQHsGpBJpppCkuHC6Op0LTJlcEFCTZOy1VUDDv1g9SL3lzE05d%2BIAWiCXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
70f92b4f3dac5c02-FRA
access-control-expose-headers
*
adjson
ssp.otm-r.com/ Frame 48F6 		2 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=250&s=23110&bidid=27339b6c5a2e11&transactionid=9f87cf7b-12c6-4764-8e78-72b85c64404c&auctionid=85fad994-b213-46a5-9f07-0e28e7941c4a&bidfloor=undefined
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.110 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
server
nginx/1.17.6
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 48F6 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ae9f66f1c6a219de27693f60aeac9f7683c14e36327eaf95185a9a37fe1cd672
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:38 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4b2a0c6c-ebf2-40f9-b732-abb244e46e80
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ua.korrespondent.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 48F6 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
date
Sun, 22 May 2022 23:00:38 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 48F6 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.41.0&cb=16928770113
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://ua.korrespondent.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
adjson
ads.betweendigital.com/ Frame 48F6 		2 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
/
ad.mail.ru/hbid_prebid/ Frame 48F6 		84 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_prebid/
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7cbe534ace49cd24ef35cef70460700ef164f65b6fe7c138b2dcbe4c25432a72

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:39 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://ua.korrespondent.net
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
bg1.jpg
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6449 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/bg1.jpg
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6317cb9eae37b490a553e682b2d8fac09e3866a149c0acb3b90b26d2b1a908ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 01:50:38 GMT
x-content-type-options
nosniff
age
249000
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31197
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 01:50:38 GMT
b1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6449 		454 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/b1.png
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b5db3bb38bd76da9e83a688bdcc8001ea36d2d9721b598c01e8e1c3a5325e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
454
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
h1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6449 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h1.png
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00215534b8bfbee85755fa9aa4a9b6991284de6c25528d09fa2bb7298a2b0519
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13570
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
h2.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6449 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h2.png
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1bdf6f2f0ae6db22067d27ff6560f2720ea2cddcbe953d4e317d2e7e8b17328
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 01:35:58 GMT
x-content-type-options
nosniff
age
249880
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11140
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 01:35:58 GMT
h3.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6449 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h3.png
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d257e529cf82beeb2dce7c62b7f7deb6747384677d1f4b5ff6e7c7936278e717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2211
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
cta.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6449 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/cta.png
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33ac7c2a73fd64b2ea828e6a46e26d79a25439d11db5cf50b532af5697ff85d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1527
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
logo.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6449 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/logo.png
Requested by
Host: 5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
URL: https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57c6676f4aae666c5dd775495b931dbcee43f6c3b09f2fb7cf07b108a445d4a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1159
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A972 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstI53WkJQUkGcDoS102Y6YNnI6bDCNrKffK2u8zdIaMY88Lm5iEtAtbveUZXcPw8vfTJtUzbz4Ccp0JKEKAzo1MrnAacUO6DkSt-WSIBQDl6yaqmGtUbW2O0HOjXvrScXLtdeta4mP0UQqbSCXfwF5yQnPyMTyhrsSTl2HVKISYqz0ghUB82RNGlZHO8MLB9wBhBu4bvc63I4fcZZnGLURhkode1P0NYWI1S7lpP1p9yH_0xT9Len2og0swwHP7VEmv1WnRNcOwNOUBEb9Ew0iclwOAcqsteYLElx9p0CkoCQw1avcB5x-41PW6jvygWl-huvhbfgZflltj4Krbvw7WrUphw6cKVks2Yll_A9aRPTZ94YmH_ymnaxauLiohKeMicm3ydxQ_DCfeOl853ffyAr0e0RIxKS5IXrOBqdkEW1apgRaj5wc3IjbKiraKmeIE83A8xL_EPzCS1HXKpWZ4cryB7P63Wux3L2RhdlAyFR4d1DUZiyz4CzdW-NbV8w4M46XGvEGSXo9m_0F3bIR9cFGGhSG7y2bvXNtQixPmxd5QOcPydAHiVJLmoFk4NV30Rm3ZrI6Dw6p6BEbCczaAo8ujmE7cLOc283EKKY1kQPIBJHy4jHiH1eSyZBqZVWfaxjmEn6Lq4cFaHIz5RLbOPxdRD8AnWYo2UIL33KaSReO3RKIHHGVrUSzgU84xhlsDzmO16BeiJnzX3ni_SCWELSzrDqJhECuvkzY2ZNjK95xNfkE-gHEHlg7iOGWg3BseBVf1CfKCUw4Q9h_rtCPwyILtDBFxB6MfR2RUrgzoZAxshx2RwpYH6P-qecnH639vcJB-8GZQ_r_2-iKHFkGKbxXelQesWURWQtR2QPrkzzaOBD1iJbzmMt1iOfRRRE2WMVg-vH0AD9DbzbmfPiL6bxqyboQ7_c8hjWEXp0Hc3BDgtxgI6wjTO-kW7npwKK5CnMZbXAX9YyacYnhvjQaJWickCmTL311W8Vday8vvBUHeMyEIAsBYWf0XM-6Clf8mRqhqQZOm8k3BH5_ixDmbtrf0mubzwPCNieMbsz-YiUUi1i_fduNUBc-UrRI4thc2Luoil6hPvjp5FfGb6sVUQQ3fcH_9KxWrdIKPPMnG5vE7kDXV8hKMgXPFgzxqqUSsfVCafr8szIRGMCUg5i0WlUcjnNnxV28DnyktUBSe1WgphcSNHNMbDmSrgg9yTLK1j5Kpxvg9IbwOeT4bgIG5423OdIu88lcbFYHt1dAYIDMFDMaLuIosG7yLyo4iiAqocY_DNWlPJ5Z2ClnNQjiKIiD6j5J4S8r_e94RQ_onp7biqlQv4Iyq4TSouTW6n8MzDR4uCAgpCBpwjLYhtkrogRKdtZeFAQ0&sai=AMfl-YRitaoW6e2YwOIiEsMlBPEiAvhk18nk62KFIwtamBvevnsnuatndKg9KJ8jZitelvJ2APLr2ToIReTiufQFOaFzqBajy3U-bZodEHJzFuEDuIGD0fblSdtES2Z-nxiQdG60Da3-psb5Ysed7mZ72gEzlAaP2sa-d_POmW1_54HhxMrE2kMcK4s6vVQF7MC-3giY8TiiOAW24HCs3IoEmFhm&sig=Cg0ArKJSzB-rM1QOt2LwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=488&vt=11&dtpt=308&dett=3&cstd=178&cisv=r20220518.67205&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
pagead2.googlesyndication.com/bg/ Frame 7305 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 06:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
60628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13723
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 06:10:10 GMT
comdirect_yoga_300x250_js.png
s0.2mdn.net/sadbundle/14782411303688353274/ Frame 3688 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14782411303688353274/comdirect_yoga_300x250_js.png
Requested by
Host: ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
URL: https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
698501f11b36a327c270eb27836e542a38de7b80217b15f4996bd8d12fd7a198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14782411303688353274/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 10:29:14 GMT
x-content-type-options
nosniff
age
304284
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113763
x-xss-protection
0
last-modified
Thu, 05 May 2022 07:03:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 May 2023 10:29:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 463B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvSzcn-d6cquHXYACh6puQkSGbCx2zMFgHmbcABbXIcgpA58b_du5YpzpVgw3jHGxKngTSDb87PxKob62bONerxYAG8PWma3geB1mO7vYP5-12SUc3llzT8Kg8vQa-huuLNMAD1NEbo4sbYimpmq0rAaFJnqG930NDVH5ca872WJOf5K_lrOLjZcr1t0vIzqdlkuQQXHUtkE8x0L2Di09W7NxvAiLi-jlHgvIsdFNZ8iqCrOJR9b2K_ZP8ZA9VbGk1B1HuThaMDLsBR-qqsekNH5zlUMLGrvKZtYhi-IMNoslMgDe6Rl4cMOm138CUmX5fzF4gVIXl0Dgm5HTcwJmlQYeMoyPXFGp0C1Mnww-JYqHM1p77NcattLktFpan3haL-ij_LjqHcmNdTjsVT0F7wz_71RRogsKkxjAceT6J56kXUuSbGQb9utot8zEmoU1cPeF0DPTPTUfL99nx5cataNNLQBQdBfXoSWkrcZEGJVt5GjASGh3f1RLkL7yy9Xh5vnzvZOeNZX_5OkJmdIwhmvO0wHaMOFcn0XEth0789fsfu4mltuGTjtFDiVzNq8kD79agYm8YTZYPV8pjuWMHEOlv5gL3n4U2bZb6MiVo1Pkxpt1rUuPTNg7TUFvGBrW-S7AhyW-M06Laka0aQQx0t5xQ1jBjL-0c8x-e03VBuSoVGHTXdTxdosLeU-mb961UWUYoY5_F169HZjqb6uymf4_ANGRty_M_DNwjSDS6_pnh-TP667wf0D5oh5PYcG4zv--nOVcdVfmxGGTg4aXYkcJAVhS8cwOKUPzUihdRFz1rTJMJbqEG_VxXD8l8CPytcCH2hkUsETIINVlqO0hWumgfTxgbhL8xmE_0EpunwiQY0xvJI3FJJRZ0GmI3QRjgLakGNzWtyACu976Vm2cXRxvcsMvqAjzdc1ewTGRBrCObafQT2GR7DnX1cVXkv59DZNacbamTcVS8yjuLvRIXrnuP5c9Xfbam4l01CychmIthhmgzJuObKifRCvHQzisA7DdjJQJHfY43IzFw_0T53EieD2HMNdR6gX0clnDrMKoSdiKa1QIPsorA1TvpGLfEMohV1IYYHLBBzBi7GDuDK4bmSXg-uSkX6ftDv5KQnSP7GcyIbAjXavfBFZ4w5-Iu2TIJg6GUIKV3bX2MWvJNvP6eWC0b9Sc_fy_kQ1G_nbc0YPsFwazDn9Es0MY9lWMd6zNdOKnPvOaiTmggUuqrb4j3ZxUW-hQ_dtP9vkAuDHt6K8T7SgCCQ7u32zmpF2d8ddwHwIDLxw7PIeivXrKm4ntQWurjVeg&sai=AMfl-YQZVw18y7Dowg0pjkFRwL1gJc0vjwxiJpbS2yWUgW7Y7GK_UmDE8adrE0hieqaCtyE6-npKIEZBTIRC1-mNUoqCsxTj0P1FSCRCyNceVoWwTYoNeQmzKAIWhstfljuHkFIHJ2wHI8vK0kXKuMUYXM2GLjFTu3H-ZGAfKSdi99h2e7tFoM1i8GaFHUMTiST4Ec_LSCQy2clKAKNCHvXYG5rnDtEy0rJWkbbk3GCliD7K84ul0wPUVxmohfk1g_a4CHnxCWtfU_BW_X4qMj34Qz9VyrjCoIBkFCli976nmEYi&sig=Cg0ArKJSzNTVjq-yGYHLEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=576&vt=11&dtpt=358&dett=3&cstd=214&cisv=r20220518.46964&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
bg1.jpg
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6650 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/bg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6317cb9eae37b490a553e682b2d8fac09e3866a149c0acb3b90b26d2b1a908ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 01:50:38 GMT
x-content-type-options
nosniff
age
249000
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31197
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 01:50:38 GMT
b1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6650 		454 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/b1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b5db3bb38bd76da9e83a688bdcc8001ea36d2d9721b598c01e8e1c3a5325e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
454
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
h1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6650 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00215534b8bfbee85755fa9aa4a9b6991284de6c25528d09fa2bb7298a2b0519
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13570
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
h2.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6650 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1bdf6f2f0ae6db22067d27ff6560f2720ea2cddcbe953d4e317d2e7e8b17328
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 01:35:58 GMT
x-content-type-options
nosniff
age
249880
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11140
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 01:35:58 GMT
h3.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6650 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d257e529cf82beeb2dce7c62b7f7deb6747384677d1f4b5ff6e7c7936278e717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2211
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
cta.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6650 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33ac7c2a73fd64b2ea828e6a46e26d79a25439d11db5cf50b532af5697ff85d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1527
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
logo.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 6650 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57c6676f4aae666c5dd775495b931dbcee43f6c3b09f2fb7cf07b108a445d4a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1159
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 098C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0bexa4kvyFkIvruiP-6ezeptURH5DHsTz7tlBO4as-b4re4YhUiij1nr9Tfqxj3rYsODAY69eadiK1rvjwfe_uTU_R_rbW1YeQzTHuYfQSTAxPnYp3-0EWSKt0VwtND2ES8AM0MaoiK7r-0uzYtDcwO9N7Eam7V4xEJlrvXzZEcgpbrlZEFn3w4xorxV8GYkE9I0ApOaWT0dduw3fbnpKrLDYbaAXOuWhIE2Z5xSVgs_RnFljtGRSvbe8M1Fz1_i-0FVw4r22YpD2a0jclB7xESoz3Ino0gX227raEP9Rog0HLSuTKoPneMExJnteV_7INcXAv_ir4Q6JkYtjI_rWbR0JF_Ii5Ts1UBMJh0sIB5Btz-6oGPJ_LEU0Nm2aySVRJX_g0Oj4EEoyZzxWR1v2TS-2lJs08oYuxci2mE_Mtm5rwGNX_H3MfYdo-ZN6PglxJXMYWWc97jheCJ97l3JaVU0HXEiWdkvFkgpqVyTnRwL1LqlSGei_ZY6yK3ojdSMkHMYr3jAzJlakHo24KvYP1OEnWUUYW7hk_O-AJXHWFiJi7ERH_k0EHFP36a3QkWKiS3RXsgeXSggpj6GtWJ6pW7lQk2upwwmpBC4vkzbsqN3d0MLxR9sSkw0HOmJJEXH0-RPFBcbzBAQvU05jQd_aNh01mG7zGHGLVLtz8DjROF8ZI0wt2COz-WPOVFyJ0Nijuvm6svmt0obvTFOp_1x8dzWLahuF7BlX8K7HS8Tn1z-Drx5M0FiHSRqn3Zcx_2zR8CiHYvspn91vnujTYIu5wpQoEdF8cq0bgZuqq_Rysl4Ss--FtAwnec4K-xbJU8B18N6InN8_n7tMb0OLs4z6TcTO-0idx-QfC4ZBfotXGOQWzn2Nvee7S6pXk2gDAMPlZR-ETFe_2xigFdWyMLi_VKLYWxAFk6kl0nY6ouUiwnQNN336-pzLD_d08vURPAV6cenaYGYdtGbmY7bF1l-Sl2OKt4LFCPg8OGeQWis8bLerSteSmfwwKcycFmO6synjlOVNs46SFsxVOKHJkhMc2UIqC67kjahEfXCYKcT4R2saSuu5y6C1j6m5YKuw_TnBjopSQTIi3w3XFofAu4FruxCFEpJOTp3997d-Tolotoznf5lwWIFks7rM4o8mCensJHS9g83S7wfZyvuBTvzwYw-5b35W1RYhLl8Htj9S_UFtRr066icjubKSkxf_7WKSkUXVI-FzGXgnE8EgMqRbvEwR3IVVDogueJjuPq-glsCSU6vy1B7M0p7wwXkTvNI_d2q4fOPd-K5uQ96RnQ7nydHAJoc&sai=AMfl-YS7WYBdHWBrWnXdqZc_1jxaNlDbIAbDnbim6-_5b1UYgl_ded_YwlwQYN8qSxg-BibEXI1m-14WyaVgwquwjqUQrAfAN-_07Q-dT0Ugk2TS7HIfGca0qA0xsHa2TCHux1eCHEmEtdluE5JAOAevrR4uokc9X4s6TVeJWnHdBrDBBrNobfWdhxuteEHw1Z8FXdaCHR5KQEGw-rpLwMV2Iwqo&sig=Cg0ArKJSzOYjIccZH8EuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=478&vt=11&dtpt=304&dett=3&cstd=172&cisv=r20220518.35096&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame EC56 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
54356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 07:54:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B90F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTUTcPtev7lC1wAhM9Wknc1dCAckW0er3RHcGLAz3bPVTtCdAeGQq7s01V8SPEfJ9wHXjC6i7Gg2lKNeCILFYFVOx9xbnYYCM46QgRb-o5lCC0VWda947eJ8rC&sai=AMfl-YReW9cMwF4-iuYk78FMk72S7HaXNDmjB8-5auJwLdO1XoXLAWEwwYHOngskGhbC-0x7eGVD0Oez6hjx&sig=Cg0ArKJSzNXeArG7_Xx1EAE&id=lidar2&mcvt=1010&p=0,0,90,728&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3638426950&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653260436158&rpt=691&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame 1A13 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
54356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 07:54:42 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ Frame 48F6 		316 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8610050614645263&plah=ua.korrespondent.net&bust=31067699
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
118a16da8ba112eb440f5e1962512d0b99f1cdc3f7344aff6dc3ba1dd5f36b17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115452
x-xss-protection
0
server
cafe
etag
14225681581855736302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 22 May 2022 23:00:38 GMT
truncated
/ Frame 3688 		67 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b35f733585d06975a6242dae18c828949a60fd621a8208e9ac24838a0ffd7dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 3688 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/jpeg
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1054&event=prebid_response&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:39 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1054&event=end_auction&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:39 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1055&event=prebid_winner&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:39 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1055&event=display_creative&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:39 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
integrator.js
adservice.google.de/adsid/ Frame 48F6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 48F6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1062&event=ad_loading&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:39 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ Frame 48F6 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3738200024092044&correlator=3248360171496857&eid=31067578%2C31067689%2C44761478&output=ldjh&gdfp_req=1&vrg=2022051801&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Ckorrespondent.net_amx_%2C300x250_bs&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x300%7C300x250%7C336x280&ifi=2&adks=4266878139&sfv=1-0-38&ecs=20220522&fsapi=false&prev_scp=minjs_test%3Drefresh_yes%26stat_hour%3D3&sc=1&cookie=ID%3Dd3a2dfc05a4ee392%3AT%3D1653260437%3AS%3DALNI_MYoh47LuJwChdTwreypbD6-adnXRA&cdm=ua.korrespondent.net&abxe=1&dt=1653260438141&lmt=1653260438&dlt=1653260436645&idt=961&biw=1600&bih=1200&isw=300&ish=250&adxs=1375&adys=1259&ucis=e1z3e2haw5en&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&fws=768&ohw=0&ea=0&ga_vid=1369755530.1653260436&ga_sid=1653260438&ga_hid=16427808&ga_fc=true&btvi=1&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ddada8b7d9a90a6c4097248ee6bd8e6262d3f92a4967c3724f3b255d801994b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8997
x-xss-protection
0
google-lineitem-id
5693555703
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138349696118
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 48F6 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17710bb80b34401a17ebe6c8ae6aea38cacf4837af5c53894968218bb793c139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10535
x-xss-protection
0
container.html
ee326b482b00607f5546a138e736504d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 78EE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ee326b482b00607f5546a138e736504d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:39 GMT
expires
Mon, 22 May 2023 23:00:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
46ff2129a2d71ba37e09.js
yastatic.net/partner-code-bundles/584469/ Frame 48F6 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/584469/46ff2129a2d71ba37e09.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
b809aebd69050e3e11ea1a400e39b593e38419cab8f4f5e7d83fba02e11eed1f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ua.korrespondent.net/
Origin
https://ua.korrespondent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:39 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
10033
last-modified
Thu, 19 May 2022 14:43:09 GMT
server
nginx/1.17.9
etag
"c8bf4e3ec10a158da313764ac45002b2"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 May 2052 05:33:49 GMT
truncated
/ Frame C481 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39e85e330dec10d9a3cea109d17058dd79f1715398afc8b7daa765a9d479788b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ Frame 48F6 		221 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ua.korrespondent.net&callback=_gfp_s_&client=ca-pub-8610050614645263&cookie=ID%3Dd3a2dfc05a4ee392%3AT%3D1653260437%3AS%3DALNI_MYoh47LuJwChdTwreypbD6-adnXRA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8610050614645263&plah=ua.korrespondent.net&bust=31067699
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
de4b9aade6305cb0c241abd1f54bd5f2d2077f3ccee0b283f346a9f2688ae5a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
211
x-xss-protection
0
truncated
/ Frame A972 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8a57e45f38422d2e2f4b1bfd86c825cd4fcf9ff6219d09e5e8d9039643c232e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 098C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1bc744b5c493b206728f2e35c601acf00b1da95f69159536284016afc64f899

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 463B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f76d4c822ea0ebe6b580dea29bf6be186e240ff5dcf7d2e4b4b12289e646ff3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48F6 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fua.korrespondent.net%2F&tn=DIV&id=achernar_1554_1653260436628ac094ab012&cls=achernar__wrapper%20achernar__fixed%20achernar__fixedToLeft%20achernar__fixedToBottom&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EB57 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8610050614645263&output=html&adk=1812271804&adf=3407270560&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fua.korrespondent.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260437901&bpp=3&bdt=1256&idt=357&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&cookie=ID%3Dd3a2dfc05a4ee392%3AT%3D1653260437%3AS%3DALNI_MYoh47LuJwChdTwreypbD6-adnXRA&nras=1&correlator=2533302168077&frm=23&ife=1&pv=2&ga_vid=1369755530.1653260436&ga_sid=1653260438&ga_hid=16427808&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=2484715974&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C42531557%2C44760475%2C31067629%2C31067699&oid=2&pvsid=3738200024092044&pem=814&tmod=2012321872&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.wplth5tekg3j&btvi=1&fsb=1&dtd=375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8610050614645263&plah=ua.korrespondent.net&bust=31067699
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame E1A6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=7050000608&adk=781755679&adf=552537025&pi=t.ma~as.7050000608&w=300&lmt=1653260436&psa=0&format=300x600&url=https%3A%2F%2Fua.korrespondent.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653260435839&bpp=1&bdt=949&idt=350&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2533302168077&frm=20&pv=1&ga_vid=1369755530.1653260436&ga_sid=1653260436&ga_hid=1711661489&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065742%2C31067545&oid=2&pvsid=3976599010063820&pem=814&tmod=1529436453&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CpeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=8DgINYcPF7&p=https%3A//ua.korrespondent.net&dtd=359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
54357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 07:54:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8E33 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstl5asep9hmvJbZPJKex5iOMs5Qmy9DJF3505BgyV0ELAeNqRTjbtY9eoyzfYTn6QZ0jnYeVSPyJ-vBIKT3C3XMdY_YvYcNhKN6wkL1iFfTWWRrTkRb5am041nPcate5Zmjbp4NpXp3VC3kaMk_6OIfSh-W5z4RX2jM8mPC-YIqtJ6Jojmh3oFpbqh9PDk2vav_YBmp5tyUknaH1bdA3hr4SnoWEECzaIRgSozUR_GoMFvcEkBUYy0DuY86wdnEGZKA3mHtxNrLPaGRnolx6njpQelvCr6TwDnkE-N3XiEV18gWHycncihIlouwwfLbEykPJDUxxRwHDhvmwEo6-3ikomCQUwmNo9NZHJUOfDqUZ6tbHedG&sig=Cg0ArKJSzN0QkUBHVpZTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
t.js
mediawoot.com/ Frame 8E33 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29a0a1ab78f6b642d13cd03b37042748690fecfb751ced06e1cbd99b63cbeef3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
znfHThgD.hoe6pJSrwGCXORvVDjWKey4
content-encoding
gzip
last-modified
Tue, 03 May 2022 15:41:13 GMT
server
AmazonS3
age
75012
etag
W/"1fc880f17be764903afba6ce6d8fbbce"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
date
Sun, 22 May 2022 02:10:31 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
hHuRyM6a29RaY1MM6G5Ozn3DVnK_oLyO3sMh5B5pyS51DQiDAR36Cg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8E33 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:39 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1298&event=filled_render&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:39 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 48F6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 51EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051701&jk=1300921671937608&bg=!rq2lrenNAAZ4vKt9WLw7ACkAdvg8Wpd-RTrE4_92A4HUA5VPOhvNr6F2MK6rapGiEUu5nmZtSpeLYAIAAAHwUgAAAANoAQeZAs0VNgYKPNy9CyFjPZa1CanImyuEtWIRorY9FTU0WrXRxUn0wQ8yxXxVfIBPOt52J3aqsn88CD-4CRBo0Hy6G8ezoyKZIf6HpuDmJkElDwtEjuPj6d2woD_FjKgSAszOh_Z8O6xGaOG_IeRW5Y5BxdUrALON7VK919h2FaQxZ-SClzEkONs7TJlFdYuraONI7XeaOI1PB6vREKmZRQXqG0jmBeTJAyriJH5X7QpWz3HwZF2tV7q1TmyuEAoi1PPVwi2MeDoKIG_hw7TSI4Jxt3inVRANoSx61Nr4VlzD5nnwSdK_pEVKAd0-rBqB6S30BXpeNlhqLmr9zLAvHIUUnfbSTl9Rzu2xBlhUwYe2dBQCw1a8FFmV91VY2vI-1m_WXjUd7aM4LJtKAuLjMTJZE-YdL7t1Gd3huIl25uhcmwxSVMSIrWfWg5oXxJCIF5rttFLcIGV4aIpUC-Guu1cefRwl4QqOJZ0yZRF3NECfvCSpNlxWf_O6jsIgyAuW2P0mXxW1d5Wpn8JbRM2ISx85DBrXXx73GWaQaK4xAJNZz8pPV2uMZW67ZZTO753v9z-dPlRSDc5ol5aNIydLci3QrSFG_vwmQCrPLGmzoknwTJ7AlBKQOxoG5yRTKkjfGKJLVcOWFBMWw8g56cbo3D88vXeaBuEmqBTBeicnOZXLCMTli7r2INjeXt2v2obLweqX2FjAh5iCEGJUg-geDioEGyEv6HYhYqQCmzhdbwfgFV2BrV0j5GooWhdd_SYMeDnTDZST8GZ_tt8Hf3UCHg8PLsycRbOaGsh3KkRuPyaAYXFjwOCpWXCGUfYBIpK28RJFDPXqse_X_vx-mm2vroZ7i1ENkZqkU-X-23viW4YfaRd4I8SyWP6VFWq9b0y6Cha1fIdTQR_s_1g7yz3ukFLhqYDmub-IsMSh70j7cjoO9qaoVdBElffTM2-WccnpMp8
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
truncated
/ Frame 8E33 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6dc65d5c8104bb309013c0bc958e735d72f97f6a95e5f5f744d1111e65155da7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220518&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7bc636d569422cdfaaf5d85dd97ef3f45880c803d9e969f5c9aa41b83fe506a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10595
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DFBA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 20:35:50 GMT
expires
Mon, 22 May 2023 20:35:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A444 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
19d2568260c39a0441b4600bf901b6537cd54a2f99a44242e81fb912c4d9f8a2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FeRYjIE6wQCEQUTDxSY1pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-FeRYjIE6wQCEQUTDxSY1pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:39 GMT
expires
Sun, 22 May 2022 23:00:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
g18zrl66q1278cu7c5ytl.json
mediawoot.com/c/ Frame 8E33 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/c/g18zrl66q1278cu7c5ytl.json
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ead57b4a59e7d890408606fb6a388db8691e840a538d2b673b6a826ead64455e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
H21d2acTXKGHZnO_QI9J9fzJ2knU66s5
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified
Thu, 07 Apr 2022 09:52:34 GMT
server
AmazonS3
age
64203
etag
"49b028150d325a8b352384f92b7ae98b"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
date
Sun, 22 May 2022 05:15:32 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
1565
x-amz-cf-id
cfvWItlcSxLl166fGiYYB0_FSnLkZiAUOs-riOXxPTAN4r3t01_mxw==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ua.korrespondent.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8E33 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssveVxXIz434mI0bYG5jmIZ2mSO-GJb5flCYeDfy87-BS55WxHrCHKyuXggfiUGp_HDFseQsVKFtmJJuTvV83AMONmGN3ZJQ3zxz51VNWR1v_O5oUNJ85nVG57Y6xoBq_W2KiMMZP3NJrW2Oh5XFVoQShya02n8-zt20UIJJhH1q1elhQJJBfmuynlMKm1kNtbrUmSC0MMN4lQyWw36ffGj7FYmTPmhUPImBIIUE-_Ew8xXcRSNnanxVV_FJEHE4KN5q0kz2lAhotTQf8O7hPTgNabYer3wB6r4HeDyyJ33gcIhOMLer1R4Acv4Cou3m9Z0f9rUsDVowSFj_oyQrDJQqXKbySoQ6sl0&sig=Cg0ArKJSzFG0XIB7KhDREAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 22 May 2022 23:00:39 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1580&event=impression&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:39 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame EC56 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BP6KdlsCKYsjNEdir3gO1nqewCwAAAAA4AeAEAg&bg=!29il2JzNAAZ4vKt9WLw7ACkAdvg8WsiGSNw323ytfTT4gdcWI8nKZv5FGK7L5UOA829FEUoZqkDCEAIAAAIyUgAAAAFoAQcKAG8z1Pxs-cJZyXHGZ01lGBrXo4A6r2QRZmfVX0pky2wqXaE25pJmnpz3LwZEoeVF2y6f3B1aelkY7_eM0KqcIGh0tCKbVBmUd9k2ls1kVRCG4Bmq9d6z3FH1T3WIWqWnq8f80a1TVBptGNsaqf7WZ9KZAxNLCoTqVZTMqQ6YLqSb4iAair5utNjHwTx0uttyFrix2xQBiS3ox8UGy2ews8sBzDmYl14xGdwZveinhMEtisUxmztFcurO3kXIDJDDVfATwUrjGyU9CvCxz-iROyokUL_VSaall6W595gPb7x__BaBwEcG4ub_lqJ3kUYlY8z33qHy8FQcYha8UOcT9SkYyszhy2KDyNuq4Q_mfdkoZ0Ik9RocmJGfzViLQiNMJREhoS44slz9dwnOsNBkkhiEsVUr0EpuS6jBO0rfYUVvQqMdLlsYUnIwOukfAksuYyOhb-kXITfJAl6CzTpjn_77l4N8r6P4B14K9W3jqd-fIJMft0HEDBRlAEMmYfNh2wmpYyOWEIyi9Tdl0TlEbqDYIX7dUKZUcZ7hgYs-Qyc1IngWwXaPXYIVsMyQH4E0uCqzElnGzZBLl4xItKj-B3115cW_jZeY5S5KouO4ULRlI4-AeRjD2xkp2jb1LhvFnM8Yl9GhMeJEC0Fr2zeG48F4fH5vm16K-vwGdtrKxY3gYbik2xHcjYvRiRxbLTNBqjzUsD6Rg7l6M1RzuHdj-hHwNlZ9fVptL_fFwN-0TEdrcERBhQMuLEggKaVizWXt2IJSPToQWNolrwt3k4nCQRuhcFQi9FMixwY2aEo9yXRR9bNEFh23IchmwJNIoknwZYaHOCCfIhpAwu-_KnLsai5xZ8iHRD57laRuMuhoqAb_lua8Dtkb6hqx6X4vTG2ZZgNfoBnwCdT5i9nJUDyTGTYf5dfTDiyIQz6corDZaqTFm_jL6e3NT0JvGdYIm0Micr9tUf0a8w9eoe_rPPBAjKsWxB3jTJhVJFEeHO6RQYpcRIlm0geS8u_QqSA99tNuN-UzqhNC495DxIwYrCEriJggH08ScB5j0-SvzkcIpji6aHIUSNMnPDe85OD33sAcqmudNvTHNWs4Oy6qsci-ovbXHPEOrUbufE3KZOijLyXeJn9fjYPmz4yrXpBMWZ9NDh-lMdXU4yHJVCbUQt0UzYVy49kM275s7KhUI0Zt93mfE55ZfmDY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A444 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051801&jk=3738200024092044&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 08C9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 20:35:50 GMT
expires
Mon, 22 May 2023 20:35:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F893 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3732d80437c1d3809e21ed0149bf1f42839cb4cf134f451df7165cb97297fa62
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PaHQwInl4VKsd3JbCHqiIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-PaHQwInl4VKsd3JbCHqiIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:39 GMT
expires
Sun, 22 May 2022 23:00:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7305 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bkv9SlcCKYsC5NLGrrASl0oOwCwAAAAA4AeAEAg&bg=!RkWlRQHNAAZ4vKt9WLw7ACkAdvg8WoQHAuNvz6nsySYqkhAVmnLlbUmIeVWhLp3gr5ds6EYQUN0kLgIAAAKAUgAAAAloAQcKACXwTk0kMnPEp43LSg8QzPUOEvwXHlYf22c_Stp5816d25xYFfDomQL602uERKMjLz3b51uHJM7kympmkNe8Oh_VfzavZB7dNX3azuCb0ekkHpkOevqcBfPug0W4Dm3CZdHQ3ZMUtDQawVEflyFYb8u2OMYb6IPrapRXkk0vECBhV4t8xn5iJfNvT5xQCV7DJ5N_oj3XmCx_wA926eB_zbM68GS4JIiQ0kZg--hReWTSWJvz6nqbYJb59ZAAv-gTVYilWO5kWUcjHFzZgeXL8pfZf5lCvrYfZfQc0yNHRTc2oLma93t35vxcnXEB1s4_0nsUrpaSu4Sr_9FDrIj2pUqQzOj3iR6gPVhyPpKWGnusXqcVvxDnfI_JVZ40kvnvP0ECl7D0_EmOxRupm6TAaCtrut1O6n29ceqdU64QQ5M7kTWCyrSZjYtWrCdg1zTX7rRixaFxaztYlYY_KePL7lDqFhhpAWVHjqjCMhPLH7Z1nljJ7RoCXWK5y_-2NablC0qRQlOp7W6RAj5N1A6YOT0SEEFcOiUP6657M5rmcOIAqOPVZsa3q6wPUWvsFXV4eL6eNqdNxJPoM67LdjNTpul5Gi8CxiL5HBbuUcn3OH81jEE3o7ijy7AJjQaRI4lo8ke-1Z2Lztemt8AzXZSS2WLnAeZSNyxO0de7T5ggKn7nsFlqMmYMqKrH_Vdf9RcGrcsXVoFFFZCUojgA1etOJ-eqoX3h9Ga8123bR8ST8b_2cP2oT5U_DzDMD2Mviicb8x2wBkuqHsuge6UHqukRvl1bInkutJrOFG92cWwb7c4zMaTe4jX2mqYj1jbAPSMuaqQTWkbcXntvGohV786BB3WadB1x6FCAn3JtqB8bdCd9e2hsGhN3zq1XeBk9kVm9tLl4gWkoWjD-2cFjwJ_bHJ56Z3h2HwqYf-RZHB58O_4qeG1WB77XweuT-_ZU4eOyDOqrpbk96zc9N9SF94vSqZL3lzrZKcd91R8JDNQmBBLI5DOa_tNtkPKxgitteEPC09eTrYBxG11IxRSMo9pFoDBuhhDBY3UVahZO1WTr7ucL-ahA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A13 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxApTlsCKYvKEEZT63gPGoq2wAwAAAAA4AeAEAg&bg=!7-yl7KjNAAZ4vKt9WLw7ACkAdvg8Wm80UTIvBLn6BEzTHRMN6STBlGbmpRMSJVPmr416FUHx0etxlQIAAAJMUgAAAAFoAQeZAwf66rgrwS7skdiLoCzFBQciBZfp4B6fbm2dOEH9ecTqgGwbbAsu6dlZ36UX2xWnI5HnIJuX2MmXE6bsK0jk-jmePdxbvdziQZGotNP06x2oWSsMLf2pWYYIvcmIOTwY5_KmA-I8IAYZb4cqP3qfUYGAaobTuweMq_-qn6z5wbksMqIDX83dYVhgrTh7fK7s3qzdU5xpz8BcT6aKqpnnp3KdNaNlgFWqgTo1nTYDECPUhbSP44LgFy_nrQjRSM6ork6JRW-W4KUVT3QJM0jgp3sxBjBwr6f2WJ-f9GQ4R3lvTxGNBRRTGIuC6BaioEFhkoBPuppzeNmhP2sPUJCWsNZdA36cRb_AYhNHlK50zq-KWa3PPNaWe5zHfcYrR6dH36IVUyFSVGSeWaizwlPHq9InPpPSWuSIJE6IWwi7doc2RC24lG7oh1fepHYNhYwKQ5B2t3x2ZNpjfR3mr81ifnE-Si03ahnJiLdiE2Uf_4Uf3LZ77TkXjavNla_35akFREwq-ShxopwKzIXz--L1aZxdEoVasUxCoyxrcjAJS-PWqQflJzOM3_xXDy-zuij1f60WnavzSPng1EF3vXXeQtGuEhJdJpAMo5su69uOCJpvA-tgCcrR37Fi8eQaPOBLDIer1cAsh_AThEwWlwR6z5vC_zukzoSOOZ7RqyNs9IqUKLqd5JXQ7-5I1c0EM7mMwZzR-PbDOUVFF00h0UL3rqkdkLn95iRdBgLvfq0m7v2_c90n5yzPmsNCmSJ-TzEmVUIpCWrRV34HbW5-wDBlUpNmHpu07V-AJbuSS1EZniaHYKl9zXLhksi7QRlW98_OBbGuEO-RasckDtGIN-2tBpDvsYeuAr5_Y6i1cHcJ3N_LT9zpxbh9f_3FefWKrmR6kAjB6ib0IN4gGbA3XBB5me6J8drRvGL01Au6mU1gKT4A4Ea8DRuLGV_sC_i2WoBsi0-ozNHoTur3qsmvbuWvfQB7rNcq1DCHXIc41y_0bqhv8sz9oUt2kUrSxjC0QUW7DNBeUucoUANe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8321 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e9b8aa3c3922ebc7b97f7cc6b6260c9ddbc02a9d97fe7114e598670e6125b864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28588
x-xss-protection
0
server
sffe
etag
"1223 / 571 of 1000 / last-modified: 1653084304"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 22 May 2022 23:00:39 GMT
prebid6.15.0.js
hb.adpone.com/ Frame 8321 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
625
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7pAfNBzbOViH8B%2FQjQVosKbknabe7wk%2BvcowlHL8fOUM4otlyNn5PZMutRmB3%2Biv42cwxbJ%2FHXMy2H%2FmbLjdvEOGg438y2Kn%2Fu83wovD6rGyHkqsgUuZFaZKE%2Bdsn80C8gqRXKCpp%2Fdhpc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b54ff0c9a05-FRA
p.html
mediawoot.com/r/ Frame B6B7 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=wodvzxysfv&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
nje0aIF4uZ0FxF54yLbVMjVVmUMx1linWHj57zclGwZaJhFx9z3opQ==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 9421 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=zgcuqeays&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
eeVQiLYRyOIJii2qSOmSMe-0piUqPY6y7BZkrl0KX8_rAZLS1uMylw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 511B 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=empfpdc&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
RfpE9W41KcB4h6t7tGFAw6cIPdjaxQggs2cPn3d_i7iUuAwqNI4ddQ==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 7518 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=wtwiidh&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
fdyg9gEqW1F7SCA8Z0EZ6-Uc8KC55HYfrSwAMiORFqIxK1O7NK9NWw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 56E3 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=ffiqcjuv&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
eb_4tHFwmM5aDHvfKN5-XwjmIuFUdW0u46W9RJX_JNxwB5-rAKOrEg==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame D6A8 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=kanrzrd&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
Yj0m6rpWuXqQaYvpU_4pduN7tv6M46LiNFbK9X9Sd7QJXQnnz-l-Tw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame B336 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=khdqvb&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
lTenfY5q8pZx6BE8UE_LU73yY8gvQVuX1XZtdfAULeayNTz-lb5XJA==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame A057 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=yjutwti&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
2QKNYndtXO7buCELmoLOYtOYBE6wrFemNczYe3NJQ66q5ccO8DLdeg==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 5E34 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=xmycovcd&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
jmOnKw7KkA90bF9LRykz5X90BbPNMa0UO8yn0cdSxKfM8yB42PPENw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 8CF5 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=yjnfmne&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
zMvb5pwCVMgSFtdbt4di3_7EPdUseUPR-iVe0vFHBjoFlo2ClstkBQ==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame E457 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=yqhxsdeyj&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
Wv4Rx4-ArNTLCBdAHeXwpIjyf96oytV7WCtoxB1A4bkDibUp4MHbnw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 6C95 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=zzotyyen&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
lX_hiaXh2pVLDU4GnWJXBL5iXls5xI9Oq12beaIfkPLKl7usRXS-xw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame 6CA2 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=jzdbcrjgo&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
CM7D2DuJ8snt27YiAxrGHNta5ri9gLcTJTHy7GH_Q4TUobzB8NW7fw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
p.html
mediawoot.com/r/ Frame A687 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediawoot.com/r/p.html?f=qqrubuf&e=1695597276133
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/t.js?i=g18zrl66q1278cu7c5ytl&cb=6921971653260438372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-112.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75620
content-encoding
gzip
content-type
text/html
date
Sun, 22 May 2022 02:00:20 GMT
etag
W/"bf68b46e358867c0b39619526db81d08"
last-modified
Mon, 11 Apr 2022 10:21:36 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
leQQjfRB1NJWOISHCmrU03Xj5GJi9jac45ck7FdTdLd-cG2bjA72Bw==
x-amz-cf-pop
FRA53-C1
x-amz-version-id
0oiCTVaVMZGlYwHaQ2qpUe2C3eMAEqWV
x-cache
Hit from cloudfront
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame DFBA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
54357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 07:54:42 GMT
pubads_impl_2022051801.js
securepubads.g.doubleclick.net/gpt/ Frame 8321 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
71f7b22f7b615b6a6cb2240ba7516fb2e83d2028607d5983fd64d1b755fd11f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127552
x-xss-protection
0
last-modified
Wed, 18 May 2022 08:34:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 May 2023 09:21:27 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ua.korrespondent.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ua.korrespondent.net
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
cygnus
htlb.casalemedia.com/ Frame 8321 		36 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221a755a8f0bc756%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22domain%22%3A%22ua.korrespondent.net%22%2C%22publisher%22%3A%7B%22domain%22%3A%22korrespondent.net%22%7D%2C%22keywords%22%3A%22%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%2C%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D0%B2%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%81%D0%B2%D1%96%D1%82%D1%83%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D0%B4%D0%BD%D1%8F%2C%D1%81%D0%B2%D1%96%D0%B6%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%BD%D0%B0%D0%B4%D0%B7%D0%B2%D0%B8%D1%87%D0%B0%D0%B9%D0%BD%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222ec17f405ebe83%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9b6c5e9d1aee2749100732dee8bc08a47ab215c6f6fd99713f40084c99d3c474

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://ua.korrespondent.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
cdb
bidder.criteo.com/ Frame 8321 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=61162852838
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:39 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://ua.korrespondent.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
arj
adpone-d.openx.net/w/1.0/ Frame 8321 		73 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8a324207-03e3-4b47-baaf-5d82ca46dc70&nocache=1653260439015&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=%252F21671350435%252C22654422242%252F300x250-korrespondent.net&aucs=%252F21671350435%252C22654422242%252F300x250-korrespondent.net&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
2ee7e702a463ae18f99b0961744c7725eeaf5850ccfe61e8b648ec8a896db548

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ua.korrespondent.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 8321 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
bid
ap.lijit.com/rtb/ Frame 8321 		94 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e69670e816dbf86c1f0fce9fe5c0a3d68f59050be7776f019f69848e05380b41

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ua.korrespondent.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8321 		425 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&rf=korrespondent.net&kw=%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%2C%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D0%B2%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%81%D0%B2%D1%96%D1%82%D1%83%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%2C%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%D0%B4%D0%BD%D1%8F%2C%D1%81%D0%B2%D1%96%D0%B6%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%2C%D0%BD%D0%B0%D0%B4%D0%B7%D0%B2%D0%B8%D1%87%D0%B0%D0%B9%D0%BD%D1%96%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.page=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.domain=ua.korrespondent.net&tg_i.pbadslot=%2F21671350435%2C22654422242%2F300x250-korrespondent.net&tk_flint=pbjs_lite_v6.15.0&x_source.tid=8a324207-03e3-4b47-baaf-5d82ca46dc70&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5745764231419277
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6897ef2d2969efa1c826ca2414b560d7206d2d51ffd23cb50244322dceb55813

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ua.korrespondent.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
425
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8321 		10 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
dcc5390e35ec3e6782c826477f559b7fef52d44ef555ec1bafef3423f8724ecf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a7a1a5c5-7df2-46dd-bff7-0adfc3759190
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ua.korrespondent.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 8321 		0
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
sodar
pagead2.googlesyndication.com/pagead/ Frame F893 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220518&jk=3976599010063820&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
prebid6.15.0.js
hb.adpone.com/ Frame B6B7 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=wodvzxysfv&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBIxJUk4dMofxLGU9uMMBAsPDeP7RiNGQYGDm16yxOuGjTyho37V1KM2%2FcEsSc9j896ETH1DnnpUdWhFC9G8ezRoV2qSVHH0nb%2BRjYR%2F7%2BrCZzPFgTnOdnvXoclIDIHmaFoTQuBL3msvNJo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b56b9419a05-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 9421 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zgcuqeays&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nw%2B61e4mX4916wqqgT%2F1N%2BFrW6hPKcExYu%2F7YaS6wrYvjWc%2FCRi4W5RgmivpIK%2BYh4GbXPQnAl7KrwKfszP5ooR0eA3X2CPfGENeeKi%2BL%2F0N3izcU82qdwyFBI34hYjVGG2jU2MdJe2JkI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b56c9549a05-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 511B 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=empfpdc&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7q5ymtFV5WQowR2R896p04RPrkz7iJAw12QVBmOsTLF1ppScLEIDKs1yUS2QZJuJMJIylI%2B%2BkkUAXWLMpR0j95NGILVy%2F8o8BmOBPETW5Y0E7i7pc693AKb%2BgOIbHZXBzu1Png6OFjR9oPs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b56d9649a05-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 7518 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=wtwiidh&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJbsWztHwGxGKlOXmmfIDs1Zv9noUlsCHIFse4EBMrZbT3WDn1jQkHwnkN2AwMoeP6p22OY%2Fj%2BO31NcivpGotapB2Ab6Tn0S%2FWMTSaqbIiWIHIIBApK%2FNliV9%2BI1bOs1jEww%2Fi9YDY1n4S4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b56e9749a05-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 56E3 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ffiqcjuv&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTRf0bXk530aTEECCdLe8Ge%2BQtN0u1ZBxcM8infPiJz4hLrH6gE7WJZEfCrth9vJjanhE3nHJtlSmcwin17Spgg%2BKoL0KdBmvsb5WutpQVpu8EIVOXikgFTXTKqaTX%2FJlIPqMWGlJFd%2FLRs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b56f97f9a05-FRA
prebid6.15.0.js
hb.adpone.com/ Frame D6A8 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=kanrzrd&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFwvxir6h7LRQh%2BYwX64XOd9RRqGoSJB5Q1zrWTWQN4pv%2BemYyzdWegK6heRa7TOeGJG57zVZbUq%2FbSehIfbDa32a4NNEKXCjbzcLbgaa3xt%2BIceioWiqDc0icwUilUSNz%2BHj%2By74IKBh8w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b56f9919a05-FRA
prebid6.15.0.js
hb.adpone.com/ Frame B336 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=khdqvb&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgsGkaZpCbLJMQFN9TuabBOc%2B3Qjld43lIKb6NxRM3ai%2B2nXqyRXHQGtzAEVEABqB8V3j5PcNxXDzZKgmHDZle1TV2ChJsCdaH1ZyMaUZHiA8CLPevXB5fZP8SH1FYMwSRh2jdpox1peHQk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b5709b19a05-FRA
prebid6.15.0.js
hb.adpone.com/ Frame A057 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yjutwti&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPfN6Gdc1wykv8BO%2BHTIvbRo%2FFqEEEVemjt%2FKHdHUfJlRmi2qki3LkC%2Fk%2BHOy4koVUxeSw6nL3Fy6Dhu3FCdTh4Q3uF0npJfvVA8XHluDcqfKM4OCjJSZJ72dtMHr6FKvqmvvHIEJCfGyZw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b5729cc9a05-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 5E34 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=xmycovcd&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaiVHuDCn6oueFhxPfmN9Ss%2BXROWg%2BK7aeR4VMhs6Km%2Bga0Xa9kYp7del9eYmteaIkR16xIx86fSyS6bi0sNMZfDpugzmSWwuIOZoy%2BWYRly7901URub%2BotJEkD5kmtlLFJ3cWInq5R6ONU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b5739d79a05-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 8CF5 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yjnfmne&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdDre1E81o6wS%2BOjf3D%2B8Dk7gZmC8qicoqiFndidwi5UNk9Ep82W2wqYiZxK5PiNKcBQHAxePRRmWomM8erh8FKf1%2FU8gQeYPGvE1DFMm%2BxBRY8Si%2Fr37gb64g9V7LFPtsgY2avhdSk%2FyQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b5759fd9a05-FRA
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame 08C9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
54358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 07:54:42 GMT
prebid6.15.0.js
hb.adpone.com/ Frame E457 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yqhxsdeyj&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UymCODXV3m7tBvQEUimdaJ0h2aGyaTE3G6w5PnRIp8ZSwII%2FfUyf7xeY9PC0nzpRpKzpYj3%2F1v%2FYAicHkpwCJkUzBcfrKwGYqetJHiWSvMSi5oBAiHmZTtHHA9%2FU%2FjByZqXHk%2FCMgQg6fpY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b578a2e9a05-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 6C95 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zzotyyen&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilftIDiC5Oe%2BgE7JlWmzTyxsTHqNRC47prtqUlKms%2BhpJ9DTkgGrlSR%2F4GIy5OH%2Br3jt9J%2BeVId6SfOO2SIF7bVVs%2FdvXoWrfluhNEDiB9bDiIimX%2FSZn6HDzPpuCwX1uH%2B8IWOBb4IymLY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b579a459a05-FRA
prebid6.15.0.js
hb.adpone.com/ Frame 6CA2 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=jzdbcrjgo&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0WxEU0VBUPKSIri35vlDo8liq%2FenCAoWtoy5LRb0zaFKwOt6d%2Fl2yloQHN0jgt7b%2BAcZ6IeJwn3C65gJRFg2FKkhKVd0Ecl1a0RCk12qdy4X%2B8GOZmQ3q5gSh9f6Dm3Bo3DzqfB5EU6wC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b57aa589a05-FRA
prebid6.15.0.js
hb.adpone.com/ Frame A687 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=qqrubuf&e=1695597276133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626
x-amz-request-id
37WBBB1SQ98GPR8P
x-amz-id-2
gNVtQHmKmPOXTCpkNrOJB0AMqJe/uySbEtlcKojQtmbp16/MFJrIInOvDaNJTyNbtwcA90gng/s=
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DASWuY5iP3z90cgpsuntUmRyvSBSzdw90oIDsaHoth%2Bdy00HfdUqLPfxXmwc9shCj8uDd8Ix66kfogCwVeLIfHVMdF7tEEXRZpUk809MVi%2FX3ZN3UMr3znUfyXDISqakaGENjiREKPcEPuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray
70f92b57ba6e9a05-FRA
activeview
pagead2.googlesyndication.com/pcs/ Frame C481 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstww_x8h9JtWVBUrL4ydI_5zaNnXVQUcnVPfKEt5olj7F85uDEG3V1Mdhmsn88ta4OF2_UEaRHKysskUnlrxT6evbNWtZ49FNkeqDdhlzMEplyV0Iiwv9OPKssK&sai=AMfl-YQ6w_g3uVp6PO-USkSDbzoSyAocJj7AwtEUAKeK7o-KXM3WdGQYAV6O46CRLn5B8KmwYHp_DTr0ujaa&sig=Cg0ArKJSzEJRHE_4oMx-EAE&id=lidar2&mcvt=1115&p=0,0,600,300&mtos=1115,1115,1115,1115,1115&tos=1115,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=781755679&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653260436199&rpt=1910&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 463B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT1g1c6Vtsw5cmzUsAhvQ9eeU4BugNRJW9vd3FcZEhKsIG1LkrKaSiFVaKjhmEPwiKWXLnVPWKvX6QuvUVkWt9ixRDCOl_-88tvx0Qj4k-DCM&sai=AMfl-YQi1hCfqvqMoPUAo4Nsj2XjXRJLiUtQ1UIspbrgO5zpdmpNSzQVMNC8x6y7-gtPTgAsv-kOS8E5NJOy7rS-n_IB8SnE6utDlv2TyrfVasO39bis7i0V4xSxxTpZ&sig=Cg0ArKJSzM1vEBF5tLQIEAE&cid=CAASJeRohirVZD0mFB9tnKuJr9PWKlkYOz-_QfJ_-xTo_CRunt3WCes&id=lidar2&mcvt=1049&p=950,0,1272,300&mtos=0,1049,1049,1049,1049&tos=0,1049,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&vu=1&app=0&itpl=20&adk=3875702543&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653260437110&rpt=1074&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
546.json
id5-sync.com/g/v2/ Frame B6B7 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
2b18fe43d554f67ed5455e271c1ecd99fdac48fc2de3151085d21ccc0961bd1a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 9421 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
c08da2b86d237245b5fcf518f7ac663b58b6eabd45dd7a9daf3467804fa0586a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 511B 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
2c817507584e6351b4045cddf092243a9f941838e8b92317c49e69f5de639e5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 56E3 		212 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
e4959f7061c6736e63f1ffe501bcf2fc3bc9f9dcd7e2d978d5c474e304fd5ed1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame B336 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
18281ac5ef4d81ba937478d847216e4df5a604c2dd994182e17054c91bee6eaf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 5E34 		212 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
ca79946a55c334d6081451fa8dd8fede2974585cfab9e225f721ef67612ae18a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame D6A8 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
78a3ab140fcd43ebecfa9d68949017f9c5996352084a555a65a986a9b8a5a5e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 7518 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
a4af208d1fb1aa41254b6c92e1de1b9564eaa736a1621bde54a71bc289d5a505
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame A057 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
ae20430ebe58ed38304b64f6f01251ca9fe1aeccbb9529f22be6879ea48f1879
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 48F6 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/p4.41.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 May 2022 23:00:40 GMT
integrator.js
adservice.google.de/adsid/ Frame 8321 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8321 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ua.korrespondent.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8321 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3061212359890436&correlator=2252106945644224&eid=31067689%2C31067709%2C31060889&output=ldjh&gdfp_req=1&vrg=2022051801&ptt=17&impl=fifs&iu_parts=21671350435%3A22654422242%2C300x250-korrespondent.net&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1907443763&sfv=1-0-38&ecs=20220522&fsapi=false&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.04%26hb_adid_appnexus%3D1824f5b174b88d1%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D1824f5b174b88d1%26hb_bidder%3Dappnexus&eri=1&sc=1&cookie=ID%3Dd3a2dfc05a4ee392-220a2ac79bcd006f%3AT%3D1653260437%3ART%3D1653260439%3AS%3DALNI_MaPMTYgWD0qBVXpvmHUaChFz17CIQ&cdm=ua.korrespondent.net&abxe=1&dt=1653260439488&lmt=1653260439&dlt=1653260438718&idt=534&biw=1600&bih=1200&isw=300&ish=250&adxs=1375&adys=1259&ucis=xn69yiwni7dv&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=4&url=https%3A%2F%2Fua.korrespondent.net%2F&top=https%3A%2F%2Fua.korrespondent.net%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1369755530.1653260436&ga_sid=1653260439&ga_hid=164993619&ga_fc=true&btvi=1&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
2376cbc29446b1ec714caf4cb5d71118a57db5ac45f91f28dbc93fecaed0903c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9204
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ua.korrespondent.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8321 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53854b6506d89c688204a05e73a410d37e16cbacb5b8eff5d4d41f2720d17cc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10591
x-xss-protection
0
container.html
c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5EAC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:40 GMT
expires
Mon, 22 May 2023 23:00:40 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
bid
ap.lijit.com/rtb/ Frame B6B7 		94 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
631f2e753b02b1c33dd30284f0738ce0ca0754e70aad99e79fcd9ec888828a26

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
arj
adpone-d.openx.net/w/1.0/ Frame B6B7 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=ff1d8bec-0b1d-4899-910b-30864b304f0f&nocache=1653260439500&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439064&aucs=adpn-adtag-1653260439064&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
490da1c60ed9a4d3387cafbf69c0d181b93d8d6944270f80e98ddec5d39db6b0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame B6B7 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
41250b726905a403401c0e1daef047afa977a1fd663f5d88f10c90e1b5ff6dc0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2b8ad100-ca40-43dd-99b0-9f03c2714d6b
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame B6B7 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=45839836747
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B6B7 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439064&tk_flint=pbjs_lite_v6.15.0&x_source.tid=ff1d8bec-0b1d-4899-910b-30864b304f0f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.29226926888732074
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
65b5c7914601a8871c0622cf5a340f4b7506c7c4d189965c22614b6bff67fc4b

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7800
Expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ Frame B6B7 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame B6B7 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cygnus
htlb.casalemedia.com/ Frame B6B7 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2215b55654a80645a%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22162f03fcb98b236%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c71cdee800e5fdfc16285ba891c0a7f25a71eb638622b74f4b72e3ae92068503

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
bid
ap.lijit.com/rtb/ Frame 9421 		94 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
ce1105aef61d450aa43ce3ed27f413a164f748a54f89a05be69201758a043513

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
prebid
ib.adnxs.com/ut/v3/ Frame 9421 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6f6fb9f81e3df27e8bba0b1570ba7689e09b4043fab0800703b7e413bb09f01f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
195459fd-41b6-464a-b079-f514fd3e9eab
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 9421 		73 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=0d77fde0-e0a3-4631-80a0-abb17910208f&nocache=1653260439525&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439072&aucs=adpn-adtag-1653260439072&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
2e4d7e4ed5af36c2889f8a65445445aab3d63b0a5994f92067bea8f7a5635c15

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9421 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439072&tk_flint=pbjs_lite_v6.15.0&x_source.tid=0d77fde0-e0a3-4631-80a0-abb17910208f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6709703690274715
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7b82db7d9aec1044e330a8434fb8883d126b5fec04f47226dce780a568c952da

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 9421 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=14770053104
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:37 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 9421 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
openrtb
adx.adform.net/adx/ Frame 9421 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cygnus
htlb.casalemedia.com/ Frame 9421 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2215816a2842e9d48%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216993fe5af5d6f9%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2019cc4362b8310992c5ac17bf259b149af0452554e251ecf0232902895ed5c6

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 511B 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cygnus
htlb.casalemedia.com/ Frame 511B 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22373a933ab688ec%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22432f1ea1f0d92f%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e484b21199c8263bd909daccf9e0c9f8bf7895e99354719a4db5a474b51b3e07

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
v1
prg.smartadserver.com/prebid/ Frame 511B 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 511B 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439079&tk_flint=pbjs_lite_v6.15.0&x_source.tid=acaa8b11-b48c-4d41-95d6-306d9242dede&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.48491181588401244
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2c91bab886959bd7e97837a0c55875b45c86e97ef18a0d02a38b9cddc586e59b

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7708
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 511B 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=acaa8b11-b48c-4d41-95d6-306d9242dede&nocache=1653260439563&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439079&aucs=adpn-adtag-1653260439079&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
ff7ca5dd273fd26d8e0e001f3d5da345e8ba0ded91494a7ec2dead5b8b2c1ee6

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 511B 		94 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
f2e41f0911b9ae8747922f22e83e17bc0f7e733d726bf94d2a4b19ff3bcd8edd

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
cdb
bidder.criteo.com/ Frame 511B 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=86821881226
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 511B 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
04ac6d74cace46acdae160a1dadbea312a9f48114f1b9a738ea571d7fc6f1cf1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ac68e6fd-a454-4ef4-ac47-135f3ddb4d56
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
v1
prg.smartadserver.com/prebid/ Frame 56E3 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
adpone-d.openx.net/w/1.0/ Frame 56E3 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=0e86f9d5-06b5-4342-b7d7-7be655c29466&nocache=1653260439582&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439095&aucs=adpn-adtag-1653260439095&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
7285bbcc3dea1f7817ba4834fefded828aa129b21bdc3cf5c9acdb12dd1b4781

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 56E3 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cee30dd331a6e05778894a97eec4d61fd1b4fd911bbd0fe16fcb457e399123d2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3a48d57e-2c91-4f85-9417-7d7f74a1c6a7
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 56E3 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2abcc133c83e58ab6e725a04f1887ab7b8262492b7f30ceac62a0ddfe4fe26c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 56E3 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=84665775993
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cygnus
htlb.casalemedia.com/ Frame 56E3 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22117257038917676%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221241291a9e754a%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
70fb8ca0f2b77baefa1167ec4704b8b4a6aeb5860f6db5c384227e4a6c87e58e

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
bid
ap.lijit.com/rtb/ Frame 56E3 		93 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
0c52b6608057b18c6a5cfc42279e3abf4886e25d44893aa724d6ac54b8856fe8

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 56E3 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439095&tk_flint=pbjs_lite_v6.15.0&x_source.tid=0e86f9d5-06b5-4342-b7d7-7be655c29466&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.35506901540716385
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
aa75de25118af26c033c154a21bf0156dd7247afea67a941f3210e773fa2e36c

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7824
Expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5E34 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439135&tk_flint=pbjs_lite_v6.15.0&x_source.tid=a3e246a0-b7d3-4fcd-bfe6-439e99e7cd25&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5764645484038633
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a871095398159eea02c5fff548f5e1b9f0b132febdeec1ac9fb30ae29134c699

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 5E34 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 5E34 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8519055dcefaf716c4836a1fae0376a6772a3235d089877b73ca625c6715f7e8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
56d5db42-3da2-4374-8be9-668c6539c938
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 5E34 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=a3e246a0-b7d3-4fcd-bfe6-439e99e7cd25&nocache=1653260439607&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439135&aucs=adpn-adtag-1653260439135&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e775544809d2f32a316ae8bea00f093c795679fe41b1cb8edd09a3b32bdc3952

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame 5E34 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=31717012330
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:39 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bid
ap.lijit.com/rtb/ Frame 5E34 		93 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
51d590d335fcf6c1d3e1b2b69edcf34a033bacc719650378aa840391b8ffcf27

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
cygnus
htlb.casalemedia.com/ Frame 5E34 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22132835b79872f36%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214b9b807491ea61%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b3d5b2371fb9e642010d707d466c5621daf96247e8132fc2a18a819dbc7f7a29

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
openrtb
adx.adform.net/adx/ Frame 5E34 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
546.json
id5-sync.com/g/v2/ Frame E457 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
8ea427ff942b091ba6b20681d5af0eed40421da437519824acff3c9d0e1013ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 8CF5 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
064b2f85c517a9f3712a666386b163fc0ab3c9f3280b1b9cc4b7b572a9ccf249
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 6C95 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
187983a3511961fbeff3b9e571db344f9f8757cebae40dfcdb1fcee4b46d8c89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame A687 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
95f10b4a2a047bcb651a6d6a81d428980f6e61d13a34f49f74a1991474d4156d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
546.json
id5-sync.com/g/v2/ Frame 6CA2 		213 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/546.json
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
a64c34db39e278f7096a37225e8fcef4b05d4a6b9dea0239fd0bbabfcd16a9b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mediawoot.com
date
Sun, 22 May 2022 23:00:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame B336 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame B336 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
96436740768df916a8e12a0cf5103e614f00c344b9de081fada66723a8b5831d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b6a942f8-f189-4b9e-a706-f1f1f60f56de
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame B336 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=17525455967
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame B336 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
adpone-d.openx.net/w/1.0/ Frame B336 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=3cc93139-6b4d-4dac-a841-ab27fb1658fc&nocache=1653260439680&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439114&aucs=adpn-adtag-1653260439114&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
528c86f58e059ee149839519af2df2b44fec2ddf531fe5912acecc6815fc0d42

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame B336 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
ec0983858cfaf7d77b7b4468bea63ba78717e29b2ddc7fb4a2099d5b2ad096ff

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
cygnus
htlb.casalemedia.com/ Frame B336 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213968282d7aa815%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221426d374e34170b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5e8b9269cce6da2ce82dbd4aa62999550123e87332e0f1a94f364616df827598

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B336 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439114&tk_flint=pbjs_lite_v6.15.0&x_source.tid=3cc93139-6b4d-4dac-a841-ab27fb1658fc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.039230427098880805
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fc7b1e9347cca07849f32c1597c310ca3fc7c417c823327d05937be7d1b12c3f

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
cygnus
htlb.casalemedia.com/ Frame D6A8 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22125bed2bd7a758%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22256ea987f6262d%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
65bf758cafde87be0ef27573b34e3faeab6daf69968d9ebdbe39e0747b1ad770

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D6A8 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439103&tk_flint=pbjs_lite_v6.15.0&x_source.tid=59784866-ed8b-46b0-bab3-4ac124e05788&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3307454425569163
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
748b83a597290eb19e04a7fb1bcb5a6e18cdabcc73ec349ba538ce208ecb3b43

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D6A8 		10 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
67e1d18963c48d25ac37f5419bb2fa2824b4a59bc888f3c9e37d2b8b1c463494
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
874a4e40-c5a3-4fff-977e-66562b6aa9aa
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame D6A8 		93 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
4a041f29313c3d67a6325f7812a881477691c44d76a8b37579fa24d832fd391a

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
cdb
bidder.criteo.com/ Frame D6A8 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=35633767248
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:39 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame D6A8 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
openrtb
adx.adform.net/adx/ Frame D6A8 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
adpone-d.openx.net/w/1.0/ Frame D6A8 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=59784866-ed8b-46b0-bab3-4ac124e05788&nocache=1653260439696&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439103&aucs=adpn-adtag-1653260439103&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
691c452272da385f85132d8b6085e7d9b1b440a1a7a0ba89b592a7f84cd37dd7

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
v1
prg.smartadserver.com/prebid/ Frame 7518 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
adpone-d.openx.net/w/1.0/ Frame 7518 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=dc9436cc-0aff-4145-9b47-8866899a4054&nocache=1653260439702&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439087&aucs=adpn-adtag-1653260439087&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
689a9bbf4b38cb5f7ea0a53aaf789631e6f0818578b41d34dec022b933a00766

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame 7518 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=19594328591
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 7518 		10 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
094ae68d4f053abcb87672435c61bcf9b23d3df6038c6fd099eeb536e5a98611
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8df89b2f-1033-4acc-ae64-3274588dbcf4
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7518 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439087&tk_flint=pbjs_lite_v6.15.0&x_source.tid=dc9436cc-0aff-4145-9b47-8866899a4054&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10667037528558287
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4f6ec1bdb37abaf42626c9307d6c5818e6b12206b8ba7ad2946bdba4c7ee09ee

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7805
Expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ Frame 7518 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bid
ap.lijit.com/rtb/ Frame 7518 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
84f34f69f0f6a8caedf71912424a3a1c69670af6a8fc90bc2f7ddbcce263b515

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
cygnus
htlb.casalemedia.com/ Frame 7518 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22158798979270edf%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216dfc142f088dee%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3e1bd9240c93fe7ee19e2abbedf423059d988a696938ef1b9951f7eec6af9197

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A057 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439125&tk_flint=pbjs_lite_v6.15.0&x_source.tid=4c0a027b-9b70-4bf2-979f-e5c47e232297&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.12442383197808682
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c9de877c3d6eb781c5ef65c638ec4f626fd82b809a5033a2c2c0662386567a67

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7800
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame A057 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223dc259351f9561%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249a6f13d994f34%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f294fcfec44f843f70470dee991faa66d2fb6d92442a5a61df3ad2b0c1755466

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
bid
ap.lijit.com/rtb/ Frame A057 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
6017b9355dfd4dfef039e7d7b20957ed2103ec82aecb8fbb1ac727f2676394de

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
cdb
bidder.criteo.com/ Frame A057 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=12462361443
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame A057 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e819c4288cd8d5b1ffef8780329882cd3d259ecee0daa0b4e83f5296686a1809
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
63218483-70ef-4f2c-9d6a-302f0b1826b3
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame A057 		72 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=4c0a027b-9b70-4bf2-979f-e5c47e232297&nocache=1653260439719&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439125&aucs=adpn-adtag-1653260439125&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
7a1769d964c2456ccb6dd0d8482264c844b49febd38b590530adc90e717292b0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
adx.adform.net/adx/ Frame A057 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame A057 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
arj
adpone-d.openx.net/w/1.0/ Frame E457 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=429731d6-c547-4832-9389-927027f9ce62&nocache=1653260439759&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439187&aucs=adpn-adtag-1653260439187&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
3b89ab476c5248ed927b94a4ddce315b338347f9d05c0301518f8f6561908d7e

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E457 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439187&tk_flint=pbjs_lite_v6.15.0&x_source.tid=429731d6-c547-4832-9389-927027f9ce62&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.40361742513991117
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
58fe9f4ed6761bee5016013eee193e3d3855bff1b2c16d2d4d4337e7ddebd85d

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7826
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame E457 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=18863403722
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame E457 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
abc770477b63d0c9eb4792edf64e206474d0de7ca8e2d9183d897bd60f868e2c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bef2eafa-4cb4-4591-94ef-c4958904efed
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame E457 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22929a6f5ad9d6a3%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210fe99ef6abc1ab%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3613203cffd833ea970368d0658df22f566dce2cf29f6370a12e5745cc215eb2

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
bid
ap.lijit.com/rtb/ Frame E457 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
54fe732ff1cb0165f95103cd3c522ad5e92229eafba2b1519d88c9fab6960289

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
openrtb
adx.adform.net/adx/ Frame E457 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame E457 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 8CF5 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
adpone-d.openx.net/w/1.0/ Frame 8CF5 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=d623b6ab-315c-4582-9016-fba7d5f429b7&nocache=1653260439776&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439153&aucs=adpn-adtag-1653260439153&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
096d52e186fcb7f2dce353ec631df8e3c2d3496f473aa55ea84a2e82b0af321d

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame 8CF5 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=90262679830
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 8CF5 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d6014a3890789e14bcd722c35ca248efa9561b27d74dfce61c578b5e967188f4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0e01e20e-b283-4713-91c0-20cb38184e55
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 8CF5 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2297a9f3d50de355%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22103487e29624625%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
abeedc734fed596f9f470593a07a17fc3d5ab327c0b83dfca3b96acec99fd49c

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
bid
ap.lijit.com/rtb/ Frame 8CF5 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e68f4cc1315fb47fdb04803c9b9afff0727b280fc6cb5c1db51d9f945d3e023f

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
prg.smartadserver.com/prebid/ Frame 8CF5 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8CF5 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439153&tk_flint=pbjs_lite_v6.15.0&x_source.tid=d623b6ab-315c-4582-9016-fba7d5f429b7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7251155939750025
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5a0aefb1f1e7696be57dfeb6ec557db2006201d76175ca0e8c77f768cc04b4ed

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7805
Expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 6C95 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
adpone-d.openx.net/w/1.0/ Frame 6C95 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=8debbe73-6aab-40e5-881f-2fb40d3922a0&nocache=1653260439786&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439201&aucs=adpn-adtag-1653260439201&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
02bbc84d003c2d2255685dc686181313cd5252fb344b2c611904d99612ce9d32

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 6C95 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6C95 		315 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439201&tk_flint=pbjs_lite_v6.15.0&x_source.tid=8debbe73-6aab-40e5-881f-2fb40d3922a0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7870471544268565
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
35cfc63452b952ec276c2bae823642ac3f78da134255d9ed673b610184aa9609

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
315
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 6C95 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
74258139e0ebe9343f40170474529e6a412993eae3f1955a119fbd902ded1558
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2a27dadb-b570-48b6-aac7-948e4d7b7919
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 6C95 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211c9e4fe8f6b878%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212395b533da054e%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
66efdbe018ef48ba544c9cb9a57297662f0a6639e3ab77ab5c832698a231f036

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
cdb
bidder.criteo.com/ Frame 6C95 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=51774203467
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bid
ap.lijit.com/rtb/ Frame 6C95 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
2e87f63531f948dd8dcb1926b8842424cd2aa3f37f12adec977d923600c06696

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
cygnus
htlb.casalemedia.com/ Frame A687 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22135dcecea94a7a%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22212f49c84791cf%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4f55118c4da1320fd6b311f4c629bbf4266b9b7fba5c3fdd567ad0149fa132c4

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A687 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439218&tk_flint=pbjs_lite_v6.15.0&x_source.tid=934c9b5d-f583-4730-8761-940eb59e4bb8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.25456594670653154
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
84abcde2209d220ce853e89fbfa44d7fefdc8f3e466167c49b0469aeab7da1a8

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7824
Expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ Frame A687 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
be999ddf92c88767a2a06fa99338fb1c7323ceec6b097fd1dfd744b36afec1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame A687 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
096d5206bf60e371476e8ab705287bbb120a8f8a2dc9e51ce5cd57d4fe54ae57
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
551399b5-8bcf-493f-84f9-e9c374c6712d
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame A687 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=934c9b5d-f583-4730-8761-940eb59e4bb8&nocache=1653260439802&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439218&aucs=adpn-adtag-1653260439218&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
d8ad090d6c79db1e9465ff36423e11c23d5c0f5240dacbbcad0356f0304e6710

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame A687 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=55294237024
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bid
ap.lijit.com/rtb/ Frame A687 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
bb97e95fa67add1fb5ed414b7abb89bc84da30ffc19f478481b6d1cb9dc3134a

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
prg.smartadserver.com/prebid/ Frame A687 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://mediawoot.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 22 May 2022 23:00:40 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
v1
prg.smartadserver.com/prebid/ Frame 6CA2 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:39 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cygnus
htlb.casalemedia.com/ Frame 6CA2 		35 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=676744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2239a8ed1b1fb12%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%2C%22page%22%3A%22https%3A%2F%2Fua.korrespondent.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2243be082bfce4ea%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22676744%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%22163dad3ab48d8d41e65b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b8bf1f8cdb74ad2bca7edc8bedfff3c7cb11c38e84480233dfcd8a6fb4e909bc

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.114.218.19], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mediawoot.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
35
x-ak-client-geo
12
expires
Sun, 22 May 2022 23:00:40 GMT
bid
ap.lijit.com/rtb/ Frame 6CA2 		94 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
85cf3d2a2e38756d3cf277286b38835770c7c154a084804d138cd4ff7ca0153e

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://mediawoot.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6CA2 		319 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=201784&zone_id=2055862&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,163dad3ab48d8d41e65b,1,,,&eid_id5-sync.com=0%5E1%5E&rf=korrespondent.net&tg_i.ref=https%3A%2F%2Fua.korrespondent.net%2F&tg_i.pbadslot=adpn-adtag-1653260439210&tk_flint=pbjs_lite_v6.15.0&x_source.tid=5d28bca2-a87c-4bc3-9b15-39be7d0462c1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7672148132897407
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
63cf1e8f1218642b847e3a78ffe0b9a898f1768de21441884bce0385fca5c4df

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:40 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
319
Expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ Frame 6CA2 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 6CA2 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
73d639f2ac7cce55012cd7abca950334f999d9fb7fb2b90ce4b888f21b6df3e3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4ec31855-4817-4fc6-bfe5-dfa8c94bdcad
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 6CA2 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fua.korrespondent.net%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=5d28bca2-a87c-4bc3-9b15-39be7d0462c1&nocache=1653260439822&id5id=0&schain=1.0%2C1!adpone.com%2C163dad3ab48d8d41e65b%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1653260439210&aucs=adpn-adtag-1653260439210&auid=544062056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e277b162cdb301be5de38de7ab7eb6c3a15a5d4fc47550815a845f9c519a2d99

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mediawoot.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame 6CA2 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=14247533310
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://mediawoot.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
container.html
c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 678E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:40 GMT
expires
Mon, 22 May 2023 23:00:40 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8321 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:40 GMT
generate_204
tpc.googlesyndication.com/ Frame DFBA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jsx1rA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
script.js
acdn.adnxs-simple.com/strikeforce/ Frame 7D32 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
45306671a9b3d4d1a3a96aecc974d4df0ad542531ee13be0d5a402f88a154430

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Age
66985
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
40446
X-Served-By
cache-lga13629-LGA, cache-hhn4082-HHN
Access-Control-Allow-Origin
*
Last-Modified
Wed, 27 Apr 2022 16:09:57 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1653260441.044735,VS0,VE0
ETag
W/"62696ad5-1c6ab"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 19 May 2022 04:26:54 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 57778
trk.js
cdn.adnxs.com/v/s/224/ Frame 7D32 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Mon, 22 May 2023 23:00:41 GMT
it
fra1-ib.adnxs.com/ Frame 7D32 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLRCvBMUQUAAAMA1gAFAQiYgauUBhD3yuvLp-WQjWkYrvStjd38oPoRKjYJ203wTdNnuz8R_x6yBPZxtj8ZAAAAYI_C5T8h_x6yBPZxtj8p200JJPTiATEAAACgmZmpPzDLiKkKOJhQQB1ICFCW2qiGAViTwosBYABotNiwAXis1wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC-AAwCIAwGQAwCYAxegAwGqA7MGCuoFaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUWHBOZUZwVVVURlBWMGwwVG0xT2ExbHBNRE5hUkVrMFRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpFMk56a3hORFV4TWpjM016RTRORFk1Tmpndk5qWXlNak01TlM4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVRE5tWm0weU1qSk5lVjl6VldWWFRrdDJMWEJHTW1jdk1TOHhNeTh3THpBdk9UVTJPREF6THpNMk5EZ3hPREk0TURNdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWBHUTE13ZDAxRVFYZE1WRUYzVFVSQmRFBRA6MAAQY3ZNQzgFfAkIDEUyTnpW_ACoWVcxekx6QXZOekl5THpRdk9UazVMek15TWk4eU1UY3VNVEUwTGpJeE9DNAFQFHVNREF3TAFQ8IZUTXlOakEwTkRBdk1UWTFNekkzTXpBME1DOHhNeTh4TURJMk5DOC9xcFZSbzFWY2tGSTdCUmFFTlNjNjYxUGNEbFEmbm9kZWlkPTE2MDYmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD0xNjc5MTQ1MTI3NzMxODQ2OTY4JnNoYXJka2V5PTE2NzkxNDUyHQDwi3ByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9iYWhhZmQmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzMy4yMjAmc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTUmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITMTY3OTE0NTEyNzczMTg0Aa7wlRoTNzU3MzQzOTU3MzA4MjY5NTAzMSIJMjgxNjg1MjcwKgYxMDE5MzY6BzY2MjIzOTXAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIUaWIgFAZgFAKAFkOyJ-Jn2g6g4wAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWL60v6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Ab5qwHaBhYKEAkSGQGAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxugcPAVJIGAAgADAAOL0GQADIB6zXBdIHDRWAAUEI2gcGCSdE4AcA6gcCCADwB8fcAYoIAhAA&s=598273e6af015303a7c0fe2c13bbe8b4b4b8d85d
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0692272c-f420-4fdf-af5e-0b39e60d9488
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfscript/ Frame 8390 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=8976528965895423848_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=8mSC5h_-q6zXde5AyVazm75WrmxVILjF8CcVZ_bPoSyRqElUk-zI6z3MIOAm_xzU-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VTYpHDtss2kxrLNhql8glOlRvcyWI0NpSCRj8gMOF0Ub8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6JnvBeZLG4PiSw2;rtbtest=0
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80a375d6961337f7cd8c7c6d25ed4ebd84aa054ec584c30efbd547f18bbc270a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
999
expires
-1
trk.js
cdn.adnxs.com/v/s/224/ Frame 8390 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Mon, 22 May 2023 23:00:41 GMT
it
fra1-ib.adnxs.com/ Frame 8390 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhDojs7BjrHCyXwYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF45tYFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU4OTc2NTI4OTY1ODk1NDIzODQ4XzEqBDUwNjk6CDUzNTIxNTk0wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATat5OkAYgFAZgFAKAF9vrW4-2juqsHwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFv8xD-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH5tYF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=45624132ad5c020e653f71f618cf5aaf450c68ab
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8fa5996f-5ef1-4872-8b13-4193276a3c2d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
j7ljeqx6jfhz
hal9000.redintelligence.net/zone/ Frame 164D 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/j7ljeqx6jfhz?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=2832066629117460572&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2832066629117460572%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9fa7e0cfc989fd2aa8d60dcbaf3ad6009e580a6320ebe0531ab0434b0178464f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2802
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
tags.mathtag.com/notify/ Frame 164D 		49 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTXpNeFpUUTFPV0l0Tm1Oa1lpMDNaREk0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MzIwNjY2MjkxMTc0NjA1NzIvNjYyMjM5NS80NTYyMzEyLzEzL1BlbXpRQWFSM0I1dVJGREFuYjNKUHdBWGtPRDhPZ3JHUG9YVXBEeTBUTlUvMS8xMy8wLzAvOTU2ODAzLzM2NDgxODI4MDMvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzI4MzIwNjY2MjkxMTc0NjA1NzIvYW1zLzAvNzIyLzQvOTk5LzMyMi8yMTcuMTE0LjIxOC4wLzAuMDAwLzE2NTMyNjA0NDAvMTY1MzI3MzA0MC8xMy8xMDI2NC8/joJuyE-rZ9mREfVyfQL7Xh4GrV4&nodeid=1606&group=cdg&auctionid=2832066629117460572&shardkey=2832066629117460572&sid=4562312&cid=6622395&bp=a_bahafd&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.132.67&type=imp&client=c2s
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.330.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
x-mm-bid-request-time
1653260440
Last-Modified
Sun, 22 May 2022 23:00:40 GMT
Server
MMBD/3.330.0
x-mm-latency
34 (1)
Content-Type
image/gif
x-mm-dbg
Invalid
Cache-Control
no-cache
x-mm-host
zrh-router-x24, cdg-bidder-x134
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 22 May 2022 23:00:40 GMT
img
pixel.mathtag.com/event/ Frame 164D 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=2832066629117460572&v3=651871&v4=4562312&v5=6622395&mt_nsync=1&no_attr=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4419 e1034d5 master zrh-pixel-x5 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Server
MT3 4419 e1034d5 master zrh-pixel-x5 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:40 GMT
img
tags.mathtag.com/event/ Frame 164D 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=2832066629117460572&st=4562312&time=[IMP_ATTR.time]&nodeid=1606
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.330.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Server
MMBD/3.330.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x81, cdg-bidder-x134
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 22 May 2022 23:00:40 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 164D 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Mon, 22 May 2023 23:00:41 GMT
it
fra1-ib.adnxs.com/ Frame 164D 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLQCvBMUAUAAAMA1gAFAQiYgauUBhDl0Iyv6reprkMYrvStjd38oPoRKjYJ203wTdNnuz8R_x6yBPZxtj8ZAAAAYI_C5T8h_x6yBPZxtj8p200JJPTiATEAAACgmZmpPzDLiKkKOJhQQB1ICFCW2qiGAViTwosBYABotNiwAXjA2wSAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC-AAwCIAwGQAwCYAxegAwGqA7IGCukFaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUWHBOZUZwVVVURlBWMGwwVG0xT2ExbHBNRE5hUkVrMFRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpJNE16SXdOalkyTWpreE1UYzBOakExTnpJdk5qWXlNak01TlM4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVSGhITFVOWlIxOXliRk5tTUdwSVUwWmpWaTFFUVhjdk1TOHhNeTh3THpBdk9UVTJPREF6THpNMk5EZ3hPREk0TURNdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWBHUDE13ZDABYCxkTVZFRjNUVVJCZEUFEDowABBjdk1DOAV8CQgMSTRNelb8AKhZVzF6THpBdk56SXlMelF2T1RrNUx6TXlNaTh5TVRjdU1URTBMakl4T0M0AVD0IAF1TURBd0x6RTJOVE15TmpBME5EQXZNVFkxTXpJM016QTBNQzh4TXk4eE1ESTJOQzgvVnR1UkZtRU9JdEN6eTd2UEYyNzB2VW1kYWRrJm5vZGVpZD0xNjA2Jmdyb3VwPWNkZyZhdWN0aW9uaWQ9MjgzMjA2NjYyOTExNzQ2MDU3MiZzaGFyZGtleT0yODMyMDY2NjI5MTE3NDYwNTcyJnByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9iYWhhZmQmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzMi42NyZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5NSZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhMyODMyMDY2LpAA8JUaEzQ4NTM5MzY3MzY2NDQwNDg5OTciCTI4MTY4NTI3MCoGMTAxOTM2Ogc2NjIyMzk1wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASFGViIBQGYBQCgBYDAttnokra_KcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBgBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwFSSBgAIAAwADi9BkAAyAfA2wTSBw0VgAFBCNoHBgknROAHAOoHAggA8AfH3AGKCAIQAA..&s=38a58229f6952baa6ebc30c1895f7d5e39d6a96f
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
51c61128-54b1-4464-8d80-d73965881f08
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfscript/ Frame 7412 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=53798891;rtbwp=Qgi_KpiCYgFwHowiC0pO_KzboUFQG3yp0;rtbdata=el6TqoVMDqapCpdN0IL94PeAyZtfC9XAMNTvJ_JRmUnIaD9Kbg9fljkgZx8X_JVdogtcjAKOpl4jT_Qc-y1LlH3S90274223XXvqs7R6mTyYZp9WoUoFd1eoa1-_OqvrvutYU2WCa6qWTZUixlZj0Uc-ZScvAHo57Tx_eBmAAqtDBOM6P-o_lsxoE1N8aXg0rFHhyneVWwtoaeIM-O7i_Lm7L69djybIQpjCK6gFV2l0AzsOzQcqjo7Y95vPe-pVQMVaBBQ2U1YqnpboyvhYc40uotWEQNmcoNHZIWHVGd84Igey9WwBF85yZz3Vhk17rssE6qd2KEHgn60k2ZW6RXt-_ptJpuEsm6hn5DAzcCjDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ikbmm94BmY142u1ywTJ-2j7YejTI4L2FwWVvqO76vcIQCEQGOXvs3JG4dWAZeGGw7-ItQUX26WQ4VpGCUp3CsKjblvxv6hEU9eldCH9cAh0Fa2YosIrH8UGizDjvm1ec82tH_-6FdkP2BVHa6a1fWth3uLXZUv3HziXcKis-nYNikVL53zwdcOMcxGLfZLB2dQxNLLOjbqzcC-5GEcl5xLxZE5pjtzGQxaMB7E3Is5U1;pui=CQ8Cld2Xq9xoWg-9V89lYs3NzXsustMOTCkRm0RsSigvZ7ZY04vbbM1WlqH_IbHs48zob5Vkq1q8jqTQ3yLCxQ2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7862c23c84c5d4c677fb2f0729d5cad7562db5635acc2a2cb13925d33159d28e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1817
expires
-1
pixel
cm.adform.net/ Frame 7412
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adform&bsw_custom_parameter=7a1b11ff-3ef2-4dee-afaa-5010608bc125&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=91d0748b-3725-4812-ad62-4bdf18331886&expires=1&user_group=5&ssp=adform&bsw_param=7a1b11ff-3ef2-4dee-afaa-5010608bc125
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=7a1b11ff-3ef2-4dee-afaa-5010608bc125&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=7a1b11ff-3ef2-4dee-afaa-5010608bc125&adform_v=1
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ffiqcjuv&e=1695597276133
Protocol
H2
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
last-modified
Thu, 11 Apr 2019 06:08:57 GMT
server
nginx
accept-ranges
bytes
etag
"5caed9f9-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
//cm.adform.net/pixel?adform_pid=3&adform_pc=7a1b11ff-3ef2-4dee-afaa-5010608bc125&adform_v=1
Date
Sun, 22 May 2022 23:00:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.adform.net/ Frame 7412
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEFqv8RvuviCridNaJVQLIuw&google_cver=1&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEFqv8RvuviCridNaJVQLIuw&google_cver=1&adform_v=1
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ffiqcjuv&e=1695597276133
Protocol
H2
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
last-modified
Thu, 11 Apr 2019 06:08:57 GMT
server
nginx
accept-ranges
bytes
etag
"5caed9f9-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEFqv8RvuviCridNaJVQLIuw&google_cver=1&adform_v=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 7412
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=1293804016050600494
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=1293804016050600494
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ffiqcjuv&e=1695597276133
Protocol
H2
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
last-modified
Thu, 11 Apr 2019 06:08:57 GMT
server
nginx
accept-ranges
bytes
etag
"5caed9f9-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1d3d5482-ec0a-450b-a180-c4767f8da228
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=1293804016050600494
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame 7412
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=34e3cb87-a63f-402b-b05e-c0c5e31a0ae3
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=34e3cb87-a63f-402b-b05e-c0c5e31a0ae3
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ffiqcjuv&e=1695597276133
Protocol
H2
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
last-modified
Thu, 11 Apr 2019 06:08:57 GMT
server
nginx
accept-ranges
bytes
etag
"5caed9f9-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=34e3cb87-a63f-402b-b05e-c0c5e31a0ae3
Date
Sun, 22 May 2022 23:00:41 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
adx.js
s1.adform.net/banners/scripts/ Frame 7412 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Wed, 26 Jan 2022 11:59:05 GMT
server
nginx
etag
W/"61f13789-e95e"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
/
trc.audiencemanager.de/ad/ Frame 6E16
Redirect Chain
  • https://trc.audiencemanager.de/ad/?pl=6247113c3104805709594f35&cb=1121703254&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BG...
  • https://trc.audiencemanager.de/ad/?cb=1121703254&liiftaucid=4304040353409451151&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&pl=6247113c3104805709594f35&tc=https://fra1-ib.adnxs.com/clic...
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.audiencemanager.de/ad/?cb=1121703254&liiftaucid=4304040353409451151&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&pl=6247113c3104805709594f35&tc=https://fra1-ib.adnxs.com/click?3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=MzYyMyNGUkExOjUzMDk=/bn=93154/clickenc=&cookieId=4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=xmycovcd&e=1695597276133
Protocol
H2
Server
52.18.123.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-123-145.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
ec565fb8742570c02f8e7497850bc5c4f9c604cee62709ae335b66ccc6f6402a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
access-control-allow-origin
*
status
200 OK
x-powered-by
PHP/7.2.9
requestid
8277a2628ac09945eab0197016083925630084
vary
Accept-Encoding
p3p
CP="NID DSP ALL COR"
hostname
10-0-13-149
responsetime
16
content-type
application/x-javascript
content-length
2194

Redirect headers

date
Sun, 22 May 2022 23:00:41 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
status
307 Temporary Redirect
x-powered-by
PHP/7.2.9
location
/ad/?cb=1121703254&liiftaucid=4304040353409451151&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&pl=6247113c3104805709594f35&tc=https://fra1-ib.adnxs.com/click?3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=MzYyMyNGUkExOjUzMDk=/bn=93154/clickenc=&cookieId=4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-length
0
trk.js
cdn.adnxs.com/v/s/224/ Frame 6E16 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Mon, 22 May 2023 23:00:41 GMT
it
fra1-ib.adnxs.com/ Frame 6E16 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QKRC_DtkQUAAAMA1gAFAQiYgauUBhCPiavf3LzB3TsYrvStjd38oPoRKjYJ3MUkpAUHzD8RvqKeH2v4wz8ZAAAAYI_C5T8hTL8Honz3yz8p5E7pYP2f0z8xAAAAoJmZqT8wy4ipCjiYUECnHEgCUPmOyqgBWJPCiwFgAGi02LABeOLXBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgNTYzNDYwOSwgMTY1MzI2MDQ0MCk7dWYoJ2knLCA2NDMxMTc2LCAxNjUzMjYwNDQwKQUdLGcnLCAxNjA4MTExNgEKADUyHgAwcycsIDI3MjM2NzU5MkYfABRyJywgMzUBAgg4NjU2HwDwsJICsQQhOTI1MjFRaktxSjhZRVBtT3lxZ0JHQUFnazhLTEFUQUFPQUJBQUVpbkhGRExpS2tLV0FCZzdnTm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBZFpTMkxDbmw5SV93UUZ2UjhuWEJLRFRQOGtCQUFBQUFBQUE4RF9aQWFsTm5OenZVTzRfNEFISXc0Z0Q5UUVBQU1BX21BSUFvQUlCdFFJQQEzCHZRSQEH2EF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ1BXZGx5QVFDeGdDTFEBO_BDQzZBd2xHVWtFeE9qVXpNRG5nQTdBdWdBU2RzNFlIaUFTZzBxd0lrQVFCbUFRQnNnUUtDSTNZb0E0UXBPU1JEY0VFQUEBSAEBCERKQgEHDQEYMkFRQThRUQ0OiEFBQUlnRnZTbVlCZWpfNzRFQnFRV3BUWnpjNzFEdVA3RUZBASQFAQhEQkIRNxRQZ195UVUBFhhnTk1ySVA5MigAAFoZKMBBXzRBWEk3d0h3QmR6QjFRZjRCYkgwMXdLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAVQAQQFgIHFBWUVzZ1lrQxF0DEFBQUUdDABHHQwASR0MNHVBWUuaApkBIWxCVnctPjUCLEpQQ2l3RWdBQ2dBTRE1EFBnX09nLm0BSGxBc0M1SnFVMmMzTzlRN2o5UkEVAQRCWhULCEFCaB0MAHAdDAB4HQwMNEFJazWA8N44RDgu2AIA4AKbhU7qAh1odHRwczovL3VhLmtvcnJlc3BvbmRlbnQubmV0L4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4xOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zNjIzI0ZSQTE6NTMwOdoEAggB4AQB8AT5jsqoAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAABQ5s2AUB4AUB8AWGHvoFBAgAEACQBgCYBgC4BgDBBgUhLADwP9AGmA7aBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOL0GQADIB-LXBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AfH3AGKCAIQAA..&s=6125cacd3df67117f24acf06ebbb3e5a9c389aa4
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0c08a45a-b4e6-4fe6-94c8-c151fb3ca1ca
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
syncframe
gum.criteo.com/ Frame 7ACD 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:40 GMT
server-processing-duration-in-ticks
1718
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 48F6 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 May 2022 23:00:41 GMT
/
track.adform.net/adfscript/ Frame 79F0 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=916712572602806661_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=UMxmvGLgj6L5bFyAx23umkxi6BaOqD4Qtvw71dQmB-ih0qBgofQYP1Ymjq0_-_jk-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSCfRMDvNYDAs8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6JnvBeZLG4PiSw2;rtbtest=0
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8c4ab77364e45b61a4bb76c01b411bb44797a0189c493a6c877460dcd839888e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
997
expires
-1
trk.js
cdn.adnxs.com/v/s/224/ Frame 79F0 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Mon, 22 May 2023 23:00:41 GMT
it
fra1-ib.adnxs.com/ Frame 79F0 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLKBPBMSgIAAAMA1gAFAQiYgauUBhCF4_-Ypae03AwYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF42tkFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMmGhQ5MTY3MTI1NzI2MDI4MDY2NjFfMSoENTA2OToINTM1MjE1OTTAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAXZi_KIoL_itw_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAfa2QXSBw0JAAAAABE4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=4bc4cc3e1ffcaf7803b6c49f5685a0b0ef1eaf5e
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6515168b-678b-4e71-99fd-a44c5e661399
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfscript/ Frame 0DAF 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=50241503;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=8410774315688070797_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=1tf6k0Ya10YUVb8qcr5eTRpRm-OKKJAlCzhuOEFJ32jxoPKqTrTuPFNA2bM6BGhBz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYs0QDieQ5c1tzjZnCmAeodcwcmrnF5tsDEkseoNKdIb1mMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPUGP12Pw95Qog2;rtbtest=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
88354612ef4d59f51561ecdcf321ad9790c787fc52338467a3cf8a995d8c47cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
998
expires
-1
trk.js
cdn.adnxs.com/v/s/224/ Frame 0DAF 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Mon, 22 May 2023 23:00:41 GMT
it
fra1-ib.adnxs.com/ Frame 0DAF 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhCNncTk2NXE3HQYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQyLi4lwFYk8KLAWAAaLTYsAF45u0FgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTisvK2hjUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU4NDEwNzc0MzE1Njg4MDcwNzk3XzEqBDUwNjk6CDUwMjQxNTAzwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATIuLiXAYgFAZgFAKAFvN6i59Wlh_QQwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFoeBI-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH5u0F0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=fae0f8cf938243888e726cbe36eb705eca9b0148
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
da7ea5b5-c396-40c0-ac34-ce54d2ba6dfd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfscript/ Frame 96A4 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=52103798;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=2312141840971833396_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=0zR12OOaQZf_J8Nee3Ik0K-gFKZ0Tjio6amDyZHvHcD6yDEcFSNB_J1TY3zzkuNtz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYsjA--o6CMZNzjZnCmAeodcwcmrnF5tsDFG8eGMMwMrlmMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPXWaUjPx3SqVw2;rtbtest=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
04a165e49a822f67f238f9975da7c207f74809f73310944d4ebcead7d346d4bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1005
expires
-1
trk.js
cdn.adnxs.com/v/s/224/ Frame 96A4 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Mon, 22 May 2023 23:00:41 GMT
it
fra1-ib.adnxs.com/ Frame 96A4 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhC0wMbrkJiYiyAYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQobv9nQFYk8KLAWAAaLTYsAF4xNcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDUGFVN0JnUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhUyMzEyMTQxODQwOTcxODMzMzk2XzEqBDUwNjk6CDUyMTAzNzk4wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AShu_2dAYgFAZgFAKAFt4rz5rve0o5mwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF5Zod-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgHxNcF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=8fdf1a2ee5a36deb7f665b77a835cdd0aeba32c0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7cc9a726-ba24-43e9-84ae-12062d6a6942
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.audiencemanager.de/ad/ Frame A9FF
Redirect Chain
  • https://trc.audiencemanager.de/ad/?pl=6247113c3104805709594f35&cb=58990947&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYw...
  • https://trc.audiencemanager.de/ad/?cb=58990947&liiftaucid=4601927983503357598&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&pl=6247113c3104805709594f35&tc=https://fra1-ib.adnxs.com/click?...
6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.audiencemanager.de/ad/?cb=58990947&liiftaucid=4601927983503357598&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&pl=6247113c3104805709594f35&tc=https://fra1-ib.adnxs.com/click?3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=MzYyMyNGUkExOjQ0MzY=/bn=92914/clickenc=&cookieId=4524a54d1bae04d7b05febe02312c8be84b6e34da31afffdf5190cadea1d3e93
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yjutwti&e=1695597276133
Protocol
H2
Server
52.18.123.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-123-145.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
ae1dc157682ed7fa580e33d29975f7e43ce2aa5575d111180b6f352dc4b57b44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
access-control-allow-origin
*
status
200 OK
x-powered-by
PHP/7.2.9
requestid
4202b5628ac09944cf9962886811464947111
vary
Accept-Encoding
p3p
CP="NID DSP ALL COR"
hostname
10-0-13-77
responsetime
10
content-type
application/x-javascript
content-length
2257

Redirect headers

date
Sun, 22 May 2022 23:00:41 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
status
307 Temporary Redirect
x-powered-by
PHP/7.2.9
location
/ad/?cb=58990947&liiftaucid=4601927983503357598&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&pl=6247113c3104805709594f35&tc=https://fra1-ib.adnxs.com/click?3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=MzYyMyNGUkExOjQ0MzY=/bn=92914/clickenc=&cookieId=4524a54d1bae04d7b05febe02312c8be84b6e34da31afffdf5190cadea1d3e93
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-length
0
trk.js
cdn.adnxs.com/v/s/224/ Frame A9FF 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Mon, 22 May 2023 23:00:41 GMT
it
fra1-ib.adnxs.com/ Frame A9FF 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QKRC_DtkQUAAAMA1gAFAQiYgauUBhCe7ZaV56PV7j8YrvStjd38oPoRKjYJ3MUkpAUHzD8RvqKeH2v4wz8ZAAAAYI_C5T8hTL8Honz3yz8p5E7pYP2f0z8xAAAAoJmZqT8wy4ipCjiYUECnHEgCUPmOyqgBWJPCiwFgAGi02LABePLVBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgNTYzNDYwOSwgMTY1MzI2MDQ0MCk7dWYoJ2knLCA2NDMxMTc2LCAxNjUzMjYwNDQwKQUdLGcnLCAxNjA4MTExNgEKADUyHgAwcycsIDI3MjM2NzU5MkYfABRyJywgMzUBAgg4NjU2HwDwsJICsQQhQjI4XzN3aktxSjhZRVBtT3lxZ0JHQUFnazhLTEFUQUFPQUJBQUVpbkhGRExpS2tLV0FCZzdnTm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBZFpTMkxDbmw5SV93UUZ2UjhuWEJLRFRQOGtCQUFBQUFBQUE4RF9aQWFsTm5OenZVTzRfNEFISXc0Z0Q5UUVBQU1BX21BSUFvQUlCdFFJQQEzCHZRSQEH2EF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ1BXZGx5QVFDeGdDTFEBO_BDQzZBd2xHVWtFeE9qUTBNemJnQTdBdWdBU2RzNFlIaUFTZzBxd0lrQVFCbUFRQnNnUUtDSTNZb0E0UXBPU1JEY0VFQUEBSAEBCERKQgEHDQEYMkFRQThRUQ0OiEFBQUlnRjFDS1lCZWpfNzRFQnFRV3BUWnpjNzFEdVA3RUZBASQFAQhEQkIRNxRQZ195UVUBFhhnTk1ySVA5MigAAFoZKMBBXzRBWEk3d0h3QmR6QjFRZjRCYkgwMXdLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAVQAQQFgIHFBWUVzZ1lrQxF0DEFBQUUdDABHHQwASR0MOHVBWUuaApkBIWxCVnktUTo1AixKUENpd0VnQUNnQU0RNRBQZ19PZy5tAUhaQXNDNUpxVTJjM085UTdqOVJBFQEEQloVCwhBQmgdDABwHQwAeB0MDDRBSWs1gPDeOEQ4LtgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzYyMyNGUkExOjQ0MzbaBAIIAeAEAfAE-Y7KqAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAUObNgFAeAFAfAFhh76BQQIABAAkAYAmAYAuAYAwQYFISwA8D_QBpgO2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi9BkAAyAfy1QXSBw0JEToBOAjaBwYJJ0TgBwDqBwIIAPAHx9wBiggCEAA.&s=9ec4c142b94a3b3ffe483688711d23764de27f2f
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3fe9b800-1599-424d-8d16-80b76e48fc19
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfscript/ Frame F294 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=52800928;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=5070465613227081452_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=FpT2qF0gKLPLXoyrXBP72S_JN09doPHqY6qzdRVL539STeovYnE_cH_8UXzC0AAwz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYsjA--o6CMZNzjZnCmAeodcwcmrnF5tsDMZG9T1HHliqmMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPXWaUjPx3SqVw2;rtbtest=0
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ceae5b8b4f0e932fb371ea2cb75fe8e26a6d72615359075f050407546c09804b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1008
expires
-1
trk.js
cdn.adnxs.com/v/s/224/ Frame F294 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Mon, 22 May 2023 23:00:41 GMT
it
fra1-ib.adnxs.com/ Frame F294 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhDs_e7RxbP6rkYYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ_MXkogFYk8KLAWAAaLTYsAF49tcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDS0RibGhrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU1MDcwNDY1NjEzMjI3MDgxNDUyXzEqBDUwNjk6CDUyODAwOTI4wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AT8xeSiAYgFAZgFAKAF1NiYiYWVxvQwwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF8OhL-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH9tcF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=2063612200567320aa104c9608ceb727c77107f2
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5d6f6bab-0af8-42bd-9b93-eecd25ffae28
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfscript/ Frame D807 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=52908647;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=4831897657419069401_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=hFCP7GIZRCYWqmc1wuuLAzywT2R6NdZP3hemrI7_crtPBv_L_tb_VgbkatejBLlA-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSNTxen2v6cf08TvLgxAJSYgVZhku1euOvoW8zpnzZzcbkjcLyrxkJyt6KHLXtwwDKw2;rtbtest=0
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a734d1139c9e4589f8e120364ed49bbc167570f4975ae217d3a0fdd2b56d6bd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
991
expires
-1
trk.js
cdn.adnxs.com/v/s/224/ Frame D807 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Mon, 22 May 2023 23:00:41 GMT
it
fra1-ib.adnxs.com/ Frame D807 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhDZ74WsmqqWh0MYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQgZbmogFYk8KLAWAAaLTYsAF4_9YFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDT2VrblJrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU0ODMxODk3NjU3NDE5MDY5NDAxXzEqBDUwNjk6CDUyOTA4NjQ3wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASBluaiAYgFAZgFAKAFivPu1-jUyosMwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF5Zod-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH_9YF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=301319449a585f8d3c09e7642a85afa0170a3354
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d8103789-bfc2-439c-ac02-52cb103c55d8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfscript/ Frame EC4A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=325563722503802841_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=hH51GcFAzLIO8c1TnLtm2fsKUHjc1OTeT8hU9abO35SvgOFx2uLuSNHYlT431gDp-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VeC858dszKAbrLNhql8glOlRvcyWI0NpSPNR4TyrQSEC8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6Jl6KHLXtwwDKw2;rtbtest=0
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cd9ff3ad680462db08b726b2ea657886a5702bc03272b6b8c4a9a1888ca80413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
994
expires
-1
trk.js
cdn.adnxs.com/v/s/224/ Frame EC4A 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Mon, 22 May 2023 23:00:41 GMT
it
fra1-ib.adnxs.com/ Frame EC4A 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLKBPBMSgIAAAMA1gAFAQiYgauUBhDZn9_8sM-owgQYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF4q9YFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMmGhQzMjU1NjM3MjI1MDM4MDI4NDFfMSoENTA2OToINTM1MjE1OTTAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAWsxq654KC48zHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAer1gXSBw0JAAAAABE4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=d5eee16880e8f0697bf53bfc9adc7be38c8bc2fe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3471a296-7618-4da9-95ea-1e6b0592a936
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfscript/ Frame FF4F 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=970827348278350710_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=xJPJ65CjQK2hntcIVp8woKybOZVOcTkHai-QNH7s8k_bRpt1qEp1Lva0tmHAVTjd-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSEOYWYBiRsWq8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6Jl6KHLXtwwDKw2;rtbtest=0
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d43830072dfc4fab17ed31bb78fd8038650650ac6e454402be94cbeef1ef29b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
995
expires
-1
trk.js
cdn.adnxs.com/v/s/224/ Frame FF4F 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Mon, 22 May 2023 23:00:41 GMT
it
fra1-ib.adnxs.com/ Frame FF4F 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fua.korrespondent.net%252F&e=wqT_3QLKBPBMSgIAAAMA1gAFAQiYgauUBhD2pvaCxsrEvA0YrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF4q9kFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMmGhQ5NzA4MjczNDgyNzgzNTA3MTBfMSoENTA2OToINTM1MjE1OTTAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAWRz7ORv6DimEXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAer2QXSBw0JAAAAABE4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=161cd5e57bb630c947f5e86b97f692b7a52bf071
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
88aead79-2362-4595-95a9-ae392456db2b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfscript/ Frame B6EF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=53798892;rtbwp=DCe16rakHdak7bjlv4Y6aqzboUFQG3yp0;rtbdata=Y7sXdZWOOc-SZzBRolec2jxTlY1O88kcmAnyxTClxFomIZqcOhstEucxbCA7OgRLda-I3BHPP9akryRNchtxOXXaLhHzI1R2ifKZH_SWpVqYZp9WoUoFd1eoa1-_OqvrvutYU2WCa6qWTZUixlZj0Uc-ZScvAHo57Tx_eBmAAqtDBOM6P-o_lsxoE1N8aXg0rFHhyneVWwtxQf2krl4cAbm7L69djybIQpjCK6gFV2mf3fPBhreLfo7Y95vPe-pVQMVaBBQ2U1ZkntMMy_4-8H2t40oB5mkaoNHZIWHVGd84Igey9WwBFyUNIY2VHzzurssE6qd2KEHgn60k2ZW6RXt-_ptJpuEsm6hn5DAzcCjDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ByPSVDqy9kJ42u1ywTJ-2kOaUGlXgU4jSM7fAmJmbQJiCujdxAdVt5G4dWAZeGGw7-ItQUX26WQ__SssKVIGMXCfxKLy6P3hS44hk-JQDoJSBwCi7xoym68v7sqRbf6WFBsZUaY1qeCc5_HuFwf6Fiiv87ZEANsu_IHXwqFvT9hikVL53zwdcOMcxGLfZLB2dQxNLLOjbqzcC-5GEcl5xJlnrkJxW_LlxaMB7E3Is5U1;pui=CQ8Cld2Xq9xoWg-9V89lYt_ZLZF3pTI50DvA7aotEGYvZ7ZY04vbbM1WlqH_IbHs48zob5Vkq1q8jqTQ3yLCxQ2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6dc0dfed8fd2b74f12723b4fe471dac9285d1e1cff5114ee487c7298bdfae0a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1795
expires
-1
pixel
cm.adform.net/ Frame B6EF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=adform&gdpr=&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=273&smartmap=1&gdpr=&gdpr_consent=&redirect=x.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D%25_rid%26ssp%3Dadform
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fx.bids...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fx.bids...
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=98fb91dfad23fd6ca1793c70986750f0&gdpr=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3DHHt10Nrrg...
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=HHt10NrrgaVbjXYSbRRSWjjR&ssp=adform
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=7a1b11ff-3ef2-4dee-afaa-5010608bc125&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=7a1b11ff-3ef2-4dee-afaa-5010608bc125&adform_v=1
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=qqrubuf&e=1695597276133
Protocol
H2
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:42 GMT
last-modified
Thu, 11 Apr 2019 06:08:57 GMT
server
nginx
accept-ranges
bytes
etag
"5caed9f9-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
//cm.adform.net/pixel?adform_pid=3&adform_pc=7a1b11ff-3ef2-4dee-afaa-5010608bc125&adform_v=1
Date
Sun, 22 May 2022 23:00:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.adform.net/ Frame B6EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEFqv8RvuviCridNaJVQLIuw&google_cver=1&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEFqv8RvuviCridNaJVQLIuw&google_cver=1&adform_v=1
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=qqrubuf&e=1695597276133
Protocol
H2
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
last-modified
Thu, 11 Apr 2019 06:08:57 GMT
server
nginx
accept-ranges
bytes
etag
"5caed9f9-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEFqv8RvuviCridNaJVQLIuw&google_cver=1&adform_v=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame B6EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=1293804016050600494
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=1293804016050600494
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=qqrubuf&e=1695597276133
Protocol
H2
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
last-modified
Thu, 11 Apr 2019 06:08:57 GMT
server
nginx
accept-ranges
bytes
etag
"5caed9f9-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
180f6c5b-8b32-4ae8-8362-57e4a739056f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=1293804016050600494
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame B6EF
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=34e3cb87-a63f-402b-b05e-c0c5e31a0ae3
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=34e3cb87-a63f-402b-b05e-c0c5e31a0ae3
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=qqrubuf&e=1695597276133
Protocol
H2
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
last-modified
Thu, 11 Apr 2019 06:08:57 GMT
server
nginx
accept-ranges
bytes
etag
"5caed9f9-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=34e3cb87-a63f-402b-b05e-c0c5e31a0ae3
Date
Sun, 22 May 2022 23:00:41 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
adx.js
s1.adform.net/banners/scripts/ Frame B6EF 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Wed, 26 Jan 2022 11:59:05 GMT
server
nginx
etag
W/"61f13789-e95e"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 8390 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=8976528965895423848_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=8mSC5h_-q6zXde5AyVazm75WrmxVILjF8CcVZ_bPoSyRqElUk-zI6z3MIOAm_xzU-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VTYpHDtss2kxrLNhql8glOlRvcyWI0NpSCRj8gMOF0Ub8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6JnvBeZLG4PiSw2;rtbtest=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:23:06 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 7412 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53798891;rtbwp=Qgi_KpiCYgFwHowiC0pO_KzboUFQG3yp0;rtbdata=el6TqoVMDqapCpdN0IL94PeAyZtfC9XAMNTvJ_JRmUnIaD9Kbg9fljkgZx8X_JVdogtcjAKOpl4jT_Qc-y1LlH3S90274223XXvqs7R6mTyYZp9WoUoFd1eoa1-_OqvrvutYU2WCa6qWTZUixlZj0Uc-ZScvAHo57Tx_eBmAAqtDBOM6P-o_lsxoE1N8aXg0rFHhyneVWwtoaeIM-O7i_Lm7L69djybIQpjCK6gFV2l0AzsOzQcqjo7Y95vPe-pVQMVaBBQ2U1YqnpboyvhYc40uotWEQNmcoNHZIWHVGd84Igey9WwBF85yZz3Vhk17rssE6qd2KEHgn60k2ZW6RXt-_ptJpuEsm6hn5DAzcCjDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ikbmm94BmY142u1ywTJ-2j7YejTI4L2FwWVvqO76vcIQCEQGOXvs3JG4dWAZeGGw7-ItQUX26WQ4VpGCUp3CsKjblvxv6hEU9eldCH9cAh0Fa2YosIrH8UGizDjvm1ec82tH_-6FdkP2BVHa6a1fWth3uLXZUv3HziXcKis-nYNikVL53zwdcOMcxGLfZLB2dQxNLLOjbqzcC-5GEcl5xLxZE5pjtzGQxaMB7E3Is5U1;pui=CQ8Cld2Xq9xoWg-9V89lYs3NzXsustMOTCkRm0RsSigvZ7ZY04vbbM1WlqH_IbHs48zob5Vkq1q8jqTQ3yLCxQ2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:23:06 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9A1C 		586 B
315 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNWxh-k_poW-xrfHGaJg6Crl_wfDvQUd39v-Sj9PfhWF5vfJzumNF7XNbJijCaD5TvcRz7T3CabTQ7gyS7TknMln8-zBdNc2Ot9d9Dv3j8ad76ciBWGRSsD7dNoYOWa31qk7zYo8VqfJ01w50VF6ayw4geEmxU6CRj88HJQ7EezxYZtXhIM
Requested by
Host: c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
URL: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
294
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 678E 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJr1Pf1gqR9jDS19AhhBTccApN4mRADy5oNtw7ni1MgHiAOFzeX74ZXLbj2v0d8l_tAiuhEXjMjPv_4CnllpHhxcCouHt8f9KZrxNi7ZErEgty0of8TEQ6FoIGFqTPmXtYCZl5zpHPnNBOafkPygjIJiPYAA&dbm_d=AKAmf-AcHIwlmR4dEpQZeALKdqCoL-_ALCNUvqaSaGWRuvO_RTOKa0sBOWeGuozuOf2i4CKLesA0dhvOYbewYU58omW18sawrfdeFaFv_cMiYPMnfHQ4nB8iSv33Ntkicl6-i5zIt9pcwakfuNRBluXaMoHD2dEJTfGHjxrzlM7J394zclcL1CBa0EMgoQVu6FyInNM0Dx-X-sabA5sbNZJ_4of_8gnxk93qpYBnOgvQ2FVhkA0qhKmolmipET89DwhT1mTPEqn8ZUtmk94wj1OD6EjD-OcKMxDD9V8ZVPOltuaZeA_bM6Bw-KLvNQDUjrDb6cXBX5SPAcJ9t1RX3TMTSPHWNm8hhQOljLYytor-NPH5qoXqtPcx419xeqISXf9_oVmpYKpxRhQEjan1Z5GJrCIeFss_Eq8IO-Em-UGqXfw64EclKRLU9AtpRoT4EdVgoN0_Eq2BeKZMHv8w-dq_ZZ1k_vPzGgqb3m0z4b9aqYbBcnu4OQKxiRPyk4iHUtU4W0OjckgLAelUJXj-cg4uJb96jmiOHYOU7LFke70Gwebn-5VOzm1o3VPNmII6eK16ECpvhOk3ENvfW-O41DEByVK6qI1rR7np_sd4O6buXEUCPkkb4TpNO-yp4T7rpNhkIf_rzsSOfFPKmYR6T6zpz1P7NcffMC-jVAqWbTcG5UqTeZ_M3sbLNtnsEWLpWszmzxDxyBLsljlJ8sljDq7OC3GI27PqAIuWGU3dwetVW5qXIKjexFFO-ykxdoClI1lcQFZvaeOhRm20o-JAfTtRqxbsofpMCxkLiCarRPrt3mbzNvJmtIcFuybDbQLiCOnZOGSDeH_ckjTopC0K80ZOiLpIYRAQnq6w1b-RvJstryiFu99Nx8Vv-hgakaD5lmRVsqyGwX7i95Wy3cRA60A4mjEysRxohui8jfu7t35NewVmDMb7Xf8PYoW1ztdD9N_0KenHbs_38HlU_N77cGsau20GioWRnNm6X5eOQNXhZSfVxDzoBmdpbEPmhl1fQ7JQ0imBY69aL4SbkUgnpZmlhy8nq3tmqFeDHFNO5nAJbJ8vY3nnnXgr12tjgHl9Fh4-tgLaQEgGMhCgp9cESTh2SKkuPP7IeSyPsc1A5VNG2-qtExOUdQZYsTysD7RqiM2JaVXZSG6a-5BqgO1rlnF33ApHXas3ooGAf-Zpfp9W4Jef79m8Wc8NdyO7fiiUMN-gwGRX7n8qusYz4P1LI8QEp_J84hOrp5hzd-h7NQlZ0J5Qv82ZUzK-AzuT2zamquMQ8xLkdblHzJReEEGFp14v0jU80IB7RqzG2LosUtfloPl0-iGRSiOo5zYlP1wUkTmZUgzUcqtljURJfCsMgNFSHxT4QRWiqtBHX47cIz5ijgecQNRLUsaD7aw0TLoXps1eOhiHT0rYEmKMxB_sEjK9qPqGIWuKrJLDjurSZiEVg6LG8S1GUyoOK92uW-EKGdCBXfnrgZgPusp-A_ETqnsHVXjyoJd-t8-quxCzHHL9YGlRZUdlk1rxIT-F2lssywDEMBhlU8INFTcJlsXg12vHzBYQO1dxjKijIiMswQn3IsLt-wGY0s6QFUvSixI4Tx7rmHzmdKjJEmE7lnNnd8w4tV_OvUlgWIwu_N7JnjzCtCdB68tKPujaWLj4ISXqB2vsr1gn3Nq856Go80f--oagNJBIwtK5ZIU4hpdI0omLvRDOYI96U0OLkzkTthbZsYtuWFLesswqtaLaBZ49jzQPBOPbr32b3SjRExJDVyRG_eSY3wZD19z5zOX6d-Vpdc32osmO2vBcQQ86YbHZ6Gq5NFErMS5BAbEmZiNx-NQv8Gl1r9NCb-kI74nMwlZuf4ROm0Eo8ah2uCZ022uxKf0tPQYCVyXxG3sWVcIlikET5zZonO3jHrJv9NdP2YfetFjRp9lwxW8G-J4PieISXcZfTdZUUfA53wUrfq2QaHyFDu2_0bwvRZAx3eHQV7x4jmvZ0MfSvCjJoGnSUvyzAAKG1-DJyIe-4u_WgBUODjEkczh7lFQrtliLX1z0DrLpifJQuPTyYPRWxh1_Ww1cavp1TQDcsp_x3uOkYmy_Kdek9eMjk-Qvie3Dehm5y6JM8dJskmrUcTnTO8bkU2mWxxUw1s4aOCX8IAXAgUhXeNoKtkBs8pYc0ud9w6z9JkXJC7I1ut81jNIB0OhqrcQjnwRj67Fx4f-KoQ7LRGwuN5MgQ6upagu8FwWrVfezDgUMwywxQRsgEIdAooWq_7npdCN0b0g2twlMkw8P_BzphmnmRKfDmEHjOqGgcypfImtFT5t6lJTyUdpXySIL5TdiNRBke6iBhqrnSnDXv7_xzFuSI8a504A3LnLPhVLRgku7m_4AMI-jeWepSjJPKwzYhFIj542jnk5bzw5JjnHs9n16fD1dBLbeDK4GZGpt5UYwo6zEFNM0cWO01_bs6kVz0cGXVV3L2Veh0Z7sHicGbpWnMoct5_dSn3pp92KIeLuTMx6TFnSFcx968qhI44w8mCfn1CO6Bn7a6X3BhoueHP_-wMILLVwpqAei8xB_iq4nYda8kmhYTIuWUwKFHpeWiz7UN0FjtJE__hxxRstvg3vT2glHsHafgYVQatkq_rYWMrvtu3r8iNf3WkRFdXemsdryhxfTuHKuoqrT3mm9TURRJG_14jsGOowitSmwX4mFtDG1P3lDiZzhL3uAAfuRNsYWsShu3EamCm4nNYTXQhnNh1otUc-AUJ1qlXw5y0ds6SWXLfRu-4qpOmdeR-SRxOA2snB0HSYmV0T3-7F9w1dtdkKuoBfxZnZvyJ3vuEYNrugmznEx_SM3oBvtfq525fum4v6J-PpKvuM6d0GrWeYlQ4c8l2H4N8zxtIAYW7XiTP_hK4BnQ7jEpLorDiFDPkLlJGAGgyfUkmhmM05X54MS8SRH55KXzrluMTRPdyuO_g1YeR43psIYju-GHb652al36j5BKQ21fvwpLtA0jTmSPtinF7AlXVlq3QKS05DESnb6HQ0-XmJTS-U7jSuUeOarwLm2jxzLnjAT2Rm-SqOeHHaRSksKV4OEoW_FwGXtlrwOdTMCkACki_7iS6W8Ct0pAFduu2yPN9fHqjPHxWadlz7NAAnO33gn81EOOxlnIEmGjB7slHszBGcRC_PWNwmlIu1mDHOyWcNCDegs__sMzMLTAF232d0NY2nZVQNsCjOccc43OaNf0GH96KnLWaVLOxe8O7o-PQa3555zPimr5-OLt1be-YRKBg-ribWIjZ-PV2_FHsSmO36MzNqZxRtHemiOIt-5qxMrKjgkYQmZ_aP-bL5LXbL6HhkHMw20VexJsHS_XS7cMZwQGlTsrgz-20vPKd-NasZxnpzGE0okFsWaVi49Jxkk-972Y1cQw-GEx_TkajpZnyAcegparhL80S_2A-U9PMNmmmznRcs-KD_5uYp_T2F3B67sJw_jqxajs-JSASizRMm7tzWhLmzd_gwI9M6kKKCvb56UTdGaipH6KbYaIUE&cid=CAASJeRo2UrnuKFYb_B3u-MaQ-ATplxUc0tGR5Qu6VgOtHmDUIXiZKM&rfl=5%2Chttps%253A%252F%252Fua.korrespondent.net%242%2C%2C%2C%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd1348ce3db35de0979f6694dfc7ddd1e1d559cbc951f46d2a9e28abcb242167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33934
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 678E 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A2Wd0G3Rw9szrqb6zrNTdDCS5Od8YXkVIp9rcNJcyyKaC6YZiEJRZwSRUdK7kUDKfA48bP6tPjtv5V_Q9sYW0Fm9XH9ts2KxKzsdrG_tbkIVvBRCs
Requested by
Host: c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
URL: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 678E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2021.js
Requested by
Host: c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
URL: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1549
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:34:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 678E 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
URL: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 678E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
URL: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2637ded6ce007b316a9c5e971a20daab4be2b60d85cde6181ead7d406bfe68d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3399
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7175
x-xss-protection
0
server
cafe
etag
14106299915199171216
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:04:02 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 79F0 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=916712572602806661_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=UMxmvGLgj6L5bFyAx23umkxi6BaOqD4Qtvw71dQmB-ih0qBgofQYP1Ymjq0_-_jk-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSCfRMDvNYDAs8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6JnvBeZLG4PiSw2;rtbtest=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:23:06 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 22 May 2022 23:00:41 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ Frame 7D32 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
j7ljeqx6jfhz
hal9000.redintelligence.net/zone/ Frame 7D32 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/j7ljeqx6jfhz?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=1679145127731846968&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1679145127731846968%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
697c159b574b775c919acf3941ce749a606911037b4bbd1f4af2e389286e7891

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2804
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
tags.mathtag.com/notify/ Frame 7D32 		49 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTXpNeFpUUTFPV0l0Tm1Oa1lpMDNaREk0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2NzkxNDUxMjc3MzE4NDY5NjgvNjYyMjM5NS80NTYyMzEyLzEzL1BlbXpRQWFSM0I1dVJGREFuYjNKUC1YdW1fbjFnZFhvQm55UGhHUlBmcWsvMS8xMy8wLzAvOTU2ODAzLzM2NDgxODI4MDMvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzE2NzkxNDUxMjc3MzE4NDY5NjgvYW1zLzAvNzIyLzQvOTk5LzMyMi8yMTcuMTE0LjIxOC4wLzAuMDAwLzE2NTMyNjA0NDAvMTY1MzI3MzA0MC8xMy8xMDI2NC8/9jH69GgpHZqroHeNZMeKANns9PI&nodeid=1606&group=cdg&auctionid=1679145127731846968&shardkey=1679145127731846968&sid=4562312&cid=6622395&bp=a_bahafd&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.133.220&type=imp&client=c2s
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.330.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
x-mm-bid-request-time
1653260440
Last-Modified
Sun, 22 May 2022 23:00:40 GMT
Server
MMBD/3.330.0
x-mm-latency
12 (0)
Content-Type
image/gif
x-mm-dbg
Invalid
Cache-Control
no-cache
x-mm-host
zrh-router-x85, cdg-bidder-x134
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 22 May 2022 23:00:40 GMT
img
pixel.mathtag.com/event/ Frame 7D32 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=1679145127731846968&v3=651871&v4=4562312&v5=6622395&mt_nsync=1&no_attr=1
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4409 ba5503e master cdg-pixel-x28 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Server
MT3 4409 ba5503e master cdg-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:40 GMT
img
tags.mathtag.com/event/ Frame 7D32 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=1679145127731846968&st=4562312&time=[IMP_ATTR.time]&nodeid=1606
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.330.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Server
MMBD/3.330.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x41, cdg-bidder-x134
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 22 May 2022 23:00:40 GMT
request.php
hal900019.redintelligence.net/ Frame 164D
Redirect Chain
  • https://hal900019.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=50138d10ad&subid=&uid=2f0eb7f0d812db9f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900019.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=50138d10ad&subid=&uid=2f0eb7f0d812db9f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=50138d10ad&subid=&uid=2f0eb7f0d812db9f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2832066629117460572%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dempfpdc%26e%3D1695597276133&ancestorOrigins=https%3A%2F%2Fmediawoot.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=4580371458881&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=empfpdc&e=1695597276133
Protocol
HTTP/1.1
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
43f66f847881022ce1da456b672c67fa43707805cd9ee82275d57769ed209b47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
34328800004871200951425011968019
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1044
Expires
Mon, 23 May 2022 00:00:41 +0200

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=50138d10ad&subid=&uid=2f0eb7f0d812db9f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2832066629117460572%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dempfpdc%26e%3D1695597276133&ancestorOrigins=https%3A%2F%2Fmediawoot.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=4580371458881&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 23 May 2022 00:00:41 +0200
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D147 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 20:35:50 GMT
expires
Mon, 22 May 2023 20:35:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CCAB 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e54898b676dc9a776aee142b43797c43c4ae293c087956d81fe7b0a1f91fb56f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ODkq0DFrwSh0iKp5klTMgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ODkq0DFrwSh0iKp5klTMgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:41 GMT
expires
Sun, 22 May 2022 23:00:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 0DAF 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=50241503;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=8410774315688070797_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=1tf6k0Ya10YUVb8qcr5eTRpRm-OKKJAlCzhuOEFJ32jxoPKqTrTuPFNA2bM6BGhBz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYs0QDieQ5c1tzjZnCmAeodcwcmrnF5tsDEkseoNKdIb1mMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPUGP12Pw95Qog2;rtbtest=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:23:06 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 96A4 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52103798;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=2312141840971833396_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=0zR12OOaQZf_J8Nee3Ik0K-gFKZ0Tjio6amDyZHvHcD6yDEcFSNB_J1TY3zzkuNtz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYsjA--o6CMZNzjZnCmAeodcwcmrnF5tsDFG8eGMMwMrlmMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPXWaUjPx3SqVw2;rtbtest=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:23:06 GMT
/
t.cotsta.ru/v4/track/tag/ Frame 48F6 		2 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.cotsta.ru/v4/track/tag/?v=1&time__offset=1136&event=rendered_adapter&ex_pl_id=/21830442390,22434891267/korrespondent.net_amx_/300x250_bs&pl_id=364
Requested by
Host: 0.code.cotsta.ru
URL: https://0.code.cotsta.ru/dist/a.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.79.119.168.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 22 May 2022 23:00:41 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame F294 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52800928;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=5070465613227081452_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=FpT2qF0gKLPLXoyrXBP72S_JN09doPHqY6qzdRVL539STeovYnE_cH_8UXzC0AAwz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYsjA--o6CMZNzjZnCmAeodcwcmrnF5tsDMZG9T1HHliqmMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPXWaUjPx3SqVw2;rtbtest=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:23:06 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame D807 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52908647;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=4831897657419069401_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=hFCP7GIZRCYWqmc1wuuLAzywT2R6NdZP3hemrI7_crtPBv_L_tb_VgbkatejBLlA-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSNTxen2v6cf08TvLgxAJSYgVZhku1euOvoW8zpnzZzcbkjcLyrxkJyt6KHLXtwwDKw2;rtbtest=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:23:06 GMT
generate_204
tpc.googlesyndication.com/ Frame 08C9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?vNTwAw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame EC4A 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=325563722503802841_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=hH51GcFAzLIO8c1TnLtm2fsKUHjc1OTeT8hU9abO35SvgOFx2uLuSNHYlT431gDp-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VeC858dszKAbrLNhql8glOlRvcyWI0NpSPNR4TyrQSEC8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6Jl6KHLXtwwDKw2;rtbtest=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:23:06 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame FF4F 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=970827348278350710_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=xJPJ65CjQK2hntcIVp8woKybOZVOcTkHai-QNH7s8k_bRpt1qEp1Lva0tmHAVTjd-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSEOYWYBiRsWq8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6Jl6KHLXtwwDKw2;rtbtest=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:23:06 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame B6EF 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53798892;rtbwp=DCe16rakHdak7bjlv4Y6aqzboUFQG3yp0;rtbdata=Y7sXdZWOOc-SZzBRolec2jxTlY1O88kcmAnyxTClxFomIZqcOhstEucxbCA7OgRLda-I3BHPP9akryRNchtxOXXaLhHzI1R2ifKZH_SWpVqYZp9WoUoFd1eoa1-_OqvrvutYU2WCa6qWTZUixlZj0Uc-ZScvAHo57Tx_eBmAAqtDBOM6P-o_lsxoE1N8aXg0rFHhyneVWwtxQf2krl4cAbm7L69djybIQpjCK6gFV2mf3fPBhreLfo7Y95vPe-pVQMVaBBQ2U1ZkntMMy_4-8H2t40oB5mkaoNHZIWHVGd84Igey9WwBFyUNIY2VHzzurssE6qd2KEHgn60k2ZW6RXt-_ptJpuEsm6hn5DAzcCjDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ByPSVDqy9kJ42u1ywTJ-2kOaUGlXgU4jSM7fAmJmbQJiCujdxAdVt5G4dWAZeGGw7-ItQUX26WQ__SssKVIGMXCfxKLy6P3hS44hk-JQDoJSBwCi7xoym68v7sqRbf6WFBsZUaY1qeCc5_HuFwf6Fiiv87ZEANsu_IHXwqFvT9hikVL53zwdcOMcxGLfZLB2dQxNLLOjbqzcC-5GEcl5xJlnrkJxW_LlxaMB7E3Is5U1;pui=CQ8Cld2Xq9xoWg-9V89lYt_ZLZF3pTI50DvA7aotEGYvZ7ZY04vbbM1WlqH_IbHs48zob5Vkq1q8jqTQ3yLCxQ2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:23:06 GMT
partner
sync.search.spotxchange.com/ Frame 9A1C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAqsA2xy_Otdc3VJ8l9jBgk&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAqsA2xy_Otdc3VJ8l9jBgk&google_cver=1&__user_check__=1&sync_id=00dc1565-da23-11ec-b1b2-1974e5cf0406
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAqsA2xy_Otdc3VJ8l9jBgk&google_cver=1&__user_check__=1&sync_id=00dc1565-da23-11ec-b1b2-1974e5cf0406
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNWxh-k_poW-xrfHGaJg6Crl_wfDvQUd39v-Sj9PfhWF5vfJzumNF7XNbJijCaD5TvcRz7T3CabTQ7gyS7TknMln8-zBdNc2Ot9d9Dv3j8ad76ciBWGRSsD7dNoYOWa31qk7zYo8VqfJ01w50VF6ayw4geEmxU6CRj88HJQ7EezxYZtXhIM
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
138
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sun, 22 May 2022 23:00:41 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEAqsA2xy_Otdc3VJ8l9jBgk&google_cver=1&__user_check__=1&sync_id=00dc1565-da23-11ec-b1b2-1974e5cf0406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
120
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 9A1C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDBkNDg5OGUtZGEyMy0xMWVjLTk5MTktMTBhMGNjYTgwMTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDBkNDg5OGUtZGEyMy0xMWVjLTk5MTktMTBhMGNjYTgwMTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNWxh-k_poW-xrfHGaJg6Crl_wfDvQUd39v-Sj9PfhWF5vfJzumNF7XNbJijCaD5TvcRz7T3CabTQ7gyS7TknMln8-zBdNc2Ot9d9Dv3j8ad76ciBWGRSsD7dNoYOWa31qk7zYo8VqfJ01w50VF6ayw4geEmxU6CRj88HJQ7EezxYZtXhIM
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 22 May 2022 23:00:41 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDBkNDg5OGUtZGEyMy0xMWVjLTk5MTktMTBhMGNjYTgwMTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
110
Connection
keep-alive
Content-Length
0
sync
pixel.advertising.com/ups/55946/ Frame 9A1C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEBxP5KMJRJuvTG-5YvuSYeI&_origin=1&google_cver=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEBxP5KMJRJuvTG-5YvuSYeI&_origin=1&google_cver=1&verify=true
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55946/sync?uid=CAESEBxP5KMJRJuvTG-5YvuSYeI&_origin=1&google_cver=1&verify=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNWxh-k_poW-xrfHGaJg6Crl_wfDvQUd39v-Sj9PfhWF5vfJzumNF7XNbJijCaD5TvcRz7T3CabTQ7gyS7TknMln8-zBdNc2Ot9d9Dv3j8ad76ciBWGRSsD7dNoYOWa31qk7zYo8VqfJ01w50VF6ayw4geEmxU6CRj88HJQ7EezxYZtXhIM
Protocol
H2
Server
52.57.149.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-149-120.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/55946/sync?uid=CAESEBxP5KMJRJuvTG-5YvuSYeI&_origin=1&google_cver=1&verify=true
date
Sun, 22 May 2022 23:00:41 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
pixel.advertising.com/ups/55946/ Frame 9A1C
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNWxh-k_poW-xrfHGaJg6Crl_wfDvQUd39v-Sj9PfhWF5vfJzumNF7XNbJijCaD5TvcRz7T3CabTQ7gyS7TknMln8-zBdNc2Ot9d9Dv3j8ad76ciBWGRSsD7dNoYOWa31qk7zYo8VqfJ01w50VF6ayw4geEmxU6CRj88HJQ7EezxYZtXhIM
Protocol
H2
Server
52.57.149.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-149-120.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
date
Sun, 22 May 2022 23:00:41 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 678E 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
Origin
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:47:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 07:47:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 678E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJr1Pf1gqR9jDS19AhhBTccApN4mRADy5oNtw7ni1MgHiAOFzeX74ZXLbj2v0d8l_tAiuhEXjMjPv_4CnllpHhxcCouHt8f9KZrxNi7ZErEgty0of8TEQ6FoIGFqTPmXtYCZl5zpHPnNBOafkPygjIJiPYAA&dbm_d=AKAmf-AcHIwlmR4dEpQZeALKdqCoL-_ALCNUvqaSaGWRuvO_RTOKa0sBOWeGuozuOf2i4CKLesA0dhvOYbewYU58omW18sawrfdeFaFv_cMiYPMnfHQ4nB8iSv33Ntkicl6-i5zIt9pcwakfuNRBluXaMoHD2dEJTfGHjxrzlM7J394zclcL1CBa0EMgoQVu6FyInNM0Dx-X-sabA5sbNZJ_4of_8gnxk93qpYBnOgvQ2FVhkA0qhKmolmipET89DwhT1mTPEqn8ZUtmk94wj1OD6EjD-OcKMxDD9V8ZVPOltuaZeA_bM6Bw-KLvNQDUjrDb6cXBX5SPAcJ9t1RX3TMTSPHWNm8hhQOljLYytor-NPH5qoXqtPcx419xeqISXf9_oVmpYKpxRhQEjan1Z5GJrCIeFss_Eq8IO-Em-UGqXfw64EclKRLU9AtpRoT4EdVgoN0_Eq2BeKZMHv8w-dq_ZZ1k_vPzGgqb3m0z4b9aqYbBcnu4OQKxiRPyk4iHUtU4W0OjckgLAelUJXj-cg4uJb96jmiOHYOU7LFke70Gwebn-5VOzm1o3VPNmII6eK16ECpvhOk3ENvfW-O41DEByVK6qI1rR7np_sd4O6buXEUCPkkb4TpNO-yp4T7rpNhkIf_rzsSOfFPKmYR6T6zpz1P7NcffMC-jVAqWbTcG5UqTeZ_M3sbLNtnsEWLpWszmzxDxyBLsljlJ8sljDq7OC3GI27PqAIuWGU3dwetVW5qXIKjexFFO-ykxdoClI1lcQFZvaeOhRm20o-JAfTtRqxbsofpMCxkLiCarRPrt3mbzNvJmtIcFuybDbQLiCOnZOGSDeH_ckjTopC0K80ZOiLpIYRAQnq6w1b-RvJstryiFu99Nx8Vv-hgakaD5lmRVsqyGwX7i95Wy3cRA60A4mjEysRxohui8jfu7t35NewVmDMb7Xf8PYoW1ztdD9N_0KenHbs_38HlU_N77cGsau20GioWRnNm6X5eOQNXhZSfVxDzoBmdpbEPmhl1fQ7JQ0imBY69aL4SbkUgnpZmlhy8nq3tmqFeDHFNO5nAJbJ8vY3nnnXgr12tjgHl9Fh4-tgLaQEgGMhCgp9cESTh2SKkuPP7IeSyPsc1A5VNG2-qtExOUdQZYsTysD7RqiM2JaVXZSG6a-5BqgO1rlnF33ApHXas3ooGAf-Zpfp9W4Jef79m8Wc8NdyO7fiiUMN-gwGRX7n8qusYz4P1LI8QEp_J84hOrp5hzd-h7NQlZ0J5Qv82ZUzK-AzuT2zamquMQ8xLkdblHzJReEEGFp14v0jU80IB7RqzG2LosUtfloPl0-iGRSiOo5zYlP1wUkTmZUgzUcqtljURJfCsMgNFSHxT4QRWiqtBHX47cIz5ijgecQNRLUsaD7aw0TLoXps1eOhiHT0rYEmKMxB_sEjK9qPqGIWuKrJLDjurSZiEVg6LG8S1GUyoOK92uW-EKGdCBXfnrgZgPusp-A_ETqnsHVXjyoJd-t8-quxCzHHL9YGlRZUdlk1rxIT-F2lssywDEMBhlU8INFTcJlsXg12vHzBYQO1dxjKijIiMswQn3IsLt-wGY0s6QFUvSixI4Tx7rmHzmdKjJEmE7lnNnd8w4tV_OvUlgWIwu_N7JnjzCtCdB68tKPujaWLj4ISXqB2vsr1gn3Nq856Go80f--oagNJBIwtK5ZIU4hpdI0omLvRDOYI96U0OLkzkTthbZsYtuWFLesswqtaLaBZ49jzQPBOPbr32b3SjRExJDVyRG_eSY3wZD19z5zOX6d-Vpdc32osmO2vBcQQ86YbHZ6Gq5NFErMS5BAbEmZiNx-NQv8Gl1r9NCb-kI74nMwlZuf4ROm0Eo8ah2uCZ022uxKf0tPQYCVyXxG3sWVcIlikET5zZonO3jHrJv9NdP2YfetFjRp9lwxW8G-J4PieISXcZfTdZUUfA53wUrfq2QaHyFDu2_0bwvRZAx3eHQV7x4jmvZ0MfSvCjJoGnSUvyzAAKG1-DJyIe-4u_WgBUODjEkczh7lFQrtliLX1z0DrLpifJQuPTyYPRWxh1_Ww1cavp1TQDcsp_x3uOkYmy_Kdek9eMjk-Qvie3Dehm5y6JM8dJskmrUcTnTO8bkU2mWxxUw1s4aOCX8IAXAgUhXeNoKtkBs8pYc0ud9w6z9JkXJC7I1ut81jNIB0OhqrcQjnwRj67Fx4f-KoQ7LRGwuN5MgQ6upagu8FwWrVfezDgUMwywxQRsgEIdAooWq_7npdCN0b0g2twlMkw8P_BzphmnmRKfDmEHjOqGgcypfImtFT5t6lJTyUdpXySIL5TdiNRBke6iBhqrnSnDXv7_xzFuSI8a504A3LnLPhVLRgku7m_4AMI-jeWepSjJPKwzYhFIj542jnk5bzw5JjnHs9n16fD1dBLbeDK4GZGpt5UYwo6zEFNM0cWO01_bs6kVz0cGXVV3L2Veh0Z7sHicGbpWnMoct5_dSn3pp92KIeLuTMx6TFnSFcx968qhI44w8mCfn1CO6Bn7a6X3BhoueHP_-wMILLVwpqAei8xB_iq4nYda8kmhYTIuWUwKFHpeWiz7UN0FjtJE__hxxRstvg3vT2glHsHafgYVQatkq_rYWMrvtu3r8iNf3WkRFdXemsdryhxfTuHKuoqrT3mm9TURRJG_14jsGOowitSmwX4mFtDG1P3lDiZzhL3uAAfuRNsYWsShu3EamCm4nNYTXQhnNh1otUc-AUJ1qlXw5y0ds6SWXLfRu-4qpOmdeR-SRxOA2snB0HSYmV0T3-7F9w1dtdkKuoBfxZnZvyJ3vuEYNrugmznEx_SM3oBvtfq525fum4v6J-PpKvuM6d0GrWeYlQ4c8l2H4N8zxtIAYW7XiTP_hK4BnQ7jEpLorDiFDPkLlJGAGgyfUkmhmM05X54MS8SRH55KXzrluMTRPdyuO_g1YeR43psIYju-GHb652al36j5BKQ21fvwpLtA0jTmSPtinF7AlXVlq3QKS05DESnb6HQ0-XmJTS-U7jSuUeOarwLm2jxzLnjAT2Rm-SqOeHHaRSksKV4OEoW_FwGXtlrwOdTMCkACki_7iS6W8Ct0pAFduu2yPN9fHqjPHxWadlz7NAAnO33gn81EOOxlnIEmGjB7slHszBGcRC_PWNwmlIu1mDHOyWcNCDegs__sMzMLTAF232d0NY2nZVQNsCjOccc43OaNf0GH96KnLWaVLOxe8O7o-PQa3555zPimr5-OLt1be-YRKBg-ribWIjZ-PV2_FHsSmO36MzNqZxRtHemiOIt-5qxMrKjgkYQmZ_aP-bL5LXbL6HhkHMw20VexJsHS_XS7cMZwQGlTsrgz-20vPKd-NasZxnpzGE0okFsWaVi49Jxkk-972Y1cQw-GEx_TkajpZnyAcegparhL80S_2A-U9PMNmmmznRcs-KD_5uYp_T2F3B67sJw_jqxajs-JSASizRMm7tzWhLmzd_gwI9M6kKKCvb56UTdGaipH6KbYaIUE&cid=CAASJeRo2UrnuKFYb_B3u-MaQ-ATplxUc0tGR5Qu6VgOtHmDUIXiZKM&rfl=5%2Chttps%253A%252F%252Fua.korrespondent.net%242%2C%2C%2C%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:57:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 678E 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJr1Pf1gqR9jDS19AhhBTccApN4mRADy5oNtw7ni1MgHiAOFzeX74ZXLbj2v0d8l_tAiuhEXjMjPv_4CnllpHhxcCouHt8f9KZrxNi7ZErEgty0of8TEQ6FoIGFqTPmXtYCZl5zpHPnNBOafkPygjIJiPYAA&dbm_d=AKAmf-AcHIwlmR4dEpQZeALKdqCoL-_ALCNUvqaSaGWRuvO_RTOKa0sBOWeGuozuOf2i4CKLesA0dhvOYbewYU58omW18sawrfdeFaFv_cMiYPMnfHQ4nB8iSv33Ntkicl6-i5zIt9pcwakfuNRBluXaMoHD2dEJTfGHjxrzlM7J394zclcL1CBa0EMgoQVu6FyInNM0Dx-X-sabA5sbNZJ_4of_8gnxk93qpYBnOgvQ2FVhkA0qhKmolmipET89DwhT1mTPEqn8ZUtmk94wj1OD6EjD-OcKMxDD9V8ZVPOltuaZeA_bM6Bw-KLvNQDUjrDb6cXBX5SPAcJ9t1RX3TMTSPHWNm8hhQOljLYytor-NPH5qoXqtPcx419xeqISXf9_oVmpYKpxRhQEjan1Z5GJrCIeFss_Eq8IO-Em-UGqXfw64EclKRLU9AtpRoT4EdVgoN0_Eq2BeKZMHv8w-dq_ZZ1k_vPzGgqb3m0z4b9aqYbBcnu4OQKxiRPyk4iHUtU4W0OjckgLAelUJXj-cg4uJb96jmiOHYOU7LFke70Gwebn-5VOzm1o3VPNmII6eK16ECpvhOk3ENvfW-O41DEByVK6qI1rR7np_sd4O6buXEUCPkkb4TpNO-yp4T7rpNhkIf_rzsSOfFPKmYR6T6zpz1P7NcffMC-jVAqWbTcG5UqTeZ_M3sbLNtnsEWLpWszmzxDxyBLsljlJ8sljDq7OC3GI27PqAIuWGU3dwetVW5qXIKjexFFO-ykxdoClI1lcQFZvaeOhRm20o-JAfTtRqxbsofpMCxkLiCarRPrt3mbzNvJmtIcFuybDbQLiCOnZOGSDeH_ckjTopC0K80ZOiLpIYRAQnq6w1b-RvJstryiFu99Nx8Vv-hgakaD5lmRVsqyGwX7i95Wy3cRA60A4mjEysRxohui8jfu7t35NewVmDMb7Xf8PYoW1ztdD9N_0KenHbs_38HlU_N77cGsau20GioWRnNm6X5eOQNXhZSfVxDzoBmdpbEPmhl1fQ7JQ0imBY69aL4SbkUgnpZmlhy8nq3tmqFeDHFNO5nAJbJ8vY3nnnXgr12tjgHl9Fh4-tgLaQEgGMhCgp9cESTh2SKkuPP7IeSyPsc1A5VNG2-qtExOUdQZYsTysD7RqiM2JaVXZSG6a-5BqgO1rlnF33ApHXas3ooGAf-Zpfp9W4Jef79m8Wc8NdyO7fiiUMN-gwGRX7n8qusYz4P1LI8QEp_J84hOrp5hzd-h7NQlZ0J5Qv82ZUzK-AzuT2zamquMQ8xLkdblHzJReEEGFp14v0jU80IB7RqzG2LosUtfloPl0-iGRSiOo5zYlP1wUkTmZUgzUcqtljURJfCsMgNFSHxT4QRWiqtBHX47cIz5ijgecQNRLUsaD7aw0TLoXps1eOhiHT0rYEmKMxB_sEjK9qPqGIWuKrJLDjurSZiEVg6LG8S1GUyoOK92uW-EKGdCBXfnrgZgPusp-A_ETqnsHVXjyoJd-t8-quxCzHHL9YGlRZUdlk1rxIT-F2lssywDEMBhlU8INFTcJlsXg12vHzBYQO1dxjKijIiMswQn3IsLt-wGY0s6QFUvSixI4Tx7rmHzmdKjJEmE7lnNnd8w4tV_OvUlgWIwu_N7JnjzCtCdB68tKPujaWLj4ISXqB2vsr1gn3Nq856Go80f--oagNJBIwtK5ZIU4hpdI0omLvRDOYI96U0OLkzkTthbZsYtuWFLesswqtaLaBZ49jzQPBOPbr32b3SjRExJDVyRG_eSY3wZD19z5zOX6d-Vpdc32osmO2vBcQQ86YbHZ6Gq5NFErMS5BAbEmZiNx-NQv8Gl1r9NCb-kI74nMwlZuf4ROm0Eo8ah2uCZ022uxKf0tPQYCVyXxG3sWVcIlikET5zZonO3jHrJv9NdP2YfetFjRp9lwxW8G-J4PieISXcZfTdZUUfA53wUrfq2QaHyFDu2_0bwvRZAx3eHQV7x4jmvZ0MfSvCjJoGnSUvyzAAKG1-DJyIe-4u_WgBUODjEkczh7lFQrtliLX1z0DrLpifJQuPTyYPRWxh1_Ww1cavp1TQDcsp_x3uOkYmy_Kdek9eMjk-Qvie3Dehm5y6JM8dJskmrUcTnTO8bkU2mWxxUw1s4aOCX8IAXAgUhXeNoKtkBs8pYc0ud9w6z9JkXJC7I1ut81jNIB0OhqrcQjnwRj67Fx4f-KoQ7LRGwuN5MgQ6upagu8FwWrVfezDgUMwywxQRsgEIdAooWq_7npdCN0b0g2twlMkw8P_BzphmnmRKfDmEHjOqGgcypfImtFT5t6lJTyUdpXySIL5TdiNRBke6iBhqrnSnDXv7_xzFuSI8a504A3LnLPhVLRgku7m_4AMI-jeWepSjJPKwzYhFIj542jnk5bzw5JjnHs9n16fD1dBLbeDK4GZGpt5UYwo6zEFNM0cWO01_bs6kVz0cGXVV3L2Veh0Z7sHicGbpWnMoct5_dSn3pp92KIeLuTMx6TFnSFcx968qhI44w8mCfn1CO6Bn7a6X3BhoueHP_-wMILLVwpqAei8xB_iq4nYda8kmhYTIuWUwKFHpeWiz7UN0FjtJE__hxxRstvg3vT2glHsHafgYVQatkq_rYWMrvtu3r8iNf3WkRFdXemsdryhxfTuHKuoqrT3mm9TURRJG_14jsGOowitSmwX4mFtDG1P3lDiZzhL3uAAfuRNsYWsShu3EamCm4nNYTXQhnNh1otUc-AUJ1qlXw5y0ds6SWXLfRu-4qpOmdeR-SRxOA2snB0HSYmV0T3-7F9w1dtdkKuoBfxZnZvyJ3vuEYNrugmznEx_SM3oBvtfq525fum4v6J-PpKvuM6d0GrWeYlQ4c8l2H4N8zxtIAYW7XiTP_hK4BnQ7jEpLorDiFDPkLlJGAGgyfUkmhmM05X54MS8SRH55KXzrluMTRPdyuO_g1YeR43psIYju-GHb652al36j5BKQ21fvwpLtA0jTmSPtinF7AlXVlq3QKS05DESnb6HQ0-XmJTS-U7jSuUeOarwLm2jxzLnjAT2Rm-SqOeHHaRSksKV4OEoW_FwGXtlrwOdTMCkACki_7iS6W8Ct0pAFduu2yPN9fHqjPHxWadlz7NAAnO33gn81EOOxlnIEmGjB7slHszBGcRC_PWNwmlIu1mDHOyWcNCDegs__sMzMLTAF232d0NY2nZVQNsCjOccc43OaNf0GH96KnLWaVLOxe8O7o-PQa3555zPimr5-OLt1be-YRKBg-ribWIjZ-PV2_FHsSmO36MzNqZxRtHemiOIt-5qxMrKjgkYQmZ_aP-bL5LXbL6HhkHMw20VexJsHS_XS7cMZwQGlTsrgz-20vPKd-NasZxnpzGE0okFsWaVi49Jxkk-972Y1cQw-GEx_TkajpZnyAcegparhL80S_2A-U9PMNmmmznRcs-KD_5uYp_T2F3B67sJw_jqxajs-JSASizRMm7tzWhLmzd_gwI9M6kKKCvb56UTdGaipH6KbYaIUE&cid=CAASJeRo2UrnuKFYb_B3u-MaQ-ATplxUc0tGR5Qu6VgOtHmDUIXiZKM&rfl=5%2Chttps%253A%252F%252Fua.korrespondent.net%242%2C%2C%2C%2Chttps%253A%252F%252Fua.korrespondent.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
375
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10463
x-xss-protection
0
server
cafe
etag
17671883673189222985
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:54:26 GMT
sid
mug.criteo.com/ Frame 7ACD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=korrespondent.net&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&cw=1&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=2yN8yXxuamRoWDNETW1sQlpEbVo5ZHV0Z1l4ZnBVeEdCbUk0RCs1VVhYeksrWVV2U0REcnI1MVJzMzk5TEFYMTNDWEtTT3pzVXFMR2Z5elZyang2SytDOURWSC9LOUx1QlJaaUtZNUltUzd2NHhlNDNjSXR3QWZTazJwZV...
455 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=2yN8yXxuamRoWDNETW1sQlpEbVo5ZHV0Z1l4ZnBVeEdCbUk0RCs1VVhYeksrWVV2U0REcnI1MVJzMzk5TEFYMTNDWEtTT3pzVXFMR2Z5elZyang2SytDOURWSC9LOUx1QlJaaUtZNUltUzd2NHhlNDNjSXR3QWZTazJwZVc3cXVyc3JMdnROYU9MRm1teEs3d042YVVzWnFOZ3E2YmR1bXZ2NGlKOVJ0MDhHcFlzT2hQcGVmVXNSekQ0eWJOZnpqMTZLaWxkQlkvKzFDRnhKZWJZWXdFcFR5YWVmLy8vb1BSb0M1cmNEbzlNcUowNlozaVptdnRENVUxL2FQR0h1b3UxeFlpMjBsWlBGQlVFOWdCWkdtREJOR0laU08xcjd5Ui92OER0TytId3N1QjRiVT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
8cf1e95bbb37fd7bf619b2eef79e9cc55b5e9f5baf25fe8da785e07e121232aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5487
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=2yN8yXxuamRoWDNETW1sQlpEbVo5ZHV0Z1l4ZnBVeEdCbUk0RCs1VVhYeksrWVV2U0REcnI1MVJzMzk5TEFYMTNDWEtTT3pzVXFMR2Z5elZyang2SytDOURWSC9LOUx1QlJaaUtZNUltUzd2NHhlNDNjSXR3QWZTazJwZVc3cXVyc3JMdnROYU9MRm1teEs3d042YVVzWnFOZ3E2YmR1bXZ2NGlKOVJ0MDhHcFlzT2hQcGVmVXNSekQ0eWJOZnpqMTZLaWxkQlkvKzFDRnhKZWJZWXdFcFR5YWVmLy8vb1BSb0M1cmNEbzlNcUowNlozaVptdnRENVUxL2FQR0h1b3UxeFlpMjBsWlBGQlVFOWdCWkdtREJOR0laU08xcjd5Ui92OER0TytId3N1QjRiVT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1574
content-length
567
expires
0
/
track.adform.net/adfserve/ Frame 8390 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=8976528965895423848_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=8mSC5h_-q6zXde5AyVazm75WrmxVILjF8CcVZ_bPoSyRqElUk-zI6z3MIOAm_xzU-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VTYpHDtss2kxrLNhql8glOlRvcyWI0NpSCRj8gMOF0Ub8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6JnvBeZLG4PiSw2;rtbtest=0;js=1;adfxid=1x;121;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fua.korrespondent.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
57c88df4f3d5f20e1fe5cd105ffaebb95a68da0dfb3ee51f7b120deab1bc4cb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2358
expires
-1
dvbs_src.js
cdn.doubleverify.com/ Frame 7412 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2610198&plc=53798891&sid=1358733&dvregion=0&unit=300x250&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2610198&auorder=4244531&aucrtv=52157246&auadid=1358733&c6=1438767&c8=2474&auplc=8783048&turl=korrespondent.net&c1=VF-DE+Performance&c2=DE_22_AO_P_M_G_M_A_F-213-tvx-gtv-PER&c3=PD_F-213-tvx-gtv-PRE&c4=gigatv_standalone_cablebox_220214_600x500&c5=Real+Time+Bidding&c7=Real+Time+Bidding+(Media)&c9=&c10=Adform_PO_AL_DMP_SBN_CM_CPA-OMP-LAL-Fixnet-Conversions
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
731e952d643cd71b3699e9d9b45320f20318c9a8439c059aa296e45b79d5380f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 May 2022 10:06:54 GMT
Server
Microsoft-IIS/10.0
ETag
"28f771ae9e5fd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1163
/
track.adform.net/adfserve/ Frame 79F0 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=916712572602806661_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=UMxmvGLgj6L5bFyAx23umkxi6BaOqD4Qtvw71dQmB-ih0qBgofQYP1Ymjq0_-_jk-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSCfRMDvNYDAs8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6JnvBeZLG4PiSw2;rtbtest=0;js=1;adfxid=3x;6289;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fua.korrespondent.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6b543f980c4fe6efb6cdf36e4e739fff61d7b1516f2d9c362aa262b443e8e1fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2353
expires
-1
/
track.adform.net/adfserve/ Frame 0DAF 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=50241503;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=8410774315688070797_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=1tf6k0Ya10YUVb8qcr5eTRpRm-OKKJAlCzhuOEFJ32jxoPKqTrTuPFNA2bM6BGhBz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYs0QDieQ5c1tzjZnCmAeodcwcmrnF5tsDEkseoNKdIb1mMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPUGP12Pw95Qog2;rtbtest=0;js=1;adfxid=4x;9915;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fua.korrespondent.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2d07a29bf4c1ac73a9d1761030fd55b7efedd45d6c946b2a5d8a5a2a19d7b1c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2370
expires
-1
request.php
hal90008.redintelligence.net/ Frame 7D32 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=95ba3b82f8&subid=&uid=3f8776e93d4ee286&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1679145127731846968%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dwodvzxysfv%26e%3D1695597276133&ancestorOrigins=https%3A%2F%2Fmediawoot.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=3512701635127&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ad39d1ab0e3f04a56a37b75af426370dff4bd09a1d59f73d3a965563682e4ff5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
39170100004831600951425011968008
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
840
Expires
Mon, 23 May 2022 00:00:41 +0200
/
track.adform.net/adfserve/ Frame 96A4 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=52103798;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=2312141840971833396_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=0zR12OOaQZf_J8Nee3Ik0K-gFKZ0Tjio6amDyZHvHcD6yDEcFSNB_J1TY3zzkuNtz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYsjA--o6CMZNzjZnCmAeodcwcmrnF5tsDFG8eGMMwMrlmMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPXWaUjPx3SqVw2;rtbtest=0;js=1;adfxid=5x;6867;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fua.korrespondent.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2d61b65eb279fb91cbdd4d69fbb83171076de2be07d18be7917b5f50b3aff89b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2367
expires
-1
/
track.adform.net/adfserve/ Frame F294 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=52800928;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=5070465613227081452_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=FpT2qF0gKLPLXoyrXBP72S_JN09doPHqY6qzdRVL539STeovYnE_cH_8UXzC0AAwz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYsjA--o6CMZNzjZnCmAeodcwcmrnF5tsDMZG9T1HHliqmMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPXWaUjPx3SqVw2;rtbtest=0;js=1;adfxid=6x;10086;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fua.korrespondent.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0df31b44fe44c32d9c1bafbccda241f0f415b6341f7754778627f949f838a298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2368
expires
-1
dcmads.js
www.googletagservices.com/dcm/ Frame A9FF 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: trc.audiencemanager.de
URL: https://trc.audiencemanager.de/ad/?pl=6247113c3104805709594f35&cb=58990947&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjQ0MzY%3D%2Fbn%3D92914%2Fclickenc%3D&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&liiftaucid=4601927983503357598
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8066520d4f9a10b94ecaab59ccd265803acf8a1c1d1de3769ab889e95a77dd4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9377
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:39:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 22 May 2022 23:53:12 GMT
impression
anz.audiencemanager.de/log/ad/ Frame A9FF 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://anz.audiencemanager.de/log/ad/impression?id=6247113c3104805709594f3e&adId=4202b5628ac09944cf9962886811464947111&alg=r&rp=r&hb=0&hbp=&hbReqId=&pubid=&pid=&nid=&subId=&sqReqId=&atId=&curl=aHR0cHM6Ly9tZWRpYXdvb3QuY29tLw&ntuId=4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5&cb=1653266201
Requested by
Host: trc.audiencemanager.de
URL: https://trc.audiencemanager.de/ad/?pl=6247113c3104805709594f35&cb=58990947&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjQ0MzY%3D%2Fbn%3D92914%2Fclickenc%3D&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&liiftaucid=4601927983503357598
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.123.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-123-145.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
access-control-allow-origin
*
x-powered-by
PHP/7.2.9
requestid
4202b5628ac0997a8dd5173949940516156984
status
200 OK
p3p
CP="NID DSP ALL COR"
hostname
10-0-13-77
responsetime
11
content-type
image/gif
content-length
43
impression
liift-trc.audiencemanager.de/ Frame A9FF 		43 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liift-trc.audiencemanager.de/impression?dataRequestId=4601927983503357598&campaignId=62470fd6a7413d09dc4e7070&tagId=21644363&w=300&h=250&cb=1653268320
Requested by
Host: trc.audiencemanager.de
URL: https://trc.audiencemanager.de/ad/?pl=6247113c3104805709594f35&cb=58990947&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjQ0MzY%3D%2Fbn%3D92914%2Fclickenc%3D&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&liiftaucid=4601927983503357598
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.150.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-150-224.eu-west-1.compute.amazonaws.com
Software
swoole-http-server /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
cache-control
no-cache
server
swoole-http-server
content-encoding
gzip
content-length
57
content-type
image/gif
dcmads.js
www.googletagservices.com/dcm/ Frame 6E16 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: trc.audiencemanager.de
URL: https://trc.audiencemanager.de/ad/?pl=6247113c3104805709594f35&cb=1121703254&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3D&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&liiftaucid=4304040353409451151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8066520d4f9a10b94ecaab59ccd265803acf8a1c1d1de3769ab889e95a77dd4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9377
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:39:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 22 May 2022 23:53:12 GMT
impression
anz.audiencemanager.de/log/ad/ Frame 6E16 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://anz.audiencemanager.de/log/ad/impression?id=6247113c3104805709594f3e&adId=8277a2628ac09945eab0197016083925630084&alg=r&rp=r&hb=0&hbp=&hbReqId=&pubid=&pid=&nid=&subId=&sqReqId=&atId=&curl=aHR0cHM6Ly9tZWRpYXdvb3QuY29tLw&cb=1653267183
Requested by
Host: trc.audiencemanager.de
URL: https://trc.audiencemanager.de/ad/?pl=6247113c3104805709594f35&cb=1121703254&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3D&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&liiftaucid=4304040353409451151
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.123.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-123-145.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
access-control-allow-origin
*
x-powered-by
PHP/7.2.9
requestid
8277a2628ac0997a6977422382521777638518
status
200 OK
p3p
CP="NID DSP ALL COR"
hostname
10-0-13-149
responsetime
10
content-type
image/gif
content-length
43
impression
liift-trc.audiencemanager.de/ Frame 6E16 		43 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liift-trc.audiencemanager.de/impression?dataRequestId=4304040353409451151&campaignId=62470fd6a7413d09dc4e7070&tagId=21644363&w=300&h=250&cb=1653268160
Requested by
Host: trc.audiencemanager.de
URL: https://trc.audiencemanager.de/ad/?pl=6247113c3104805709594f35&cb=1121703254&tc=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3D&liiftcamid=62470fd6a7413d09dc4e7070&liifttagid=21644363&liiftaucid=4304040353409451151
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.150.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-150-224.eu-west-1.compute.amazonaws.com
Software
swoole-http-server /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
cache-control
no-cache
server
swoole-http-server
content-encoding
gzip
content-length
57
content-type
image/gif
/
track.adform.net/adfserve/ Frame D807 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=52908647;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=4831897657419069401_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=hFCP7GIZRCYWqmc1wuuLAzywT2R6NdZP3hemrI7_crtPBv_L_tb_VgbkatejBLlA-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSNTxen2v6cf08TvLgxAJSYgVZhku1euOvoW8zpnzZzcbkjcLyrxkJyt6KHLXtwwDKw2;rtbtest=0;js=1;adfxid=7x;7255;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fua.korrespondent.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c296545a04e21444147fd04c88f6c3e9e50c767d6b11af2c5b9f22188e1c225f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2356
expires
-1
/
track.adform.net/adfserve/ Frame EC4A 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=325563722503802841_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=hH51GcFAzLIO8c1TnLtm2fsKUHjc1OTeT8hU9abO35SvgOFx2uLuSNHYlT431gDp-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VeC858dszKAbrLNhql8glOlRvcyWI0NpSPNR4TyrQSEC8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6Jl6KHLXtwwDKw2;rtbtest=0;js=1;adfxid=8x;10988;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fua.korrespondent.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
46d9b819d4b7597b29db285f3ca5b466d7a9d4bbb49f4bc19f2d4aa3fbf723a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2351
expires
-1
/
track.adform.net/adfserve/ Frame FF4F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=53521594;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0;rtbr=970827348278350710_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fua.korrespondent.net%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=xJPJ65CjQK2hntcIVp8woKybOZVOcTkHai-QNH7s8k_bRpt1qEp1Lva0tmHAVTjd-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSEOYWYBiRsWq8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6Jl6KHLXtwwDKw2;rtbtest=0;js=1;adfxid=9x;5369;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fua.korrespondent.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f3f65af6dede63aa23075d7349f48a3ba1de24575bde9b4494757d136c35fa24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2351
expires
-1
dvbs_src.js
cdn.doubleverify.com/ Frame B6EF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2610198&plc=53798892&sid=1358733&dvregion=0&unit=300x250&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2610198&auorder=4244531&aucrtv=52157246&auadid=1358733&c6=1438767&c8=2474&auplc=8783049&turl=korrespondent.net&c1=VF-DE+Performance&c2=DE_22_AO_P_M_G_M_A_F-213-tvx-gtv-PER&c3=PD_F-213-tvx-gtv-PRE&c4=gigatv_standalone_cablebox_220214_600x500&c5=Real+Time+Bidding&c7=Real+Time+Bidding+(Media)&c9=&c10=Adform_PO_AL_NONE_SBN_CM_CPA-OMP
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
731e952d643cd71b3699e9d9b45320f20318c9a8439c059aa296e45b79d5380f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 May 2022 10:06:54 GMT
Server
Microsoft-IIS/10.0
ETag
"28f771ae9e5fd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1163
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1DF6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zgcuqeays&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66835
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:41 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 816152
X-Served-By
cache-lga21957-LGA, cache-hhn4082-HHN
X-Timer
S1653260442.590583,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 8390 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QL2BvBMdgMAAAMA1gAFAQiYgauUBhDojs7BjrHCyXwYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPQiAzEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF45tYFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQv8gIsCgdFTkNfQ1BNEiFRZzh3enpyT0paZTJJZExfdEFvVENzSEdYMFBOSHRacTDyAogCCgxFTkNfUlRCX0RBVEES9wE4bVNDNWhfLXE2elhkZTVBeVZhem03NVdybXhWSUxqRjhDY1ZaX2JQb1N5UnFFbFVrLXpJNnozTUlPQW1feHpVLXFTaERJTUVTZnpXSTl5YjNGUVVmTzE1SDRFWkxsZXZKNjVmNC1QTTN0Zm5WNGRQM01hT3VqT2QxQU9uUlJfMi1lYVhuU2ZDY3lobzJzemlzRmZfVlRZcEhEdHNzMmt4ckxOaHFsOGdsT2xSdmN5V0kwTnBTQ1JqOGdNT0YwVWI4VHZMZ3hBSlNZZ1ZaaGt1MWV1T3ZvVzh6cG56WnpjYklnNlJLUUlVNkpudkJlWkxHNFBpU3cy8gIGCgRBRElE8gILCglDT09LSUVfSUSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAX2-tbj7aO6qwfABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAfm1gXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8fcAYoIAhAA&s=e7f21a4473726e11bc66b46103506ce6e0778134&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dzgcuqeays%26e%3D1695597276133,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dzgcuqeays%26e%3D1695597276133&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zgcuqeays&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c984f60c-77c5-433b-acdf-e1d6a66ab34e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame AFA7 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7e7c9a58c561d93f29fab3943724cefdd1bb12a6183e2b449a56236f8cc783b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
249607
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1568
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 01:40:34 GMT
expires
Sat, 20 May 2023 01:40:34 GMT
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 678E 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVpuCV-Lds_51AuK5uMVRXOntM_likYTglMaR9D_hJS-MIf2ysGBPw7tCbAbeI9LtIh3NbmfP2lf5vgHiR6xuQn0J54e0VtRZMR02n-4rMpJyXYiJQJRwpAXYt--s3yXzox7_QbW4f-kOaXhaSgsvlCN6ilDWDeUlYmxHqVC2ua4zOP6USx51bOaf3fefkaepqAjE4gSgSDMx5-lU0qCsqjC57-yDOWGUqxAHChpy0PNDH4GlUL0iA4rqijZeJJ1SvFrXewbwBCWBuEq6qK7iQJg-DcBOioijnA9rHomO1hQff_e6-em1C-R3Hn3oJCOrZNoyuFzW6mGkX88CrZthzR_CwAuC0-MhRscdTbWd0iE0edfCG6WWt8auhPCOcRXvHBDb8THZCAc7JplyY3RoL2_aLJtRuE3vAK6OA6DkuVPNPHHjtPDDiUNsx3YD-1TOju9ecwdFnt6y3Jmuzl_DBbc1EBjUhhXkSN-VxwAd-6jUdVs6xRRbWipXwmiB7cjXE0nRYalMHfG9AIrRZfvRlNd7sfA1oxnZUNnjMiJz_CZs4tRkLH_3Ce9LPf4ggul3THgJih8m03GF3LX4TQu1pZXwydTj52ILvA1Su5qitdZSKHUZb1fssFSNZ0d-fnwm6YikuHRek6qNlY45JPB3lE22I4stBkrbaHJLSa1RglLED6sPPrV0dhyIARkA8YO_Ygaxsu3pn7n019a7AhViZ_Xpfe1JpgWffxP4wxlfx3S3L89caTH5ioItX5hyMcjsLtkLaI9T7iiUrtUUWUS7b-3j6xWvttuMboKQ7ZDPdVWSYzhu6a2JTgkBW9Kr27moszxem41kqDk2d_sYDHZh86Xkg5ht8R1xgZBlCADUfx03sTH32yMog25Fpqff9qXX77YUwQs_HLkVWXjNxJ-kHdRYDzkKmYQEk5RaRbJJ_IYjbO_ItvYACDeTdLPw8w7oCnff_n4v8G5GO_qgnn_42CP5Eqr91IGP4ELTz0tyxynXQZocIKyaFyt3Ube4IvZfZX57PG30rVQI-JqtkOhJfg0bS6ezAqgPp2K6YEjt4tJYQc1ymt6kRkmkAbE_YSgAfD0ETjv1GywrZpZrFNdWwiaagUtTvT8jrg573cIfWSY79wR5C-JWuqQcy9sTvQsCQdSjFz2cjyn3S7IyYnX9375IhpMSquMuMuOSLpqYhnHXoIGiV9_04BkQfsSfVbZHns2dIT0sVsi9Bjgh02pFrdk7x7NWru8vMYj17iocBBBCgCRnTlGmJ_BIdXgHbU5lLCL7l7H9WlDXe7CXxquCUUAOAmMkRnCHINbvGAh1405lJkIrY7uO9pGmlEY-4oH6Z-qXJ4A7ulMBE_-dV7gDD5vrJVih-iFI16Obudwyq&sai=AMfl-YRj6s04nkc9dBfCnoPiCkXsKYWyCXjHeWCLQLWfk6p2VqYj49gpCl_I1Mx0Q4RW-4AtRiHa594W2D62CIAvjLP1z7z2Omahyo9hjeUB4TVjaLO4E8decirhKi8ZUy2KPBI7NCq49tyCwva7UmdIqBJMwlFOu-9YI24zYQME9SNEs7vJUAK0N3oTBi_Cn4KfyXu4S3s6alawJ3C_lZOPbO4x&sig=Cg0ArKJSzHle8kb9pAmjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=155&cbvp=1&cstd=152&cisv=r20220518.22084&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 22 May 2022 23:00:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
px.gif
d.adtriba.com/ Frame 678E
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
URL: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
HTTP/1.1
Server
3.125.240.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-240-25.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Sun, 22 May 2022 23:00:41 GMT
Last-Modified
Sun, 22 May 2022 23:00:41 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame B49C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=khdqvb&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66835
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:41 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 812784
X-Served-By
cache-lga21957-LGA, cache-hhn4028-HHN
X-Timer
S1653260442.616718,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 79F0 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QL2BvBMdgMAAAMA1gAFAQiYgauUBhCF4_-Ypae03AwYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPQiAzEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF42tkFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQv8gIsCgdFTkNfQ1BNEiFRZzh3enpyT0paZTJJZExfdEFvVENzSEdYMFBOSHRacTDyAogCCgxFTkNfUlRCX0RBVEES9wFVTXhtdkdMZ2o2TDViRnlBeDIzdW1reGk2QmFPcUQ0UXR2dzcxZFFtQi1paDBxQmdvZlFZUDFZbWpxMF8tX2prLXFTaERJTUVTZnpXSTl5YjNGUVVmTzE1SDRFWkxsZXZKNjVmNC1QTTN0Zm5WNGRQM01hT3VqT2QxQU9uUlJfMi1lYVhuU2ZDY3lobzJzemlzRmZfVmRBdXJYeXl1cFEtckxOaHFsOGdsT2xSdmN5V0kwTnBTQ2ZSTUR2TllEQXM4VHZMZ3hBSlNZZ1ZaaGt1MWV1T3ZvVzh6cG56WnpjYklnNlJLUUlVNkpudkJlWkxHNFBpU3cy8gIGCgRBRElE8gILCglDT09LSUVfSUSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAXZi_KIoL_itw_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAfa2QXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8fcAYoIAhAA&s=889a2db6f731719df7ab713fc03a64340a7984ed&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dkhdqvb%26e%3D1695597276133,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dkhdqvb%26e%3D1695597276133&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=khdqvb&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dd8e30b2-dc11-4e9d-8cd7-7c504b4a2ee5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CCAB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051801&jk=3061212359890436&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3791 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=kanrzrd&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66835
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:41 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 816153
X-Served-By
cache-lga21957-LGA, cache-hhn4082-HHN
X-Timer
S1653260442.617678,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 0DAF 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QL2BvBMdgMAAAMA1gAFAQiYgauUBhCNncTk2NXE3HQYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPQiAzEAAACgmZmpPzDLiKkKOJhQQPYISFtQyLi4lwFYk8KLAWAAaLTYsAF45u0FgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTisvK2hjUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQv8gIsCgdFTkNfQ1BNEiFRZzh3enpyT0paZTJJZExfdEFvVENzSEdYMFBOSHRacTDyAogCCgxFTkNfUlRCX0RBVEES9wExdGY2azBZYTEwWVVWYjhxY3I1ZVRScFJtLU9LS0pBbEN6aHVPRUZKMzJqeG9QS3FUclR1UEZOQTJiTTZCR2hCejBBMGFaa2QxcWhJejlhREs0aXFxWFR6MnFHS3YxVDlzT3gtZHZkM3ItVHRQSDk0R1lBQ3EwTUU0em9fNmotV3pHZ1RVM3hwZURSRkNsRzhucHZ2WXMwUURpZVE1YzF0empabkNtQWVvZGN3Y21ybkY1dHNERWtzZW9OS2RJYjFtTUJ1OUNqT2hZcUFkYTBrcmhrUXJDWWZLZHBXaVd4OS1lNUtUSlFlU1BVR1AxMlB3OTVRb2cy8gIGCgRBRElE8gILCglDT09LSUVfSUSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMi4uJcBiAUBmAUAoAW83qLn1aWH9BDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWh4Ej6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAfm7QXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8fcAYoIAhAA&s=96727fce6336ec5ec1bcdeee494bdfb2e9f8b7e8&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dkanrzrd%26e%3D1695597276133,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dkanrzrd%26e%3D1695597276133&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=kanrzrd&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f9cd4633-393c-471b-8ad7-5603e560ac6c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 8390 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:36:28 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 79F0 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:36:28 GMT
impl_v88.js
www.googletagservices.com/dcm/ Frame A9FF 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v88.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b225a72c3c0f0ce054225cf8748508f69d7315568bb5aacb38491e006a4372d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 07:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21405
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 May 2023 07:53:12 GMT
impl_v88.js
www.googletagservices.com/dcm/ Frame 6E16 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v88.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b225a72c3c0f0ce054225cf8748508f69d7315568bb5aacb38491e006a4372d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 07:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21405
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 May 2023 07:53:12 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 0DAF 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:36:28 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame D8C0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=wtwiidh&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66835
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:41 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 844537
X-Served-By
cache-lga21957-LGA, cache-hhn4078-HHN
X-Timer
S1653260442.617810,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 96A4 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QL2BvBMdgMAAAMA1gAFAQiYgauUBhC0wMbrkJiYiyAYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPQiAzEAAACgmZmpPzDLiKkKOJhQQPYISFtQobv9nQFYk8KLAWAAaLTYsAF4xNcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDUGFVN0JnUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQv8gIsCgdFTkNfQ1BNEiFRZzh3enpyT0paZTJJZExfdEFvVENzSEdYMFBOSHRacTDyAogCCgxFTkNfUlRCX0RBVEES9wEwelIxMk9PYVFaZl9KOE5lZTNJazBLLWdGS1owVGppbzZhbUR5Wkh2SGNENnlERWNGU05CX0oxVFkzenprdU50ejBBMGFaa2QxcWhJejlhREs0aXFxWFR6MnFHS3YxVDlzT3gtZHZkM3ItVHRQSDk0R1lBQ3EwTUU0em9fNmotV3pHZ1RVM3hwZURSRkNsRzhucHZ2WXNqQS0tbzZDTVpOempabkNtQWVvZGN3Y21ybkY1dHNERkc4ZUdNTXdNcmxtTUJ1OUNqT2hZcUFkYTBrcmhrUXJDWWZLZHBXaVd4OS1lNUtUSlFlU1BYV2FValB4M1NxVncy8gIGCgRBRElE8gILCglDT09LSUVfSUSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKG7_Z0BiAUBmAUAoAW3ivPmu97SjmbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXlmh36BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAfE1wXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8fcAYoIAhAA&s=9b21a25491d1ec13cf63648e52d35bd710f7f7ef&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dwtwiidh%26e%3D1695597276133,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dwtwiidh%26e%3D1695597276133&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=wtwiidh&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cc3d1032-a597-4987-b4eb-213fcc295687
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 96A4 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:36:28 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9F41 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yqhxsdeyj&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66834
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:41 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 814388
X-Served-By
cache-lga21957-LGA, cache-hhn4081-HHN
X-Timer
S1653260442.634840,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame F294 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QL2BvBMdgMAAAMA1gAFAQiYgauUBhDs_e7RxbP6rkYYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPQiAzEAAACgmZmpPzDLiKkKOJhQQPYISFtQ_MXkogFYk8KLAWAAaLTYsAF49tcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDS0RibGhrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQv8gIsCgdFTkNfQ1BNEiFRZzh3enpyT0paZTJJZExfdEFvVENzSEdYMFBOSHRacTDyAogCCgxFTkNfUlRCX0RBVEES9wFGcFQycUYwZ0tMUExYb3lyWEJQNzJTX0pOMDlkb1BIcVk2cXpkUlZMNTM5U1Rlb3ZZbkVfY0hfOFVYekMwQUF3ejBBMGFaa2QxcWhJejlhREs0aXFxWFR6MnFHS3YxVDlzT3gtZHZkM3ItVHRQSDk0R1lBQ3EwTUU0em9fNmotV3pHZ1RVM3hwZURSRkNsRzhucHZ2WXNqQS0tbzZDTVpOempabkNtQWVvZGN3Y21ybkY1dHNETVpHOVQxSEhsaXFtTUJ1OUNqT2hZcUFkYTBrcmhrUXJDWWZLZHBXaVd4OS1lNUtUSlFlU1BYV2FValB4M1NxVncy8gIGCgRBRElE8gILCglDT09LSUVfSUSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBPzF5KIBiAUBmAUAoAXU2JiJhZXG9DDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXw6Ev6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAf21wXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8fcAYoIAhAA&s=62e79eee800b1aeee8e3035da51e75f5f149a719&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dyqhxsdeyj%26e%3D1695597276133,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dyqhxsdeyj%26e%3D1695597276133&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yqhxsdeyj&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
90229656-7dbd-4a58-9e28-bb84cee71362
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 678E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
URL: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206546
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 May 2023 13:38:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 81D5 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
URL: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61617
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 05:53:44 GMT
etag
48472445140208031
expires
Mon, 23 May 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame F294 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:36:28 GMT
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame D147 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
54359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 07:54:42 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 51D8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yjnfmne&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66835
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:41 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 844538
X-Served-By
cache-lga21957-LGA, cache-hhn4078-HHN
X-Timer
S1653260442.651144,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame D807 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QL2BvBMdgMAAAMA1gAFAQiYgauUBhDZ74WsmqqWh0MYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPQiAzEAAACgmZmpPzDLiKkKOJhQQPYISFtQgZbmogFYk8KLAWAAaLTYsAF4_9YFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDT2VrblJrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQv8gIsCgdFTkNfQ1BNEiFRZzh3enpyT0paZTJJZExfdEFvVENzSEdYMFBOSHRacTDyAogCCgxFTkNfUlRCX0RBVEES9wFoRkNQN0dJWlJDWVdxbWMxd3V1TEF6eXdUMlI2TmRaUDNoZW1ySTdfY3J0UEJ2X0xfdGJfVmdia2F0ZWpCTGxBLXFTaERJTUVTZnpXSTl5YjNGUVVmTzE1SDRFWkxsZXZKNjVmNC1QTTN0Zm5WNGRQM01hT3VqT2QxQU9uUlJfMi1lYVhuU2ZDY3lobzJzemlzRmZfVmRBdXJYeXl1cFEtckxOaHFsOGdsT2xSdmN5V0kwTnBTTlR4ZW4ydjZjZjA4VHZMZ3hBSlNZZ1ZaaGt1MWV1T3ZvVzh6cG56WnpjYmtqY0x5cnhrSnl0NktITFh0d3dES3cy8gIGCgRBRElE8gILCglDT09LSUVfSUSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIGW5qIBiAUBmAUAoAWK8-7X6NTKiwzABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXlmh36BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAf_1gXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8fcAYoIAhAA&s=5ddc70169a2370bf48cb8e6816581bc661c84c02&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dyjnfmne%26e%3D1695597276133,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dyjnfmne%26e%3D1695597276133&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yjnfmne&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2a319680-dd98-4130-bc3b-6038717a8edf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2B6F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zzotyyen&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66835
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:41 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 812785
X-Served-By
cache-lga21957-LGA, cache-hhn4028-HHN
X-Timer
S1653260442.651559,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame EC4A 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QL2BvBMdgMAAAMA1gAFAQiYgauUBhDZn9_8sM-owgQYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPQiAzEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF4q9YFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQv8gIsCgdFTkNfQ1BNEiFRZzh3enpyT0paZTJJZExfdEFvVENzSEdYMFBOSHRacTDyAogCCgxFTkNfUlRCX0RBVEES9wFoSDUxR2NGQXpMSU84YzFUbkx0bTJmc0tVSGpjMU9UZVQ4aFU5YWJPMzVTdmdPRngydUx1U05IWWxUNDMxZ0RwLXFTaERJTUVTZnpXSTl5YjNGUVVmTzE1SDRFWkxsZXZKNjVmNC1QTTN0Zm5WNGRQM01hT3VqT2QxQU9uUlJfMi1lYVhuU2ZDY3lobzJzemlzRmZfVmVDODU4ZHN6S0FickxOaHFsOGdsT2xSdmN5V0kwTnBTUE5SNFR5clFTRUM4VHZMZ3hBSlNZZ1ZaaGt1MWV1T3ZvVzh6cG56WnpjYklnNlJLUUlVNkpsNktITFh0d3dES3cy8gIGCgRBRElE8gILCglDT09LSUVfSUSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAWsxq654KC48zHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAer1gXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8fcAYoIAhAA&s=8b5bc71cb191a62b746d75d4126a1a62fe79c0a8&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dzzotyyen%26e%3D1695597276133,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dzzotyyen%26e%3D1695597276133&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=zzotyyen&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d9c6085a-665e-4374-8981-3424d4f7acfa
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame EC4A 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:36:28 GMT
dvbs_src_internal102.js
cdn.doubleverify.com/ Frame 7412 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal102.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2610198&plc=53798891&sid=1358733&dvregion=0&unit=300x250&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2610198&auorder=4244531&aucrtv=52157246&auadid=1358733&c6=1438767&c8=2474&auplc=8783048&turl=korrespondent.net&c1=VF-DE+Performance&c2=DE_22_AO_P_M_G_M_A_F-213-tvx-gtv-PER&c3=PD_F-213-tvx-gtv-PRE&c4=gigatv_standalone_cablebox_220214_600x500&c5=Real+Time+Bidding&c7=Real+Time+Bidding+(Media)&c9=&c10=Adform_PO_AL_DMP_SBN_CM_CPA-OMP-LAL-Fixnet-Conversions
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3f428ebe6a721f39f9c0377b8045edea6f072fdccc2128391870419168558630

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Mar 2022 09:23:34 GMT
Server
Microsoft-IIS/10.0
ETag
"06fa3a94e43d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18094
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4D27 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=jzdbcrjgo&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66834
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:41 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 814389
X-Served-By
cache-lga21957-LGA, cache-hhn4081-HHN
X-Timer
S1653260442.666483,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame FF4F 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QL2BvBMdgMAAAMA1gAFAQiYgauUBhD2pvaCxsrEvA0YrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPQiAzEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF4q9kFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQv8gIsCgdFTkNfQ1BNEiFRZzh3enpyT0paZTJJZExfdEFvVENzSEdYMFBOSHRacTDyAogCCgxFTkNfUlRCX0RBVEES9wF4SlBKNjVDalFLMmhudGNJVnA4d29LeWJPWlZPY1RrSGFpLVFOSDdzOGtfYlJwdDFxRXAxTHZhMHRtSEFWVGpkLXFTaERJTUVTZnpXSTl5YjNGUVVmTzE1SDRFWkxsZXZKNjVmNC1QTTN0Zm5WNGRQM01hT3VqT2QxQU9uUlJfMi1lYVhuU2ZDY3lobzJzemlzRmZfVmRBdXJYeXl1cFEtckxOaHFsOGdsT2xSdmN5V0kwTnBTRU9ZV1lCaVJzV3E4VHZMZ3hBSlNZZ1ZaaGt1MWV1T3ZvVzh6cG56WnpjYklnNlJLUUlVNkpsNktITFh0d3dES3cy8gIGCgRBRElE8gILCglDT09LSUVfSUSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAWRz7ORv6DimEXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAer2QXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8fcAYoIAhAA&s=079984e74d7dae2f1fb297f1b3c6721c6e1f3a1a&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Djzdbcrjgo%26e%3D1695597276133,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Djzdbcrjgo%26e%3D1695597276133&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=jzdbcrjgo&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8b2ad11d-1398-41bc-8c89-5d31fd35e3e9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 678E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf3212c54195d8bea9c51560845d6c77cea19a3049b98f36bbe836e4b6ee0c74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame FF4F 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:36:28 GMT
vevent
fra1-ib.adnxs.com/ Frame 8390 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhDojs7BjrHCyXwYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF45tYFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU4OTc2NTI4OTY1ODk1NDIzODQ4XzEqBDUwNjk6CDUzNTIxNTk0wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATat5OkAYgFAZgFAKAF9vrW4-2juqsHwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFv8xD-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH5tYF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=45624132ad5c020e653f71f618cf5aaf450c68ab&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c19747b2-65d2-448f-92f6-7e5b44dc74c5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
e99aace94e6e5873830a7df8deda4aa6
pv.medialead.de/trck/epv/ Frame A044 		73 B
454 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=34328800004871200951425011968019&t=htlp
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=50138d10ad&subid=&uid=2f0eb7f0d812db9f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2832066629117460572%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dempfpdc%26e%3D1695597276133&ancestorOrigins=https%3A%2F%2Fmediawoot.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=4580371458881&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
980fcf363a7373fcfd8ea3e545448bfeef574a964cd63de3241ccc92ba6e5143
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
73
Content-Type
text/plain; charset=utf-8
Date
Sun, 22 May 2022 23:00:41 GMT
Keep-Alive
timeout=20
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
D972DA13:8CC2_91EFC182:01BB_628AC099_1014B092:2080E
link.html
track.webgains.com/ Frame 164D 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3432245&wgcampaignid=99582&viewref=34328800004871200951425011968019&js=1&nw=1
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-35-87.servers.dedipower.net
Software
Apache /
Resource Hash
606da6e37be82a351581d7dccb480c0769632a86f73d1dcfdaaffc11a38c610b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
Last-Modified
Sun, 22 May 2022 23:00:41 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1249
Expires
Mon, 26 Jul 1997 05:00:00 GMT
request_content.php
hal900019.redintelligence.net/ Frame CC98 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/request_content.php?s=34328800004871200951425011968019&a=ef4e2eeb
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=j7ljeqx6jfhz&nw=20&renderingType=javascript&namespace=50138d10ad&subid=&uid=2f0eb7f0d812db9f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2832066629117460572%26mt_id%3D6622395%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dempfpdc%26e%3D1695597276133&ancestorOrigins=https%3A%2F%2Fmediawoot.com%2Chttps%3A%2F%2Fua.korrespondent.net&random=4580371458881&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
a64a4a3cb7828602e22cfc0893b89259b4799ef012fea7db60a4de1b58291803

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2086
Content-Type
text/html; charset=utf-8
Date
Sun, 22 May 2022 23:00:41 GMT
Expires
Mon, 23 May 2022 00:00:41 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 164D 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=34328800004871200951425011968019&pv=1
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=empfpdc&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
e99aace94e6e5873830a7df8deda4aa6
pv.medialead.de/trck/eview/ Frame 164D 		73 B
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=34328800004871200951425011968019
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=empfpdc&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
980fcf363a7373fcfd8ea3e545448bfeef574a964cd63de3241ccc92ba6e5143
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Server
nginx/1.17.5
X-IPLB-Request-ID
D972DA13:8CC0_91EFC182:01BB_628AC099_1019DFA4:14CEB
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
text/plain; charset=utf-8
Keep-Alive
timeout=20
Content-Length
73
async_usersync.html
acdn.adnxs.com/dmp/ Frame 79AD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=empfpdc&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66834
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:41 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 814390
X-Served-By
cache-lga21957-LGA, cache-hhn4081-HHN
X-Timer
S1653260442.753008,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 164D 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QL-EfBM_ggAAAMA1gAFAQiYgauUBhDl0Iyv6reprkMYrvStjd38oPoRKjYJ203wTdNnuz8R_x6yBPZxtj8ZAAAAYI_C5T8h_x6yBPZxtj8p200JJPSCAjEAAACgmZmpPzDLiKkKOJhQQB1ICFCW2qiGAViTwosBYABotNiwAXjA2wSAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC_yAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJdEhMyODMyMDY2NjI5MTE3NDYwNTcy8gLNAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SrgFodHRwczovL3BpeGVsLm1hdGh0YWcuY29tL2NsaWNrL2ltZz9leGNoX2FpZD0yOTkwMDY1MzQzNzEyMzA1MTUyJm10X2FpZD0yODMyMDY2NjI5MTE3NDYwNTcyJm10X2lkPTY2MjIzOTUmbXRfYWRpZD0yMTY1MzYmbXRfc2lkPTQ1NjIzMTImbXRfZXhpZD0xMyZtdF9pbmFwcD0wJm10X29zPSZyZWRpcmVjdD3yAhcKE1tCSURfQVRUUi5nZHByX3N0cl0SAPICGQoUW0JJRF9BVFRSLmdkcHJfZmxhZ10SATDyAh4KFFtBRF9BVFRSLmFkdmVydGlzZXJdEgYyMTY1MzbyAh0KEltBRF9BVFRSLmNyZWF0aXZlXRIHNjYyMjM5NfICKAoRW0JJRF9BVFRSLmJpZF9pZF0SEzI4MzIwNjY2MjkxMTc0NjA1NzLyAqQKChJbTk9USUZJQ0FUSU9OX1VSSV0SjQo8aW1nIHNyYz1odHRwczovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ktdCQ9YXBuJnNfZXhjCQvwRmlkPTVhVzk1cTJqTHpJekx5QXZUWHBOZUZwVVVURlBWMGwwVG0xT2ExbHBNRE5hUkVrMFRGUkJkMDFFUVhSTlJFRjNUVVJCCRAEZE4BEPDJTHpJNE16SXdOalkyTWpreE1UYzBOakExTnpJdk5qWXlNak01TlM4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVSGRCV0d0UFJEaFBaM0pIVUc5WVZYQkVlVEJVVGxVdk1TOHhNeTh3THpBdk9UVTJPREF6THpNMk5EZ3hPREk0TURNdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMAHkCGRNVhEgAEUFEAXkAFQV9Axjdk1DCXwJCGb8APCaWVcxekx6QXZOekl5THpRdk9UazVMek15TWk4eU1UY3VNVEUwTGpJeE9DNHdMekF1TURBd0x6RTJOVE15TmpBME5EQXZNVFkxTXpJM016QTBNQzh4TXk4eE1ESTJOQzgvam9KdXlFLXJaOW1SRWZWeWZRTDdYaDRHclY0Jm5vZGVpZD0xNjA2Jmdyb3VwPWNkZyZhdWN0aW9uaWRSawMcc2hhcmRrZXlWHQBIaWQ9NDU2MjMxMiZjaWQ9NjYyMmGS9F4BYnA9YV9iYWhhZmQmbWluX2JpZF93aW49JHtBVUNUSU9OX01JTl9UT19XSU59Jm5meV9hY3Q9TEQ1d2V3JmJmaXA9MTg1LjI5LjEzMi42NyZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0PScxJyBzdHlsZT0nZGlzcGxheTpub25lOyBvdmVyZmxvdzpoaWRkZW4nPlx4M0NpbWcgc3R5bGU9J2xlZnQ6LTEwcHg7dG9wOi0xMHB4OyBwb3NpdGlvbjphYnNvbHV0ZScgc3JjPSdodHRwczovL3BpeGVsLm1hdGh0YWcuY29tL2V2ZW50L2ltZz9tdF9pZD0xMzY4ODc1Jm10X2FkaWQ9MjE2NzY0JnYxPTEzJnYyPTI4MzIwNjY2MjkxMTc0NjA1NzImdjM9NjUxODcxJnY0NXQEdjU1c1htdF9uc3luYz0xJm5vX2F0dHI9MScgd04MAQAvVugACDlweAnnAQkIIHBvduYAEHRhZ3MuLmMEGeUlrihtbUltcFRyYWNrJpVnAGKh6gw4MzIwNk0GCCZzdBXSOHRpbWU9W0lNUF9BVFRSLgEPDF0mbm9VuHLTAPDJL2Rpdj6AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBJbaqIYBiAUBmAUAoAWAwLbZ6JK2vynABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWL60v6BQQIABAAkAYAmAYAuAYAwQYAAAElLPA_0Ab5qwHaBhYKEAEQLgEAiBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwgAASNEIAAwADi9BkAAyAfA2wTSBw0JEUUBHgjaBwYJJ0TgBwDqBwIIAPAHx9wBiggCEAA.&s=1d39c1957a93591686606e16736b0a06ee4689ff&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dempfpdc%26e%3D1695597276133,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dempfpdc%26e%3D1695597276133&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=empfpdc&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5511201f-af19-4ec5-8444-8d0ed6cb853d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dvbs_src_internal102.js
cdn.doubleverify.com/ Frame B6EF 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal102.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2610198&plc=53798892&sid=1358733&dvregion=0&unit=300x250&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2610198&auorder=4244531&aucrtv=52157246&auadid=1358733&c6=1438767&c8=2474&auplc=8783049&turl=korrespondent.net&c1=VF-DE+Performance&c2=DE_22_AO_P_M_G_M_A_F-213-tvx-gtv-PER&c3=PD_F-213-tvx-gtv-PRE&c4=gigatv_standalone_cablebox_220214_600x500&c5=Real+Time+Bidding&c7=Real+Time+Bidding+(Media)&c9=&c10=Adform_PO_AL_NONE_SBN_CM_CPA-OMP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3f428ebe6a721f39f9c0377b8045edea6f072fdccc2128391870419168558630

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Mar 2022 09:23:34 GMT
Server
Microsoft-IIS/10.0
ETag
"06fa3a94e43d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18094
styles.css
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame AFA7 		1 KB
520 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93dd9bdfb4786776e0be67aeb0f1bd07f2c8164d05c859888ea58aa5130afb2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 19:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
491
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 May 2023 19:44:21 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame AFA7 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 22 May 2022 23:00:41 GMT
main.js
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame AFA7 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 15:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28293
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2182
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 15:09:08 GMT
vevent
fra1-ib.adnxs.com/ Frame 79F0 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKBPBMSgIAAAMA1gAFAQiYgauUBhCF4_-Ypae03AwYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF42tkFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMmGhQ5MTY3MTI1NzI2MDI4MDY2NjFfMSoENTA2OToINTM1MjE1OTTAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAXZi_KIoL_itw_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAfa2QXSBw0JAAAAABE4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=4bc4cc3e1ffcaf7803b6c49f5685a0b0ef1eaf5e&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
16a41bc4-a7e4-44ad-9680-de81017f27b8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 0DAF 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhCNncTk2NXE3HQYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQyLi4lwFYk8KLAWAAaLTYsAF45u0FgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTisvK2hjUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU4NDEwNzc0MzE1Njg4MDcwNzk3XzEqBDUwNjk6CDUwMjQxNTAzwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATIuLiXAYgFAZgFAKAFvN6i59Wlh_QQwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFoeBI-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH5u0F0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=fae0f8cf938243888e726cbe36eb705eca9b0148&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dcebbe1c-7af6-4e37-92b5-52d6a6c26a32
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 96A4 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhC0wMbrkJiYiyAYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQobv9nQFYk8KLAWAAaLTYsAF4xNcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDUGFVN0JnUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhUyMzEyMTQxODQwOTcxODMzMzk2XzEqBDUwNjk6CDUyMTAzNzk4wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AShu_2dAYgFAZgFAKAFt4rz5rve0o5mwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF5Zod-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgHxNcF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=8fdf1a2ee5a36deb7f665b77a835cdd0aeba32c0&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
87c07df5-0a17-49de-a17c-479813c66f6e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3258648039;ord=0kxvug;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_...
ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/ Frame 5FA0 		58 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3258648039;ord=0kxvug;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjQ0MzY%3D%2Fbn%3D92914%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4601927983503357598%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268320%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D4202b5628ac09944cf9962886811464947111%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D4202b5628ac09944cf9962886811464947111%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526ntuId%25253D4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5%252526cb%25253D1653268448%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=301;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v88.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
bbae0e4a3740782fde23546a7f6969c383e3dcf8ba55841dc6ecbcf808525bdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
27009
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2159 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yjutwti&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66835
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:41 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 814391
X-Served-By
cache-lga21957-LGA, cache-hhn4081-HHN
X-Timer
S1653260442.883435,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame A9FF 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKoDfDtqAYAAAMA1gAFAQiYgauUBhCe7ZaV56PV7j8YrvStjd38oPoRKjYJ3MUkpAUHzD8RvqKeH2v4wz8ZAAAAYI_C5T8hTL8Honz3yz8p5E7pYP2f0z8xAAAAoJmZqT8wy4ipCjiYUECnHEgCUPmOyqgBWJPCiwFgAGi02LABePLVBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgNTYzNDYwOSwgMTY1MzI2MDQ0MCk7dWYoJ2knLCA2NDMxMTc2LCAxNjUzMjYwNDQwKQUdLGcnLCAxNjA4MTExNgEKADUyHgAwcycsIDI3MjM2NzU5MkYfABRyJywgMzUBAgg4NjU2HwDwsJICsQQhQjI4XzN3aktxSjhZRVBtT3lxZ0JHQUFnazhLTEFUQUFPQUJBQUVpbkhGRExpS2tLV0FCZzdnTm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBZFpTMkxDbmw5SV93UUZ2UjhuWEJLRFRQOGtCQUFBQUFBQUE4RF9aQWFsTm5OenZVTzRfNEFISXc0Z0Q5UUVBQU1BX21BSUFvQUlCdFFJQQEzCHZRSQEH2EF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ1BXZGx5QVFDeGdDTFEBO_BDQzZBd2xHVWtFeE9qUTBNemJnQTdBdWdBU2RzNFlIaUFTZzBxd0lrQVFCbUFRQnNnUUtDSTNZb0E0UXBPU1JEY0VFQUEBSAEBCERKQgEHDQEYMkFRQThRUQ0OiEFBQUlnRjFDS1lCZWpfNzRFQnFRV3BUWnpjNzFEdVA3RUZBASQFAQhEQkIRNxRQZ195UVUBFhhnTk1ySVA5MigAAFoZKMBBXzRBWEk3d0h3QmR6QjFRZjRCYkgwMXdLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAVQAQQFgIHFBWUVzZ1lrQxF0DEFBQUUdDABHHQwASR0MOHVBWUuaApkBIWxCVnktUTo1AixKUENpd0VnQUNnQU0RNRBQZ19PZy5tAUhaQXNDNUpxVTJjM085UTdqOVJBFQEEQloVCwhBQmgdDABwHQwAeB0MDDRBSWs1gOA4RDgu2AIA4AKbhU7qAh1odHRwczovL3VhLmtvcnJlc3BvbmRlbnQubmV0L_ICEQoGQURWX0lEEgdtlTDyAhIKBkNQR19JRBIIcW8BFQgFQ1ABFAAJdWUQ8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOEBAKBUlPAWEgBzY0MzExNzbyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdnwsIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4xOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zNjIzI0ZSQTE6NDQzNtoEAggB4AQB8AT5jsqoAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAUMdAAA2AUB4AUB8AWGHvoFBAgAEACQBgCYBgC4BgDBBgkjKPA_0AaYDtoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAgYACABtTC9BkAAyAfy1QXSBw0JEToBOAjaBwYJJ0TgBwDqBwIIAPAHx9wBiggCEAA.&s=4d7e9a496034d228d62e1d721a43ab300b509c38&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dyjutwti%26e%3D1695597276133,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dyjutwti%26e%3D1695597276133&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yjutwti&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a4d5d51e-ceb4-4fa6-bec0-5799d48743c3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3458418712;ord=57b2ip;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_...
ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/ Frame F8C9 		58 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3458418712;ord=57b2ip;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4304040353409451151%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268160%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D8277a2628ac09945eab0197016083925630084%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D8277a2628ac09945eab0197016083925630084%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526cb%25253D1653266571%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=326;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v88.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
c1fc120123b6d7a9b02dc60e056b7b0a846a15b6a8829466fb4b02b9c3915c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
26901
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 97A9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=xmycovcd&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66835
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:41 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 844541
X-Served-By
cache-lga21957-LGA, cache-hhn4078-HHN
X-Timer
S1653260442.906537,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 6E16 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKoDfDtqAYAAAMA1gAFAQiYgauUBhCPiavf3LzB3TsYrvStjd38oPoRKjYJ3MUkpAUHzD8RvqKeH2v4wz8ZAAAAYI_C5T8hTL8Honz3yz8p5E7pYP2f0z8xAAAAoJmZqT8wy4ipCjiYUECnHEgCUPmOyqgBWJPCiwFgAGi02LABeOLXBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgNTYzNDYwOSwgMTY1MzI2MDQ0MCk7dWYoJ2knLCA2NDMxMTc2LCAxNjUzMjYwNDQwKQUdLGcnLCAxNjA4MTExNgEKADUyHgAwcycsIDI3MjM2NzU5MkYfABRyJywgMzUBAgg4NjU2HwDwsJICsQQhOTI1MjFRaktxSjhZRVBtT3lxZ0JHQUFnazhLTEFUQUFPQUJBQUVpbkhGRExpS2tLV0FCZzdnTm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBZFpTMkxDbmw5SV93UUZ2UjhuWEJLRFRQOGtCQUFBQUFBQUE4RF9aQWFsTm5OenZVTzRfNEFISXc0Z0Q5UUVBQU1BX21BSUFvQUlCdFFJQQEzCHZRSQEH2EF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ1BXZGx5QVFDeGdDTFEBO_BDQzZBd2xHVWtFeE9qVXpNRG5nQTdBdWdBU2RzNFlIaUFTZzBxd0lrQVFCbUFRQnNnUUtDSTNZb0E0UXBPU1JEY0VFQUEBSAEBCERKQgEHDQEYMkFRQThRUQ0OiEFBQUlnRnZTbVlCZWpfNzRFQnFRV3BUWnpjNzFEdVA3RUZBASQFAQhEQkIRNxRQZ195UVUBFhhnTk1ySVA5MigAAFoZKMBBXzRBWEk3d0h3QmR6QjFRZjRCYkgwMXdLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAVQAQQFgIHFBWUVzZ1lrQxF0DEFBQUUdDABHHQwASR0MNHVBWUuaApkBIWxCVnctPjUCLEpQQ2l3RWdBQ2dBTRE1EFBnX09nLm0BSGxBc0M1SnFVMmMzTzlRN2o5UkEVAQRCWhULCEFCaB0MAHAdDAB4HQwMNEFJazWA4DhEOC7YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQv8gIRCgZBRFZfSUQSB22VMPICEgoGQ1BHX0lEEghxbwEVCAVDUAEUAAl1ZRDyAg0KCAE-GEZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYSAHNjQzMTE3NvIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjM2MjMjRlJBMTo1MzA52gQCCAHgBAHwBPmOyqgBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx0AADYBQHgBQHwBYYe-gUECAAQAJAGAJgGALgGAMEGCSMo8D_QBpgO2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFICBgAIAG1ML0GQADIB-LXBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AfH3AGKCAIQAA..&s=486dcf4850c6165f48b6d47874d6b93556190827&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dxmycovcd%26e%3D1695597276133,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dxmycovcd%26e%3D1695597276133&
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=xmycovcd&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cb26893c-b68c-49da-af7a-5a61304a06cc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame F294 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhDs_e7RxbP6rkYYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ_MXkogFYk8KLAWAAaLTYsAF49tcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDS0RibGhrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU1MDcwNDY1NjEzMjI3MDgxNDUyXzEqBDUwNjk6CDUyODAwOTI4wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AT8xeSiAYgFAZgFAKAF1NiYiYWVxvQwwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF8OhL-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH9tcF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=2063612200567320aa104c9608ceb727c77107f2&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
933bb1c2-2a49-4302-8931-f8d26b10620b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame D807 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 24 May 2022 02:36:28 GMT
htlp.html
trck.fairnergy.org/trck/htlp/ Frame F171
Redirect Chain
  • https://trck.fairnergy.org/trck/epv/ccf3afbe25b4488c67616d97a1db96e9?subid=39170100004831600951425011968008&t=htlp
  • https://trck.fairnergy.org/trck/htlp/htlp.html?utm_source=affiliate&host=fairnergy.org&pvid=628ac09a10134340b0391383
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trck.fairnergy.org/trck/htlp/htlp.html?utm_source=affiliate&host=fairnergy.org&pvid=628ac09a10134340b0391383
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.212.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ip112.ip-51-83-212.eu
Software
nginx / PHP/7.2.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 23:00:42 GMT
server
nginx
vary
Accept-Encoding
x-https-header
1
x-powered-by
PHP/7.2.34

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Sun, 22 May 2022 23:00:42 GMT
location
https://trck.fairnergy.org/trck/htlp/htlp.html?utm_source=affiliate&host=fairnergy.org&pvid=628ac09a10134340b0391383
server
nginx
x-https-header
1
x-powered-by
PHP/7.2.34
request_content.php
hal90008.redintelligence.net/ Frame 87B5 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request_content.php?s=39170100004831600951425011968008&a=847191ee
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
93ff4f6021555a27a379cfc12d372666a7e1a9c23bcd97f4a90fb73ab7a92852

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2053
Content-Type
text/html; charset=utf-8
Date
Sun, 22 May 2022 23:00:42 GMT
Expires
Mon, 23 May 2022 00:00:42 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 7D32 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=39170100004831600951425011968008&pv=1
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=wodvzxysfv&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame 7D32 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=39170100004831600951425011968008&pv=1
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=wodvzxysfv&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1898 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=wodvzxysfv&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66835
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:41 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 844542
X-Served-By
cache-lga21957-LGA, cache-hhn4078-HHN
X-Timer
S1653260442.983273,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 7D32 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QL_EfBM_wgAAAMA1gAFAQiYgauUBhD3yuvLp-WQjWkYrvStjd38oPoRKjYJ203wTdNnuz8R_x6yBPZxtj8ZAAAAYI_C5T8h_x6yBPZxtj8p200JJPSCAjEAAACgmZmpPzDLiKkKOJhQQB1ICFCW2qiGAViTwosBYABotNiwAXis1wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC_yAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJdEhMxNjc5MTQ1MTI3NzMxODQ2OTY48gLNAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SrgFodHRwczovL3BpeGVsLm1hdGh0YWcuY29tL2NsaWNrL2ltZz9leGNoX2FpZD00MDU3NzYwNTE5ODEyMTgzNTY4Jm10X2FpZD0xNjc5MTQ1MTI3NzMxODQ2OTY4Jm10X2lkPTY2MjIzOTUmbXRfYWRpZD0yMTY1MzYmbXRfc2lkPTQ1NjIzMTImbXRfZXhpZD0xMyZtdF9pbmFwcD0wJm10X29zPSZyZWRpcmVjdD3yAhcKE1tCSURfQVRUUi5nZHByX3N0cl0SAPICGQoUW0JJRF9BVFRSLmdkcHJfZmxhZ10SATDyAh4KFFtBRF9BVFRSLmFkdmVydGlzZXJdEgYyMTY1MzbyAh0KEltBRF9BVFRSLmNyZWF0aXZlXRIHNjYyMjM5NfICKAoRW0JJRF9BVFRSLmJpZF9pZF0SEzE2NzkxNDUxMjc3MzE4NDY5NjjyAqUKChJbTk9USUZJQ0FUSU9OX1VSSV0Sjgo8aW1nIHNyYz1odHRwczovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ktdCQ9YXBuJnNfZXhjCQvwRmlkPTVhVzk1cTJqTHpJekx5QXZUWHBOZUZwVVVURlBWMGwwVG0xT2ExbHBNRE5hUkVrMFRGUkJkMDFFUVhSTlJFRjNUVVJCCRAEZE4BEPDJTHpFMk56a3hORFV4TWpjM016RTRORFk1Tmpndk5qWXlNak01TlM4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVQzFZZFcxZmJqRm5aRmh2UW01NVVHaEhVbEJtY1dzdk1TOHhNeTh3THpBdk9UVTJPREF6THpNMk5EZ3hPREk0TURNdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMAHkCGRNVhEgAEUFEAXkAFQV9Axjdk1DCXwJCGb8ANBZVzF6THpBdk56SXlMelF2T1RrNUx6TXlNaTh5TVRjdU1URTBMakl4T0M0d0x6QXVNREF3TAFQYFRNeU5qQTBOREF2TVRZMU16STNNekEwTUMF-PBDeE1ESTJOQzgvOWpINjlHZ3BIWnFyb0hlTlpNZUtBTm5zOVBJJm5vZGVpZD0xNjA2Jmdyb3VwPWNkZyZhdWN0aW9uaWRSawMcc2hhcmRrZXlWHQBhuzg1NjIzMTImY2lkPTY2MjJhkvD1YnA9YV9iYWhhZmQmbWluX2JpZF93aW49JHtBVUNUSU9OX01JTl9UT19XSU59Jm5meV9hY3Q9TEQ1d2V3JmJmaXA9MTg1LjI5LjEzMy4yMjAmdHlwZT1pbXAmY2xpZW50PWMycyB3aWR0aD0xIGhlaWdodD0xPlx4M0NkaXYgd2lkdGg9JzEnIGhlaWdodD0nMScgc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJz5ceDNDaW1nIHN0eWxlPSdsZWZ0Oi0xMHB4O3RvcDotMTBweDsgcG9zaXRpb246YWJzb2x1dGUnIHNyYz0nZvIEMGV2ZW50L2ltZz9tdF8hghQzNjg4NzWByAxhZGlkgbosNzY0JnYxPTEzJnYyUmwBMHYzPTY1MTg3MSZ2ND0xdQR2NTV0VG10X25zeW5jPTEmbm9fYXR0cj0xJyBSDAEELz4hK0LoAAQ5cA3nAQkEIHB65gAQdGFncy4uZAQZ5Tx0eXBlPW1tSW1wVHJhY2smlWgAYgH8DDY3OTE2TgYIJnN0FdI4dGltZT1bSU1QX0FUVFIuAQ8EXSZduXLTAPDJL2Rpdj6AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBJbaqIYBiAUBmAUAoAWQ7In4mfaDqDjABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWL60v6BQQIABAAkAYAmAYAuAYAwQYAAAElLPA_0Ab5qwHaBhYKEAEQLgEAXBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBkkjDLoHDwgFI0QgADAAOL0GQADIB6zXBdIHDQkRRQFBCNoHBgknROAHAOoHAggA8AfH3AGKCAIQAA..&s=95d140e86f81f2ef9fc1c6f8d95949f18fd8dd25&bdref=https%3A%2F%2Fua.korrespondent.net%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fua.korrespondent.net%2F,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dwodvzxysfv%26e%3D1695597276133,https%3A%2F%2Fmediawoot.com%2Fr%2Fp.html%3Ff%3Dwodvzxysfv%26e%3D1695597276133&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:41 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2ac4585e-7631-4136-b7fe-7b55b39ae11b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame D807 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhDZ74WsmqqWh0MYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQgZbmogFYk8KLAWAAaLTYsAF4_9YFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDT2VrblJrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU0ODMxODk3NjU3NDE5MDY5NDAxXzEqBDUwNjk6CDUyOTA4NjQ3wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASBluaiAYgFAZgFAKAFivPu1-jUyosMwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF5Zod-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH_9YF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=301319449a585f8d3c09e7642a85afa0170a3354&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1e257541-952b-44fd-acaa-d3810299dce4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
verify.js
rtb0.doubleverify.com/ Frame 7412 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_227419502489&jsTagObjCallback=__tagObject_callback_227419502489&num=6&ctx=11655933&cmp=2610198&plc=53798891&sid=1358733&advid=&adsrv=&unit=300x250&isdvvid=&uid=227419502489&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=101&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=2610198&aucrtv=52157246&auorder=4244531&auplc=8783048&auadid=1358733&aufilter1=165376&autt=1&c1=VF-DE+Performance&c2=DE_22_AO_P_M_G_M_A_F-213-tvx-gtv-PER&c3=PD_F-213-tvx-gtv-PRE&c4=gigatv_standalone_cablebox_220214_600x500&c5=Real+Time+Bidding&c6=1438767&c7=Real+Time+Bidding+(Media)&c8=2474&c10=Adform_PO_AL_DMP_SBN_CM_CPA-OMP-LAL-Fixnet-Conversions&turl=korrespondent.net&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&prr=1&m1=13&noc=4&fcifrms=30&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=150&eparams=DC4FC%3Dl9EEADTbpTauTauF2%5D%3C%40CC6DA%40%3F56%3FE%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauF2%5D%3C%40CC6DA%40%3F56%3FE%5D%3F6ETar9EEADTbpTauTau%3E65%3A2H%40%40E%5D4%40%3ETar9EEADTbpTauTau%3E65%3A2H%40%40E%5D4%40%3E&dvp_exetime=9.70&aubndl=&audeal=&c9=&callbackName=__verify_callback_227419502489
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
7ae6c3764845b284a3335661b87777ba1f46f44799773a61970d9ea52ca11b60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
1
Connection
keep-alive
Expires
05/21/2022 23:00:42
vevent
fra1-ib.adnxs.com/ Frame EC4A 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKBPBMSgIAAAMA1gAFAQiYgauUBhDZn9_8sM-owgQYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF4q9YFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMmGhQzMjU1NjM3MjI1MDM4MDI4NDFfMSoENTA2OToINTM1MjE1OTTAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAWsxq654KC48zHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAer1gXSBw0JAAAAABE4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=d5eee16880e8f0697bf53bfc9adc7be38c8bc2fe&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d1cbe4c2-6310-4cfd-b456-c74403300100
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame FF4F 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKBPBMSgIAAAMA1gAFAQiYgauUBhD2pvaCxsrEvA0YrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF4q9kFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMmGhQ5NzA4MjczNDgyNzgzNTA3MTBfMSoENTA2OToINTM1MjE1OTTAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAWRz7ORv6DimEXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAer2QXSBw0JAAAAABE4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=161cd5e57bb630c947f5e86b97f692b7a52bf071&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1a71e9c2-de18-45e1-b306-e08c3465fd70
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1DF6 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4a3a3d16-62d9-4970-b10c-59cfe33ba3e3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9E86 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
206546
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 13:38:16 GMT
expires
Sat, 20 May 2023 13:38:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame B49C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fe644bdf-dfae-45b7-b96e-d658873650bb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/csimpr/ Frame 79F0 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=53521594&csi=Jlx30_9ipGwAerUcDFkIYk6ZoXvyXGfN56ozhk9pkmAJDwKV3Zer3GhaD71Xz2ViI2ObETtjMxmK4ZuP0Z9ECGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
51855161.png
s1.adform.net/Banners/51855161/ Frame 79F0 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/51855161/51855161.png?bv=1
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=khdqvb&e=1695597276133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7d18b380fbfac58ad5d84b8c3a70d10dbc8ff394a65a00526cb8e6bb2565f9b4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:42 GMT
last-modified
Tue, 01 Mar 2022 09:43:24 GMT
server
nginx
etag
"621deabc-151ce"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
86478
51855161.png
s1.adform.net/Banners/51855161/ Frame 8390 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/51855161/51855161.png?bv=1
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7d18b380fbfac58ad5d84b8c3a70d10dbc8ff394a65a00526cb8e6bb2565f9b4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:42 GMT
last-modified
Tue, 01 Mar 2022 09:43:24 GMT
server
nginx
etag
"621deabc-151ce"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
86478
/
track.adform.net/csimpr/ Frame 8390 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=53521594&csi=bM9FFc1ZPW_cWu1JjsS2Nb8pIMRSn-HG56ozhk9pkmAJDwKV3Zer3GhaD71Xz2ViOgV5tXAaDpM3YZD5R6EYnmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/csimpr/ Frame 0DAF 		35 B
458 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=50241503&csi=Cq-FUFqy2ge0atYDp94EOYs67rKm226BV_Rq4FPP_w4JDwKV3Zer3GhaD71Xz2ViOUPfQteGf84hV8PnjrYB7mQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
48780236.png
s1.adform.net/Banners/48780236/ Frame 0DAF 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/48780236/48780236.png?bv=1
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=kanrzrd&e=1695597276133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b3ed9a0579545a5c7766ebf7b1d228499b234b0752b20187bc064a3f68334601
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:42 GMT
last-modified
Fri, 15 Oct 2021 07:40:31 GMT
server
nginx
etag
"6169306f-138e9"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
80105
async_usersync
ib.adnxs.com/ Frame 3791 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
425c8140-306a-4da6-b7db-647ba55252d2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D8C0 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ba3d5946-2774-4c98-8023-db53cf9cc8cb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
verify.js
rtb0.doubleverify.com/ Frame B6EF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_652282954209&jsTagObjCallback=__tagObject_callback_652282954209&num=6&ctx=11655933&cmp=2610198&plc=53798892&sid=1358733&advid=&adsrv=&unit=300x250&isdvvid=&uid=652282954209&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=101&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=2610198&aucrtv=52157246&auorder=4244531&auplc=8783049&auadid=1358733&aufilter1=165376&autt=1&c1=VF-DE+Performance&c2=DE_22_AO_P_M_G_M_A_F-213-tvx-gtv-PER&c3=PD_F-213-tvx-gtv-PRE&c4=gigatv_standalone_cablebox_220214_600x500&c5=Real+Time+Bidding&c6=1438767&c7=Real+Time+Bidding+(Media)&c8=2474&c10=Adform_PO_AL_NONE_SBN_CM_CPA-OMP&turl=korrespondent.net&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&prr=1&m1=13&noc=4&fcifrms=30&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=150&eparams=DC4FC%3Dl9EEADTbpTauTauF2%5D%3C%40CC6DA%40%3F56%3FE%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauF2%5D%3C%40CC6DA%40%3F56%3FE%5D%3F6ETar9EEADTbpTauTau%3E65%3A2H%40%40E%5D4%40%3ETar9EEADTbpTauTau%3E65%3A2H%40%40E%5D4%40%3E&dvp_exetime=5.20&aubndl=&audeal=&c9=&callbackName=__verify_callback_652282954209
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
a320e816e00916f545ad289f0e27c048f7fc6dba7431d3f6b2c703ce708752ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
1
Connection
keep-alive
Expires
05/21/2022 23:00:42
/
track.adform.net/csimpr/ Frame 96A4 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=52103798&csi=lkwEiV1sCFWnWwaGQ94fh4_bK-VIvpg0eyIP_k9OFjMJDwKV3Zer3GhaD71Xz2VivWixm2Eg2ygNkzVcDvAL-2QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
50510754.png
s1.adform.net/Banners/50510754/ Frame 96A4 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/50510754/50510754.png?bv=2
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=wtwiidh&e=1695597276133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7cc872adfa073d6cf71c6001714830d1666cce845f7d94496c36e09c3785827e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:42 GMT
last-modified
Wed, 22 Dec 2021 07:17:39 GMT
server
nginx
etag
"61c2d113-8179"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
33145
async_usersync
ib.adnxs.com/ Frame 9F41 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
beae5ea3-7c31-4ae4-87a6-e6f9161b3d0d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame CC98 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=34328800004871200951425011968019&a=ef4e2eeb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
918e1cfa104cf2ad2942fd66030698b8bd602ded209a4fd35552e210e59b5931
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 22 May 2022 21:54:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 22 May 2022 23:00:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 22 May 2022 23:00:42 GMT
/
hal9000.redintelligence.net/scale/ Frame CC98 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=34328800004871200951425011968019&a=ef4e2eeb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
cbfa1d998eaf460fb85b01dc2e653428a96fcff6e2752d6fb44aa25b4f477015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16857
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame CC98 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/TRG-star-wars-marvel-comics-panini-banner-1200x627.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=34328800004871200951425011968019&a=ef4e2eeb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9f83b477ea3eff023415247263f65d54e296bb2d283d2827b6e6de7fe447035a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15273
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame CC98 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=34328800004871200951425011968019&a=ef4e2eeb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f55eeda725daaa06df0c6cf60249ce3e0d23b7765d7421bbdbf349e5ed07e5d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16464
Vary
Accept-Encoding
Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame 2B6F 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
86ccf363-df48-4ef2-ad10-8a1857106408
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 51D8 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a6282e6f-3657-44cd-878f-cb745c712626
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/csimpr/ Frame F294 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=52800928&csi=SABfGrH7kaeKxCE8UkHTRM532Df-t5apvgv_88OsPOYJDwKV3Zer3GhaD71Xz2Vijmaaa-9zLpF1OsXLcyN8imQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
51196863.png
s1.adform.net/Banners/51196863/ Frame F294 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/51196863/51196863.png?bv=2
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yqhxsdeyj&e=1695597276133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b52c063c501c9d73d85ca4a341c5e4868a3ac33199ec7f1277556c9c059fe89b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:42 GMT
last-modified
Fri, 28 Jan 2022 09:19:49 GMT
server
nginx
etag
"61f3b535-d5eb"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
54763
vevent
fra1-ib.adnxs.com/ Frame A9FF 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKRC_DtkQUAAAMA1gAFAQiYgauUBhCe7ZaV56PV7j8YrvStjd38oPoRKjYJ3MUkpAUHzD8RvqKeH2v4wz8ZAAAAYI_C5T8hTL8Honz3yz8p5E7pYP2f0z8xAAAAoJmZqT8wy4ipCjiYUECnHEgCUPmOyqgBWJPCiwFgAGi02LABePLVBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgNTYzNDYwOSwgMTY1MzI2MDQ0MCk7dWYoJ2knLCA2NDMxMTc2LCAxNjUzMjYwNDQwKQUdLGcnLCAxNjA4MTExNgEKADUyHgAwcycsIDI3MjM2NzU5MkYfABRyJywgMzUBAgg4NjU2HwDwsJICsQQhQjI4XzN3aktxSjhZRVBtT3lxZ0JHQUFnazhLTEFUQUFPQUJBQUVpbkhGRExpS2tLV0FCZzdnTm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBZFpTMkxDbmw5SV93UUZ2UjhuWEJLRFRQOGtCQUFBQUFBQUE4RF9aQWFsTm5OenZVTzRfNEFISXc0Z0Q5UUVBQU1BX21BSUFvQUlCdFFJQQEzCHZRSQEH2EF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ1BXZGx5QVFDeGdDTFEBO_BDQzZBd2xHVWtFeE9qUTBNemJnQTdBdWdBU2RzNFlIaUFTZzBxd0lrQVFCbUFRQnNnUUtDSTNZb0E0UXBPU1JEY0VFQUEBSAEBCERKQgEHDQEYMkFRQThRUQ0OiEFBQUlnRjFDS1lCZWpfNzRFQnFRV3BUWnpjNzFEdVA3RUZBASQFAQhEQkIRNxRQZ195UVUBFhhnTk1ySVA5MigAAFoZKMBBXzRBWEk3d0h3QmR6QjFRZjRCYkgwMXdLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAVQAQQFgIHFBWUVzZ1lrQxF0DEFBQUUdDABHHQwASR0MOHVBWUuaApkBIWxCVnktUTo1AixKUENpd0VnQUNnQU0RNRBQZ19PZy5tAUhaQXNDNUpxVTJjM085UTdqOVJBFQEEQloVCwhBQmgdDABwHQwAeB0MDDRBSWs1gPDeOEQ4LtgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzYyMyNGUkExOjQ0MzbaBAIIAeAEAfAE-Y7KqAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAUObNgFAeAFAfAFhh76BQQIABAAkAYAmAYAuAYAwQYFISwA8D_QBpgO2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi9BkAAyAfy1QXSBw0JEToBOAjaBwYJJ0TgBwDqBwIIAPAHx9wBiggCEAA.&s=9ec4c142b94a3b3ffe483688711d23764de27f2f&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b11a0689-6a64-42a4-9f54-64bc75665a25
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4D27 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
60c98167-db17-41bb-8637-aaecd8d200cf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 6E16 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKRC_DtkQUAAAMA1gAFAQiYgauUBhCPiavf3LzB3TsYrvStjd38oPoRKjYJ3MUkpAUHzD8RvqKeH2v4wz8ZAAAAYI_C5T8hTL8Honz3yz8p5E7pYP2f0z8xAAAAoJmZqT8wy4ipCjiYUECnHEgCUPmOyqgBWJPCiwFgAGi02LABeOLXBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgNTYzNDYwOSwgMTY1MzI2MDQ0MCk7dWYoJ2knLCA2NDMxMTc2LCAxNjUzMjYwNDQwKQUdLGcnLCAxNjA4MTExNgEKADUyHgAwcycsIDI3MjM2NzU5MkYfABRyJywgMzUBAgg4NjU2HwDwsJICsQQhOTI1MjFRaktxSjhZRVBtT3lxZ0JHQUFnazhLTEFUQUFPQUJBQUVpbkhGRExpS2tLV0FCZzdnTm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBZFpTMkxDbmw5SV93UUZ2UjhuWEJLRFRQOGtCQUFBQUFBQUE4RF9aQWFsTm5OenZVTzRfNEFISXc0Z0Q5UUVBQU1BX21BSUFvQUlCdFFJQQEzCHZRSQEH2EF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ1BXZGx5QVFDeGdDTFEBO_BDQzZBd2xHVWtFeE9qVXpNRG5nQTdBdWdBU2RzNFlIaUFTZzBxd0lrQVFCbUFRQnNnUUtDSTNZb0E0UXBPU1JEY0VFQUEBSAEBCERKQgEHDQEYMkFRQThRUQ0OiEFBQUlnRnZTbVlCZWpfNzRFQnFRV3BUWnpjNzFEdVA3RUZBASQFAQhEQkIRNxRQZ195UVUBFhhnTk1ySVA5MigAAFoZKMBBXzRBWEk3d0h3QmR6QjFRZjRCYkgwMXdLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAVQAQQFgIHFBWUVzZ1lrQxF0DEFBQUUdDABHHQwASR0MNHVBWUuaApkBIWxCVnctPjUCLEpQQ2l3RWdBQ2dBTRE1EFBnX09nLm0BSGxBc0M1SnFVMmMzTzlRN2o5UkEVAQRCWhULCEFCaB0MAHAdDAB4HQwMNEFJazWA8N44RDgu2AIA4AKbhU7qAh1odHRwczovL3VhLmtvcnJlc3BvbmRlbnQubmV0L4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4xOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zNjIzI0ZSQTE6NTMwOdoEAggB4AQB8AT5jsqoAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAABQ5s2AUB4AUB8AWGHvoFBAgAEACQBgCYBgC4BgDBBgUhLADwP9AGmA7aBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOL0GQADIB-LXBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AfH3AGKCAIQAA..&s=6125cacd3df67117f24acf06ebbb3e5a9c389aa4&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f455af68-3378-40fb-be35-596922760d88
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 81D5
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN0uAHx4NDvOhK0g-v7QSg4&google_cver=1&google_push=AYg5qPJZMYOMVIDL8UmhTfen816KxwxOsiaTCPekmph4y2TykKzV6Yk6jf...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJZMYOMVIDL8UmhTfen816KxwxOsiaTCPekmph4y2TykKzV6Yk6jfa1_tprUY2BJsULb6oN9M1W5LxUP278A_kfQ50OvrQ&google_hm=hrTkTI-QXWZ23...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJZMYOMVIDL8UmhTfen816KxwxOsiaTCPekmph4y2TykKzV6Yk6jfa1_tprUY2BJsULb6oN9M1W5LxUP278A_kfQ50OvrQ&google_hm=hrTkTI-QXWZ23GDImkQr6Q
Requested by
Host: c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
URL: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJZMYOMVIDL8UmhTfen816KxwxOsiaTCPekmph4y2TykKzV6Yk6jfa1_tprUY2BJsULb6oN9M1W5LxUP278A_kfQ50OvrQ&google_hm=hrTkTI-QXWZ23GDImkQr6Q
pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
a.tribalfusion.com/ Frame 81D5 		43 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEAcxvEL8EVle5nPIAU5gB3Q&google_cver=1&google_push=AYg5qPIX-4ZD8LDfLYDUsbh5G4oT4MN2p6dABIRSXqwg_i5qmNuxJ_d-oie1NBEkOfIygZh7DSZRAaqb6H02CqRKlnn3Aqvmj3bZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIX-4ZD8LDfLYDUsbh5G4oT4MN2p6dABIRSXqwg_i5qmNuxJ_d-oie1NBEkOfIygZh7DSZRAaqb6H02CqRKlnn3Aqvmj3bZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
URL: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
70f92b65a9e368f8-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 81D5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECHvRGYKkzl4yuE0CzVBBs0&google_cver=1&google_push=AYg5qPIKsl9tTXmCaWU4u8tuj7SkgnZ5yNOpBF6gInTh2F4zWVXs6Gq_eCpo15juTxGVZh1DDIEJrj36sI2BmP...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDY5OTUxMjk5NjgyMTE0Mw%3D%3D&google_push=AYg5qPIKsl9tTXmCaWU4u8tuj7SkgnZ5yNOpBF6gInTh2F4zWVXs6Gq_eCpo15juTxGVZh1DDIEJrj36sI2BmPMLjT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDY5OTUxMjk5NjgyMTE0Mw%3D%3D&google_push=AYg5qPIKsl9tTXmCaWU4u8tuj7SkgnZ5yNOpBF6gInTh2F4zWVXs6Gq_eCpo15juTxGVZh1DDIEJrj36sI2BmPMLjT3eNnuH90lp
Requested by
Host: c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
URL: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDY5OTUxMjk5NjgyMTE0Mw%3D%3D&google_push=AYg5qPIKsl9tTXmCaWU4u8tuj7SkgnZ5yNOpBF6gInTh2F4zWVXs6Gq_eCpo15juTxGVZh1DDIEJrj36sI2BmPMLjT3eNnuH90lp
Date
Sun, 22 May 2022 23:00:42 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
attr
cm.g.doubleclick.net/pixel/ Frame 81D5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JpOY5VGpUZGbJwO1pnsTk893ioQC8Fo-jIuAtUaQlW2A
Requested by
Host: c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
URL: https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 48F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051801&jk=3738200024092044&bg=!fn2lfTnNAAZ4vKt9WLw7ACkAdvg8WmvMDvga32ZZCC2wz77GP0yOmejU5v-KJGowP2RGGDsQFFKpHAIAAAR1UgAAAANoAQcKAIsDBko74QhLoT-_yvrMrLoMbOks2QLjmo43L9-2CZPcylgKwP3vc_2qhNSPUnWq_uMSE4YrSd53OAXBllDHzEyjMl61XZSrE0sMGX_Wd8Z0h6cAz-u1or8mLQWwMAqXGPFJyJqkiQY8aCRmLoFkGLRWz9FmonOJbVi0k0t2erk4GXkkmkbFKp1TQtGHmQLlJHEIRO3UvVBdOPQND1C2j-Zf_6G4hR87fC_AzBoEZK_-a0HYyKhR--mXqv3T9mCeGplyNNC6g7_4ginGmwpPQo4UIHH-wjqMIp2NvTbX2kMu__IKRHjFvYYixMeRKqCQoSCHfjDA2-OCuxnlrGYwe3ZMWNERzY8tb9Dg-5Va6DPpd5bN2Lnijexl215xJFAOp30sVJkHcTQkGssXF5qnauo7p7P0GS_ZziBxjIp9RVuLu4ALp5BaPj9EOQxpVmRos_HVcnLFEdv093agQZedJToEWS13C5a3AhxzMgyY5Ah9WpZenwM15eNBTEt9QRjYbkihQzkoAZWPX8Pd5HKfXrOvpjdoIcYFkeZvaxtWMRZ95El5FjMcoNi3cC574IyBNfgcFwUNl-MInew-5bYWR7kvvgGdyY0fpEJdD5H_-ZXgAp1Oamwm_vCMUNkzDFGBDfHgL67iAmEFcUefkHNpex2zYg9TWYsPRzE-K3vioxo4NWGYs7MLp5-7E7m3QTyHL_5--RdyrNmQE0jnnrRcIzdzAq2BaE0ineUULCTCi3Zdt775BxswWhknxvZ3rwVmuN9B2YzLVa4GXfdIxrjyLodWCQz2UhIGevHfTjE1hIOtienNLk-aGogelPqKePBhep3SFsJBoxLhWgJBD4wqu3fAYh9uKORy8gkzkXFYI0g9PGfQPkdQfOxC2MCbGkOXckN9IMviYZ-wh8aNZtMICUEF4cEk7Mzr81eeaLZwyLsXBPbVGi13Ly-toBHdura84VhVLccu-EKjs5MKIhokAQB8zsESMYlJoyvk0OICRW8D_JwPt3RC8Yw3mqpxeMZjBH9rb6006Wd1iGahR0HAM8knNPjJilWL82WqJ5sDEQbtQ4K5AZUfar7RvIFvgIuWfWcZHjULFZiMUyxNobuwuKt7iqFXsIe2X2RCPSTNGKGR_9qA0jqiveXuWY_SqrQ0tdarWf5RE1zW7e0L9wA86WWevr6t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 79AD 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c4002a29-8d6a-4bc9-9f85-52e0d289f1fa
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 7D32 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLRCvBMUQUAAAMA1gAFAQiYgauUBhD3yuvLp-WQjWkYrvStjd38oPoRKjYJ203wTdNnuz8R_x6yBPZxtj8ZAAAAYI_C5T8h_x6yBPZxtj8p200JJPTiATEAAACgmZmpPzDLiKkKOJhQQB1ICFCW2qiGAViTwosBYABotNiwAXis1wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC-AAwCIAwGQAwCYAxegAwGqA7MGCuoFaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUWHBOZUZwVVVURlBWMGwwVG0xT2ExbHBNRE5hUkVrMFRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpFMk56a3hORFV4TWpjM016RTRORFk1Tmpndk5qWXlNak01TlM4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVRE5tWm0weU1qSk5lVjl6VldWWFRrdDJMWEJHTW1jdk1TOHhNeTh3THpBdk9UVTJPREF6THpNMk5EZ3hPREk0TURNdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWBHUTE13ZDAxRVFYZE1WRUYzVFVSQmRFBRA6MAAQY3ZNQzgFfAkIDEUyTnpW_ACoWVcxekx6QXZOekl5THpRdk9UazVMek15TWk4eU1UY3VNVEUwTGpJeE9DNAFQFHVNREF3TAFQ8IZUTXlOakEwTkRBdk1UWTFNekkzTXpBME1DOHhNeTh4TURJMk5DOC9xcFZSbzFWY2tGSTdCUmFFTlNjNjYxUGNEbFEmbm9kZWlkPTE2MDYmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD0xNjc5MTQ1MTI3NzMxODQ2OTY4JnNoYXJka2V5PTE2NzkxNDUyHQDwi3ByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9iYWhhZmQmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzMy4yMjAmc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTUmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITMTY3OTE0NTEyNzczMTg0Aa7wlRoTNzU3MzQzOTU3MzA4MjY5NTAzMSIJMjgxNjg1MjcwKgYxMDE5MzY6BzY2MjIzOTXAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIUaWIgFAZgFAKAFkOyJ-Jn2g6g4wAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWL60v6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Ab5qwHaBhYKEAkSGQGAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxugcPAVJIGAAgADAAOL0GQADIB6zXBdIHDRWAAUEI2gcGCSdE4AcA6gcCCADwB8fcAYoIAhAA&s=598273e6af015303a7c0fe2c13bbe8b4b4b8d85d&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8bf1f701-9e8e-4690-8919-666d5aa1bb30
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 5FA0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3258648039;ord=0kxvug;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjQ0MzY%3D%2Fbn%3D92914%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4601927983503357598%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268320%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D4202b5628ac09944cf9962886811464947111%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D4202b5628ac09944cf9962886811464947111%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526ntuId%25253D4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5%252526cb%25253D1653268448%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=301;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:57:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame F8C9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3458418712;ord=57b2ip;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4304040353409451151%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268160%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D8277a2628ac09945eab0197016083925630084%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D8277a2628ac09945eab0197016083925630084%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526cb%25253D1653266571%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=326;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:57:10 GMT
css
fonts.googleapis.com/ Frame 87B5 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=39170100004831600951425011968008&a=847191ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
918e1cfa104cf2ad2942fd66030698b8bd602ded209a4fd35552e210e59b5931
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 22 May 2022 21:43:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 22 May 2022 23:00:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 22 May 2022 23:00:42 GMT
/
hal9000.redintelligence.net/scale/ Frame 87B5 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/63451/creativesup/Fairnegy-1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=39170100004831600951425011968008&a=847191ee
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
daf0e65a3b59652b4ebd99265acb18437a65ab5c5425d9216244fc1dba21df43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15917
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 87B5 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/native_ad_globus_baumarkt_1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=39170100004831600951425011968008&a=847191ee
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
d70459a4b0caff06c05878f381f67d4492ce515ee071cf84d61085e7accccd69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
14129
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 87B5 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=39170100004831600951425011968008&a=847191ee
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
b75b521dee10fc3bef7e6e39933689b204147c0c5be436e35d9cc894217fd1ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16815
Vary
Accept-Encoding
Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame 2159 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
515bb151-4c12-46a9-b6a4-99c54003250e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 164D 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLQCvBMUAUAAAMA1gAFAQiYgauUBhDl0Iyv6reprkMYrvStjd38oPoRKjYJ203wTdNnuz8R_x6yBPZxtj8ZAAAAYI_C5T8h_x6yBPZxtj8p200JJPTiATEAAACgmZmpPzDLiKkKOJhQQB1ICFCW2qiGAViTwosBYABotNiwAXjA2wSAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC-AAwCIAwGQAwCYAxegAwGqA7IGCukFaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUWHBOZUZwVVVURlBWMGwwVG0xT2ExbHBNRE5hUkVrMFRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpJNE16SXdOalkyTWpreE1UYzBOakExTnpJdk5qWXlNak01TlM4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVSGhITFVOWlIxOXliRk5tTUdwSVUwWmpWaTFFUVhjdk1TOHhNeTh3THpBdk9UVTJPREF6THpNMk5EZ3hPREk0TURNdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWBHUDE13ZDABYCxkTVZFRjNUVVJCZEUFEDowABBjdk1DOAV8CQgMSTRNelb8AKhZVzF6THpBdk56SXlMelF2T1RrNUx6TXlNaTh5TVRjdU1URTBMakl4T0M0AVD0IAF1TURBd0x6RTJOVE15TmpBME5EQXZNVFkxTXpJM016QTBNQzh4TXk4eE1ESTJOQzgvVnR1UkZtRU9JdEN6eTd2UEYyNzB2VW1kYWRrJm5vZGVpZD0xNjA2Jmdyb3VwPWNkZyZhdWN0aW9uaWQ9MjgzMjA2NjYyOTExNzQ2MDU3MiZzaGFyZGtleT0yODMyMDY2NjI5MTE3NDYwNTcyJnByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9iYWhhZmQmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzMi42NyZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5NSZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhMyODMyMDY2LpAA8JUaEzQ4NTM5MzY3MzY2NDQwNDg5OTciCTI4MTY4NTI3MCoGMTAxOTM2Ogc2NjIyMzk1wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASFGViIBQGYBQCgBYDAttnokra_KcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBgBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwFSSBgAIAAwADi9BkAAyAfA2wTSBw0VgAFBCNoHBgknROAHAOoHAggA8AfH3AGKCAIQAA..&s=38a58229f6952baa6ebc30c1895f7d5e39d6a96f&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
274a58b8-48c8-4f23-a74d-60fbee170871
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 97A9 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5dbc0403-9c40-443b-a6ff-89f2ceaa769b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
51855161.png
s1.adform.net/Banners/51855161/ Frame EC4A 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/51855161/51855161.png?bv=1
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7d18b380fbfac58ad5d84b8c3a70d10dbc8ff394a65a00526cb8e6bb2565f9b4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:42 GMT
last-modified
Tue, 01 Mar 2022 09:43:24 GMT
server
nginx
etag
"621deabc-151ce"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
86478
/
track.adform.net/csimpr/ Frame EC4A 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=53521594&csi=LJejkvBkWn6epF8aR2xFv0_O-_hAq5-R56ozhk9pkmAJDwKV3Zer3GhaD71Xz2ViRSZElgftydMBjH56F_ZXHmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 7412 		0
268 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=fdfb30d38b74423b946fc17a9f613c42&vfdur=143&cbust=1653260441541123
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
Vary
Origin
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/21/2022 23:00:42
dcmads.js
www.googletagservices.com/dcm/ Frame 7412 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8066520d4f9a10b94ecaab59ccd265803acf8a1c1d1de3769ab889e95a77dd4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9377
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:39:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 22 May 2022 23:53:12 GMT
51855161.png
s1.adform.net/Banners/51855161/ Frame FF4F 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/51855161/51855161.png?bv=1
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7d18b380fbfac58ad5d84b8c3a70d10dbc8ff394a65a00526cb8e6bb2565f9b4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:42 GMT
last-modified
Tue, 01 Mar 2022 09:43:24 GMT
server
nginx
etag
"621deabc-151ce"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
86478
/
track.adform.net/csimpr/ Frame FF4F 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=53521594&csi=aswnSE39egZSzo796FCVBCFZ9qw0RFG_56ozhk9pkmAJDwKV3Zer3GhaD71Xz2VihzRwuKuIeWZ1wBG-RkwEjWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220518&jk=3976599010063820&bg=!wsGlwYXNAAZ4vKt9WLw7ACkAdvg8WqKAoPNp5B1gKyIpt0YH5049oJLqg3b8jspsUFAzYGbWEvkSGwIAAAO9UgAAAANoAQcKACULb7LyThOommUx64HiN-qc9rwcJlEtFamQdrzrOKn0GnNBUuIumQKyMb9_Qz41rXcUblFBUqwOjPKsp8BNYFiTPvTQmDx8UOfrhwNzdftX2GKfNo5Qv3h0Ri_Q6Nd_ViIBQoasrBIDGjZCFjBgERTWmjnXqttIGPN7p5GLSdp77InE-nIln-nJwP4DUzlsn8wnjFPei18M_lRJqZhtA6k_k3aNSY_w3z3Z0u8U_PXcWGWMAm784zxKRnSospszvZSOCNd8E3NzRjtm-kSVO-aFFdAWcSZxx7freCD3mxLDGWN55aEh3fFyMett4gG29iGCUqHCAng0s16IL-_Iy1sNHpVjP5ayb28Qcj6nKaJjfPD6zuxS0Xco4e8yRJ2lJQAzb5u-tz3fD9e4F5pvhwdRI0VvQw2KIxfNy6f2r-JvKHmFk0cKGgfzMjCkA-PvVK9uIwo8vdC4ryZ7h1FUt8QxR8K1onzkXTWQkCtgEKk5NsvGsL3YP1cd2zvZK1bBy1d5iJgcW55erJ7MWvBo44UZ1I0x9AOw2TUSZH3E17u3_Rasonqy7ZzhrAm_lRVKhQL5icf8c_nOyiRp0LWFSnYDLeMM_eHDapXDfly8Uv7jczXLnEZ1FKCSF4yN6w4wzDO267mdzDPrqSkCdQKc76HrqvgiBoVtv-OiiF4QKbjrj7C83jrAVUEIvuAjwwGQ0y5HczUVMadjrHtDQlRlN2MeOScp1kVWFhgM0zhBDiAzB2TJPPlelnAGU7S06WN1O-Y7RDIeEa0Z1e2vZ-JaiNMkI2oSwiSEImo_iJB3Eu5ieEcmsUP-aSBdxXhYa4JAqc6rD8AH67scoNOXWccP5bSCIUVS-UP02QghoD4ehaUlg_WuSEZqknwzrtrXlYj-fBXgKgN2lhJHPmWv2uL2dEM6ykBWgiok_QX6a2u-UTG30j0jKMp5ta7Lws8uGLIduhm5QPxh_GbZUgnf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:42 GMT
server
nginx/1.18.0
content-length
36
content-type
application/json
async_usersync
ib.adnxs.com/ Frame 1898 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
170955cb-c9d3-4884-a465-f64c05a6998f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 8390 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhDojs7BjrHCyXwYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF45tYFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU4OTc2NTI4OTY1ODk1NDIzODQ4XzEqBDUwNjk6CDUzNTIxNTk0wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATat5OkAYgFAZgFAKAF9vrW4-2juqsHwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFv8xD-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH5tYF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=45624132ad5c020e653f71f618cf5aaf450c68ab&type=nv&nvt=15&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e2d3fa65-4202-42a4-8233-e9cf83285ab6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 96A4 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhC0wMbrkJiYiyAYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQobv9nQFYk8KLAWAAaLTYsAF4xNcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDUGFVN0JnUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhUyMzEyMTQxODQwOTcxODMzMzk2XzEqBDUwNjk6CDUyMTAzNzk4wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AShu_2dAYgFAZgFAKAFt4rz5rve0o5mwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF5Zod-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgHxNcF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=8fdf1a2ee5a36deb7f665b77a835cdd0aeba32c0&type=nv&nvt=15&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8e53a818-278d-46d1-998d-7b71a0f0c50a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 0DAF 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhCNncTk2NXE3HQYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQyLi4lwFYk8KLAWAAaLTYsAF45u0FgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTisvK2hjUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU4NDEwNzc0MzE1Njg4MDcwNzk3XzEqBDUwNjk6CDUwMjQxNTAzwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATIuLiXAYgFAZgFAKAFvN6i59Wlh_QQwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFoeBI-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH5u0F0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=fae0f8cf938243888e726cbe36eb705eca9b0148&type=nv&nvt=15&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9435b5a9-6e27-4683-84c5-b971ecd25478
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 79F0 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKBPBMSgIAAAMA1gAFAQiYgauUBhCF4_-Ypae03AwYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF42tkFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMmGhQ5MTY3MTI1NzI2MDI4MDY2NjFfMSoENTA2OToINTM1MjE1OTTAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAXZi_KIoL_itw_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAfa2QXSBw0JAAAAABE4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=4bc4cc3e1ffcaf7803b6c49f5685a0b0ef1eaf5e&type=nv&nvt=15&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d5ff96e3-d22d-46bf-80c9-c858c2b069c7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/csimpr/ Frame D807 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=52908647&csi=0XeE_q_Xw1FWW0rbafeTq9lzx2gp4uhEALAb54RnH4QJDwKV3Zer3GhaD71Xz2ViC3AxtkK97aK9l4AM7luO8WQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
51304471.png
s1.adform.net/Banners/51304471/ Frame D807 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/51304471/51304471.png?bv=2
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yjnfmne&e=1695597276133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
03885dc12f28590c56fce7e3c7a009fd7cce71beb05ddc93c50232f247422280
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:42 GMT
last-modified
Wed, 02 Feb 2022 09:26:04 GMT
server
nginx
etag
"61fa4e2c-10ab7"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
68279
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame B6EF 		0
268 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=0bb617d7dd9f468f8325136528a27e6a&vfdur=44&cbust=1653260441598319
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
Vary
Origin
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/21/2022 23:00:42
dcmads.js
www.googletagservices.com/dcm/ Frame B6EF 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8066520d4f9a10b94ecaab59ccd265803acf8a1c1d1de3769ab889e95a77dd4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9377
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:39:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 22 May 2022 23:53:12 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 5FA0 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3258648039;ord=0kxvug;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjQ0MzY%3D%2Fbn%3D92914%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4601927983503357598%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268320%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D4202b5628ac09944cf9962886811464947111%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D4202b5628ac09944cf9962886811464947111%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526ntuId%25253D4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5%252526cb%25253D1653268448%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=301;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Origin
https://ad.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:47:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 07:47:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5FA0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3258648039;ord=0kxvug;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjQ0MzY%3D%2Fbn%3D92914%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4601927983503357598%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268320%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D4202b5628ac09944cf9962886811464947111%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D4202b5628ac09944cf9962886811464947111%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526ntuId%25253D4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5%252526cb%25253D1653268448%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=301;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 May 2023 13:38:15 GMT
bg1.jpg
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame AFA7 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/bg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6317cb9eae37b490a553e682b2d8fac09e3866a149c0acb3b90b26d2b1a908ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 01:50:38 GMT
x-content-type-options
nosniff
age
249004
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31197
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 01:50:38 GMT
b1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame AFA7 		454 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/b1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b5db3bb38bd76da9e83a688bdcc8001ea36d2d9721b598c01e8e1c3a5325e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
454
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
h1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame AFA7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00215534b8bfbee85755fa9aa4a9b6991284de6c25528d09fa2bb7298a2b0519
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13570
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
h2.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame AFA7 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1bdf6f2f0ae6db22067d27ff6560f2720ea2cddcbe953d4e317d2e7e8b17328
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 01:35:58 GMT
x-content-type-options
nosniff
age
249884
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11140
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 01:35:58 GMT
h3.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame AFA7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d257e529cf82beeb2dce7c62b7f7deb6747384677d1f4b5ff6e7c7936278e717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2211
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
cta.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame AFA7 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33ac7c2a73fd64b2ea828e6a46e26d79a25439d11db5cf50b532af5697ff85d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1527
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
logo.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame AFA7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57c6676f4aae666c5dd775495b931dbcee43f6c3b09f2fb7cf07b108a445d4a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:51:31 GMT
x-content-type-options
nosniff
age
220151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1159
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 09:44:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 09:51:31 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 678E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVpuCV-Lds_51AuK5uMVRXOntM_likYTglMaR9D_hJS-MIf2ysGBPw7tCbAbeI9LtIh3NbmfP2lf5vgHiR6xuQn0J54e0VtRZMR02n-4rMpJyXYiJQJRwpAXYt--s3yXzox7_QbW4f-kOaXhaSgsvlCN6ilDWDeUlYmxHqVC2ua4zOP6USx51bOaf3fefkaepqAjE4gSgSDMx5-lU0qCsqjC57-yDOWGUqxAHChpy0PNDH4GlUL0iA4rqijZeJJ1SvFrXewbwBCWBuEq6qK7iQJg-DcBOioijnA9rHomO1hQff_e6-em1C-R3Hn3oJCOrZNoyuFzW6mGkX88CrZthzR_CwAuC0-MhRscdTbWd0iE0edfCG6WWt8auhPCOcRXvHBDb8THZCAc7JplyY3RoL2_aLJtRuE3vAK6OA6DkuVPNPHHjtPDDiUNsx3YD-1TOju9ecwdFnt6y3Jmuzl_DBbc1EBjUhhXkSN-VxwAd-6jUdVs6xRRbWipXwmiB7cjXE0nRYalMHfG9AIrRZfvRlNd7sfA1oxnZUNnjMiJz_CZs4tRkLH_3Ce9LPf4ggul3THgJih8m03GF3LX4TQu1pZXwydTj52ILvA1Su5qitdZSKHUZb1fssFSNZ0d-fnwm6YikuHRek6qNlY45JPB3lE22I4stBkrbaHJLSa1RglLED6sPPrV0dhyIARkA8YO_Ygaxsu3pn7n019a7AhViZ_Xpfe1JpgWffxP4wxlfx3S3L89caTH5ioItX5hyMcjsLtkLaI9T7iiUrtUUWUS7b-3j6xWvttuMboKQ7ZDPdVWSYzhu6a2JTgkBW9Kr27moszxem41kqDk2d_sYDHZh86Xkg5ht8R1xgZBlCADUfx03sTH32yMog25Fpqff9qXX77YUwQs_HLkVWXjNxJ-kHdRYDzkKmYQEk5RaRbJJ_IYjbO_ItvYACDeTdLPw8w7oCnff_n4v8G5GO_qgnn_42CP5Eqr91IGP4ELTz0tyxynXQZocIKyaFyt3Ube4IvZfZX57PG30rVQI-JqtkOhJfg0bS6ezAqgPp2K6YEjt4tJYQc1ymt6kRkmkAbE_YSgAfD0ETjv1GywrZpZrFNdWwiaagUtTvT8jrg573cIfWSY79wR5C-JWuqQcy9sTvQsCQdSjFz2cjyn3S7IyYnX9375IhpMSquMuMuOSLpqYhnHXoIGiV9_04BkQfsSfVbZHns2dIT0sVsi9Bjgh02pFrdk7x7NWru8vMYj17iocBBBCgCRnTlGmJ_BIdXgHbU5lLCL7l7H9WlDXe7CXxquCUUAOAmMkRnCHINbvGAh1405lJkIrY7uO9pGmlEY-4oH6Z-qXJ4A7ulMBE_-dV7gDD5vrJVih-iFI16Obudwyq&sai=AMfl-YRj6s04nkc9dBfCnoPiCkXsKYWyCXjHeWCLQLWfk6p2VqYj49gpCl_I1Mx0Q4RW-4AtRiHa594W2D62CIAvjLP1z7z2Omahyo9hjeUB4TVjaLO4E8decirhKi8ZUy2KPBI7NCq49tyCwva7UmdIqBJMwlFOu-9YI24zYQME9SNEs7vJUAK0N3oTBi_Cn4KfyXu4S3s6alawJ3C_lZOPbO4x&sig=Cg0ArKJSzHle8kb9pAmjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1287&vt=11&dtpt=1132&dett=3&cstd=152&cisv=r20220518.22084&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ua.korrespondent.net
URL: https://ua.korrespondent.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame F8C9 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3458418712;ord=57b2ip;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4304040353409451151%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268160%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D8277a2628ac09945eab0197016083925630084%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D8277a2628ac09945eab0197016083925630084%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526cb%25253D1653266571%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=326;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Origin
https://ad.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:47:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 07:47:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F8C9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3458418712;ord=57b2ip;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4304040353409451151%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268160%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D8277a2628ac09945eab0197016083925630084%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D8277a2628ac09945eab0197016083925630084%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526cb%25253D1653266571%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=326;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 May 2023 13:38:15 GMT
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=F5E9A531453A46B983DA67FBDC15776F&time=1653260441619&location=https%3A%2F%2Fua.korrespondent.net%2F&referrer=&is_flash=0&session_id=1029744225&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm,holder&param1=~cm_timer~&param2=5&param3=1200&param4=4075&param5=7&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ua.korrespondent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:42 GMT
server
nginx/1.18.0
content-length
36
content-type
application/json
viewability
hal900019.redintelligence.net/ Frame CC98 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/viewability?s=34328800004871200951425011968019&a=45eec72f&vb=m
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=34328800004871200951425011968019&a=ef4e2eeb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/request_content.php?s=34328800004871200951425011968019&a=ef4e2eeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:42 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
vevent
fra1-ib.adnxs.com/ Frame F294 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhDs_e7RxbP6rkYYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ_MXkogFYk8KLAWAAaLTYsAF49tcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDS0RibGhrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU1MDcwNDY1NjEzMjI3MDgxNDUyXzEqBDUwNjk6CDUyODAwOTI4wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AT8xeSiAYgFAZgFAKAF1NiYiYWVxvQwwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF8OhL-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH9tcF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=2063612200567320aa104c9608ceb727c77107f2&type=nv&nvt=15&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
126b5b04-ab65-41ea-90f5-91f8ccee9593
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
viewability
hal90008.redintelligence.net/ Frame 87B5 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=39170100004831600951425011968008&a=728c6fa4&vb=m
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=39170100004831600951425011968008&a=847191ee
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=39170100004831600951425011968008&a=847191ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:42 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
impl_v88.js
www.googletagservices.com/dcm/ Frame 7412 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v88.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b225a72c3c0f0ce054225cf8748508f69d7315568bb5aacb38491e006a4372d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 07:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21405
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 May 2023 07:53:12 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame CC98 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900019.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 18 May 2022 19:26:22 GMT
x-content-type-options
nosniff
age
358460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 May 2023 19:26:22 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame CC98 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900019.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 18 May 2022 19:26:22 GMT
x-content-type-options
nosniff
age
358460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 May 2023 19:26:22 GMT
vevent
fra1-ib.adnxs.com/ Frame EC4A 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKBPBMSgIAAAMA1gAFAQiYgauUBhDZn9_8sM-owgQYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF4q9YFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMmGhQzMjU1NjM3MjI1MDM4MDI4NDFfMSoENTA2OToINTM1MjE1OTTAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAWsxq654KC48zHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAer1gXSBw0JAAAAABE4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=d5eee16880e8f0697bf53bfc9adc7be38c8bc2fe&type=nv&nvt=15&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=0.65&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f32f66d8-c363-4e34-b4dc-adfa7ff0d5a9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame FF4F 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKBPBMSgIAAAMA1gAFAQiYgauUBhD2pvaCxsrEvA0YrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF4q9kFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMmGhQ5NzA4MjczNDgyNzgzNTA3MTBfMSoENTA2OToINTM1MjE1OTTAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAWRz7ORv6DimEXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAer2QXSBw0JAAAAABE4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=161cd5e57bb630c947f5e86b97f692b7a52bf071&type=nv&nvt=14&jm=1003|1018|1008&px=0&py=0&bw=300&bh=250&sf=0.28&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1b0de6b6-302f-4d1c-9b5d-77d9cccce6b2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
impl_v88.js
www.googletagservices.com/dcm/ Frame B6EF 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v88.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b225a72c3c0f0ce054225cf8748508f69d7315568bb5aacb38491e006a4372d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 07:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21405
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 May 2023 07:53:12 GMT
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame 9E86 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
54360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 07:54:42 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 87B5 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 18 May 2022 19:26:22 GMT
x-content-type-options
nosniff
age
358460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 May 2023 19:26:22 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 87B5 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 18 May 2022 19:26:22 GMT
x-content-type-options
nosniff
age
358460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 May 2023 19:26:22 GMT
vevent
fra1-ib.adnxs.com/ Frame D807 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhDZ74WsmqqWh0MYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQgZbmogFYk8KLAWAAaLTYsAF4_9YFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDT2VrblJrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU0ODMxODk3NjU3NDE5MDY5NDAxXzEqBDUwNjk6CDUyOTA4NjQ3wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASBluaiAYgFAZgFAKAFivPu1-jUyosMwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF5Zod-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH_9YF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=301319449a585f8d3c09e7642a85afa0170a3354&type=nv&nvt=15&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:42 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2c527e03-0d10-46c1-927f-cbb243deed0b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B9C8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
206546
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 13:38:16 GMT
expires
Sat, 20 May 2023 13:38:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5FA0 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:42 GMT
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 4536 		4 KB
654 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23642206cae1714f4990861d8bc467f5971ba6c47e4231635c90fe0932a3c7ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
621
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:42 GMT
expires
Mon, 23 May 2022 23:00:42 GMT
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5FA0 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmX7GrRADgGKEUogtGYm4KTehpRmLIttOg0KiYJakYxy4NcXXNkbBMkM6NCg2WcEWZ7-qHllJ0LBeH1V1sTt3xTE18VoE6WXznnCiVv0lSHpcVDLNTvEX8JhqCbL1PxMeyhh904qr1Pz-kSz93MDH8yOImXbGu77mU_lHwKSwSCmsjX3to5UR_&sig=Cg0ArKJSzAR8oDMEaZkOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&cbvp=1&cstd=190&cisv=r20220518.66452&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3258648039;ord=0kxvug;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjQ0MzY%3D%2Fbn%3D92914%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4601927983503357598%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268320%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D4202b5628ac09944cf9962886811464947111%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D4202b5628ac09944cf9962886811464947111%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526ntuId%25253D4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5%252526cb%25253D1653268448%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=301;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C63B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
206546
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 13:38:16 GMT
expires
Sat, 20 May 2023 13:38:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8C9 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BflmKmcCKYr7mOpXP7_UP4va2wA0AAAAAOAHgBAI
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3458418712;ord=57b2ip;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4304040353409451151%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268160%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D8277a2628ac09945eab0197016083925630084%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D8277a2628ac09945eab0197016083925630084%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526cb%25253D1653266571%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=326;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F8C9 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:42 GMT
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 5526 		4 KB
654 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23642206cae1714f4990861d8bc467f5971ba6c47e4231635c90fe0932a3c7ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
621
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:42 GMT
expires
Mon, 23 May 2022 23:00:42 GMT
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F8C9 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvreMbLu1XOKB2cwo_guHTtkkNs5dNm1Vd3iKlU98lhCiYwYn7nmbGj_5QrZvpfsDxczBvzQJaMdJ23n_RMVda5LeorCnYX4GsdnCWDNs30cjDeBf5LkIW-gMS_pbt2Dp2Pal9IKC-iYzyD68UFGkHTJefDtk2FwxVTubdfa-9otx66U5vOC5C&sig=Cg0ArKJSzPFnkza8sYROEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=198&cbvp=1&cstd=194&cisv=r20220518.69448&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3458418712;ord=57b2ip;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4304040353409451151%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268160%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D8277a2628ac09945eab0197016083925630084%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D8277a2628ac09945eab0197016083925630084%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526cb%25253D1653266571%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=326;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=2878691016;ord=gyri66;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 7412 		46 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=2878691016;ord=gyri66;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=125;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v88.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
920518b9e3cea200992653dd94fb599ba9eef4a9f2906d5b503f347b8345740e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23011
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=1597316671;ord=8obdz6;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame B6EF 		46 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=1597316671;ord=8obdz6;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=151;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v88.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
925e1d8bf8aee038de4b136a3202986f6e7c7020abeabe9fc8b7b50e6aef9e30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22939
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame D147 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Tmv-pQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 4536 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a8ba436d2051a5d2791e221ea189a58caeebf356b51582a0e4112cbab94d216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1372
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:42 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame 4536 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:50:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 07:50:11 GMT
pa.js
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 4536 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/pa.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1443
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:42 GMT
logic.js
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 4536 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69abd35fbf034e78279c15a66c542f9d1f3a68065ebc883f9b36e8804216b38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3726
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:42 GMT
style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 5526 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a8ba436d2051a5d2791e221ea189a58caeebf356b51582a0e4112cbab94d216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1372
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:42 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame 5526 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:50:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 07:50:11 GMT
pa.js
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 5526 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/pa.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1443
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:42 GMT
logic.js
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 5526 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69abd35fbf034e78279c15a66c542f9d1f3a68065ebc883f9b36e8804216b38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3726
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7412 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=2878691016;ord=gyri66;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=125;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:43 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 7412 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=2878691016;ord=gyri66;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=125;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:57:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7412 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHZjbb6rOHZCfoEvI5h-UV7JQQ_KOvdVoRz5ElcrLiBNjNto-jJzcmHA6NoLxyz8K07KqQgyObNBhYp6XQJkeUsPAmMqYE6jtsAuXZd2CNPFujhe7RcG5QroE9fE3TekTOOSAVTX7OboFZBGm41Et8XfNb5gM&sig=Cg0ArKJSzEPuitRJRwecEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220518.62177&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=2878691016;ord=gyri66;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=125;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7412 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=2878691016;ord=gyri66;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=125;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206548
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 May 2023 13:38:15 GMT
10607475269319393041
s0.2mdn.net/simgad/ Frame 7412 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10607475269319393041
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=ffiqcjuv&e=1695597276133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
735e8910e491da560ea18efe17fcb8b50452f21975692ccf984ccf8fa2223793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 09:15:17 GMT
x-content-type-options
nosniff
age
308726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65242
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 22:08:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 May 2023 09:15:17 GMT
/
track.adform.net/adfserve/ Frame 7412 		0
333 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=53798891;rtbwp=Qgi_KpiCYgFwHowiC0pO_KzboUFQG3yp0;rtbdata=el6TqoVMDqapCpdN0IL94PeAyZtfC9XAMNTvJ_JRmUnIaD9Kbg9fljkgZx8X_JVdogtcjAKOpl4jT_Qc-y1LlH3S90274223XXvqs7R6mTyYZp9WoUoFd1eoa1-_OqvrvutYU2WCa6qWTZUixlZj0Uc-ZScvAHo57Tx_eBmAAqtDBOM6P-o_lsxoE1N8aXg0rFHhyneVWwtoaeIM-O7i_Lm7L69djybIQpjCK6gFV2l0AzsOzQcqjo7Y95vPe-pVQMVaBBQ2U1YqnpboyvhYc40uotWEQNmcoNHZIWHVGd84Igey9WwBF85yZz3Vhk17rssE6qd2KEHgn60k2ZW6RXt-_ptJpuEsm6hn5DAzcCjDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ikbmm94BmY142u1ywTJ-2j7YejTI4L2FwWVvqO76vcIQCEQGOXvs3JG4dWAZeGGw7-ItQUX26WQ4VpGCUp3CsKjblvxv6hEU9eldCH9cAh0Fa2YosIrH8UGizDjvm1ec82tH_-6FdkP2BVHa6a1fWth3uLXZUv3HziXcKis-nYNikVL53zwdcOMcxGLfZLB2dQxNLLOjbqzcC-5GEcl5xLxZE5pjtzGQxaMB7E3Is5U1;pui=CQ8Cld2Xq9xoWg-9V89lYs3NzXsustMOTCkRm0RsSigvZ7ZY04vbbM1WlqH_IbHs48zob5Vkq1q8jqTQ3yLCxQ2;;js=1;adfxid=2x;5483;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Fua.korrespondent.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 8321 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:43 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 May 2022 23:00:43 GMT
6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
pagead2.googlesyndication.com/bg/ Frame B9C8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 06:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
60633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13723
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 06:10:10 GMT
10607475269319393041
s0.2mdn.net/simgad/ Frame B6EF 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10607475269319393041
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=1597316671;ord=8obdz6;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=151;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
735e8910e491da560ea18efe17fcb8b50452f21975692ccf984ccf8fa2223793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 09:15:17 GMT
x-content-type-options
nosniff
age
308726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65242
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 22:08:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 May 2023 09:15:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B6EF 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=1597316671;ord=8obdz6;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=151;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42375
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652873336749811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:43 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame B6EF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=1597316671;ord=8obdz6;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=151;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 22:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Jun 2022 22:57:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B6EF 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuplqKE6NSv_gyWB9Qb1zWwtSId6aSXRzCIoqiCmRXTQ8_1wpubfHgHBDW8qY0p2OTPFgYFBw5fBoswjU5__9-_1Spgl0b5xQn0d9Uy0h420aGW2CVgR5bkDtrUx1YN1-tHwVVfOBuMYyruXRcYbrJYCle6mCg&sig=Cg0ArKJSzIxcdF_xLKeSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220518.98182&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=1597316671;ord=8obdz6;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=151;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B6EF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=1597316671;ord=8obdz6;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=151;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206548
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 May 2023 13:38:15 GMT
/
track.adform.net/adfserve/ Frame B6EF 		0
333 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=53798892;rtbwp=DCe16rakHdak7bjlv4Y6aqzboUFQG3yp0;rtbdata=Y7sXdZWOOc-SZzBRolec2jxTlY1O88kcmAnyxTClxFomIZqcOhstEucxbCA7OgRLda-I3BHPP9akryRNchtxOXXaLhHzI1R2ifKZH_SWpVqYZp9WoUoFd1eoa1-_OqvrvutYU2WCa6qWTZUixlZj0Uc-ZScvAHo57Tx_eBmAAqtDBOM6P-o_lsxoE1N8aXg0rFHhyneVWwtxQf2krl4cAbm7L69djybIQpjCK6gFV2mf3fPBhreLfo7Y95vPe-pVQMVaBBQ2U1ZkntMMy_4-8H2t40oB5mkaoNHZIWHVGd84Igey9WwBFyUNIY2VHzzurssE6qd2KEHgn60k2ZW6RXt-_ptJpuEsm6hn5DAzcCjDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ByPSVDqy9kJ42u1ywTJ-2kOaUGlXgU4jSM7fAmJmbQJiCujdxAdVt5G4dWAZeGGw7-ItQUX26WQ__SssKVIGMXCfxKLy6P3hS44hk-JQDoJSBwCi7xoym68v7sqRbf6WFBsZUaY1qeCc5_HuFwf6Fiiv87ZEANsu_IHXwqFvT9hikVL53zwdcOMcxGLfZLB2dQxNLLOjbqzcC-5GEcl5xJlnrkJxW_LlxaMB7E3Is5U1;pui=CQ8Cld2Xq9xoWg-9V89lYt_ZLZF3pTI50DvA7aotEGYvZ7ZY04vbbM1WlqH_IbHs48zob5Vkq1q8jqTQ3yLCxQ2;;js=1;adfxid=10x;2001;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Fua.korrespondent.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
pagead2.googlesyndication.com/bg/ Frame C63B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 06:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
60633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13723
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 06:10:10 GMT
async_usersync
ib.adnxs.com/ Frame 1DF6 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
160a18f0-90aa-417b-8479-c173e24caa78
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B49C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c9d3b43e-0ea3-4515-bec3-96da69eed3b0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7412 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHZjbb6rOHZCfoEvI5h-UV7JQQ_KOvdVoRz5ElcrLiBNjNto-jJzcmHA6NoLxyz8K07KqQgyObNBhYp6XQJkeUsPAmMqYE6jtsAuXZd2CNPFujhe7RcG5QroE9fE3TekTOOSAVTX7OboFZBGm41Et8XfNb5gM&sig=Cg0ArKJSzEPuitRJRwecEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=98&vt=11&dtpt=97&dett=2&cstd=0&cisv=r20220518.62177&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=2878691016;ord=gyri66;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=125;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 5FA0 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmX7GrRADgGKEUogtGYm4KTehpRmLIttOg0KiYJakYxy4NcXXNkbBMkM6NCg2WcEWZ7-qHllJ0LBeH1V1sTt3xTE18VoE6WXznnCiVv0lSHpcVDLNTvEX8JhqCbL1PxMeyhh904qr1Pz-kSz93MDH8yOImXbGu77mU_lHwKSwSCmsjX3to5UR_&sig=Cg0ArKJSzAR8oDMEaZkOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=601&vt=11&dtpt=404&dett=3&cstd=190&cisv=r20220518.66452&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3258648039;ord=0kxvug;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP562pXIeVd0_Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAzyak5wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVy-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjQ0MzZAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjQ0MzY%3D%2Fbn%3D92914%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4601927983503357598%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268320%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D4202b5628ac09944cf9962886811464947111%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D4202b5628ac09944cf9962886811464947111%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526ntuId%25253D4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5%252526cb%25253D1653268448%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=301;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame B6EF 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuplqKE6NSv_gyWB9Qb1zWwtSId6aSXRzCIoqiCmRXTQ8_1wpubfHgHBDW8qY0p2OTPFgYFBw5fBoswjU5__9-_1Spgl0b5xQn0d9Uy0h420aGW2CVgR5bkDtrUx1YN1-tHwVVfOBuMYyruXRcYbrJYCle6mCg&sig=Cg0ArKJSzIxcdF_xLKeSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=80&vt=11&dtpt=79&dett=2&cstd=0&cisv=r20220518.98182&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=88.258;sz=300x250;u_sd=1;dc_adk=1597316671;ord=8obdz6;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=151;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame F8C9 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvreMbLu1XOKB2cwo_guHTtkkNs5dNm1Vd3iKlU98lhCiYwYn7nmbGj_5QrZvpfsDxczBvzQJaMdJ23n_RMVda5LeorCnYX4GsdnCWDNs30cjDeBf5LkIW-gMS_pbt2Dp2Pal9IKC-iYzyD68UFGkHTJefDtk2FwxVTubdfa-9otx66U5vOC5C&sig=Cg0ArKJSzPFnkza8sYROEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=595&vt=11&dtpt=397&dett=3&cstd=194&cisv=r20220518.69448&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N547802.3952709-NANOINTERACTIVE0/B27349857.329914311;dc_ver=88.258;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3458418712;ord=57b2ip;click0=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F3MUkpAUHzD--op4fa_jDPwAAAGCPwuU_TL8Honz3yz_kTulg_Z_TP4_E6svlBbs7Lnqr0eWD9BGYwIpiAAAAAEtESgEYKAAAJw4AAAIAAAB5hxIVE-EiAAAAAABVU0QARVVSACwB-gA0LAAAAAABAQUCAAAAANgAvSc8NwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D!lBVw-QjKqJ8YEPmOyqgBGJPCiwEgACgAMQAAAAAAAPg_OglGUkExOjUzMDlAsC5JqU2c3O9Q7j9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMzYyMyNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3Dhttps%253A%252F%252Fliift-trc.audiencemanager.de%252Fclick%253FdataRequestId%253D4304040353409451151%2526campaignId%253D62470fd6a7413d09dc4e7070%2526tagId%253D21644363%2526w%253D300%2526h%253D250%2526cb%253D1653268160%2526redirectUrl%253Dhttps%25253A%25252F%25252Fklk.audiencemanager.de%25252Flog%25252Fad%25252Fclick%25253Fid%25253D6247113c3104805709594f3e%252526adId%25253D8277a2628ac09945eab0197016083925630084%252526alg%25253Dr%252526rp%25253Dr%252526hb%25253D0%252526pubid%25253D%252526pid%25253D%252526nid%25253D%252526atId%25253D%252526subId%25253D%252526baseReqId%25253D8277a2628ac09945eab0197016083925630084%252526curl%25253DaHR0cHM6Ly9tZWRpYXdvb3QuY29tLw%252526cb%25253D1653266571%252526redirectUrl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fua.korrespondent.net%2F$0;xdt=1;crlt=s'CKYodKtj;stc=1;chaa=1;sttr=326;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
async_usersync
ib.adnxs.com/ Frame 3791 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3ed18d45-b56c-4962-87f3-bb41c41faee5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D8C0 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1333359a-8c8d-468d-b91b-f56e0c99b20c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Montserrat-SemiBold.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 4536 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/Montserrat-SemiBold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d841940fc5a291c2b21753932d57b24e9c4f26e6ae9788ad449392a55892c39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:41 GMT
x-content-type-options
nosniff
age
35762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32860
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:41 GMT
Montserrat-Bold.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 4536 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/Montserrat-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b27ee5c9041ce0a0f08ba30726a57407f676dbfe4a2eb27d186f23ede581d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:41 GMT
x-content-type-options
nosniff
age
35762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33604
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:41 GMT
Montserrat-Regular.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 4536 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/Montserrat-Regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
642f5fd742a9d4ad971464adee5f82c0292f812d14e337e5448cdb29ce5f2a26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:41 GMT
x-content-type-options
nosniff
age
35762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33080
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:41 GMT
Montserrat-Black.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 4536 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/Montserrat-Black.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6448c95ad8e9b1f63465c57952afbf8df9df45103e966407d7b0f1588e9e009e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:41 GMT
x-content-type-options
nosniff
age
35762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30436
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:41 GMT
Montserrat-Light.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 4536 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/Montserrat-Light.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e58cb72c1056d2a9345f7cbd4282f32f519cbd2d038145671674d769b7d1d359
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:41 GMT
x-content-type-options
nosniff
age
35762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32812
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4536 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c345906d088c07a302b0b74810c69df759bcd7a94f4959e22603ebf5d9de688b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5525
x-xss-protection
0
60015185_20200820245904965_ALL_Logo_WHITE.png
s0.2mdn.net/ads/richmedia/studio/60015185/ Frame 4536 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015185/60015185_20200820245904965_ALL_Logo_WHITE.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6471be6b02897e0fcc27acc17e01ca5b3243b6a3f917b01987fed922b9751e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:50:10 GMT
x-content-type-options
nosniff
age
33033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56405
x-xss-protection
0
last-modified
Thu, 20 Aug 2020 07:59:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:50:10 GMT
60015185_20220506060240118_UNVEIL_BEACH_V2.jpg
s0.2mdn.net/ads/richmedia/studio/60015185/ Frame 4536 		247 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015185/60015185_20220506060240118_UNVEIL_BEACH_V2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8682dda7cab8c6eaba5edff0f3b7131133222b708d4fcc9951f6c39ccc4974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:01:23 GMT
x-content-type-options
nosniff
age
35960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252889
x-xss-protection
0
last-modified
Fri, 06 May 2022 13:02:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:01:23 GMT
60015185_20220506025839943_UK.jpg
s0.2mdn.net/ads/richmedia/studio/60015185/ Frame 4536 		376 KB
376 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015185/60015185_20220506025839943_UK.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee1f428688019b84102f7fa62b46fda91ca96cd30ba8254bb0ca24cadc351557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 15:41:48 GMT
x-content-type-options
nosniff
age
26335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
385272
x-xss-protection
0
last-modified
Fri, 06 May 2022 09:58:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 15:41:48 GMT
60015185_20220506025847564_HOTEL.jpg
s0.2mdn.net/ads/richmedia/studio/60015185/ Frame 4536 		324 KB
324 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015185/60015185_20220506025847564_HOTEL.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7a540ea521742fd09d91949ba268eb5b1e5ccab37aa0a147378ded5d550db3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=W7opLhZ7H1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:01:23 GMT
x-content-type-options
nosniff
age
35960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
331853
x-xss-protection
0
last-modified
Fri, 06 May 2022 09:58:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:01:23 GMT
async_usersync
ib.adnxs.com/ Frame 9F41 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4518e6cb-866e-41bd-9712-2b14b2325d65
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
60015185_20200820245904965_ALL_Logo_WHITE.png
s0.2mdn.net/ads/richmedia/studio/60015185/ Frame 5526 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015185/60015185_20200820245904965_ALL_Logo_WHITE.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6471be6b02897e0fcc27acc17e01ca5b3243b6a3f917b01987fed922b9751e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:50:10 GMT
x-content-type-options
nosniff
age
33033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56405
x-xss-protection
0
last-modified
Thu, 20 Aug 2020 07:59:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:50:10 GMT
60015185_20220506025847564_HOTEL.jpg
s0.2mdn.net/ads/richmedia/studio/60015185/ Frame 5526 		324 KB
324 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015185/60015185_20220506025847564_HOTEL.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7a540ea521742fd09d91949ba268eb5b1e5ccab37aa0a147378ded5d550db3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:01:23 GMT
x-content-type-options
nosniff
age
35960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
331853
x-xss-protection
0
last-modified
Fri, 06 May 2022 09:58:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:01:23 GMT
Montserrat-SemiBold.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 5526 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/Montserrat-SemiBold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d841940fc5a291c2b21753932d57b24e9c4f26e6ae9788ad449392a55892c39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:41 GMT
x-content-type-options
nosniff
age
35762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32860
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:41 GMT
Montserrat-Bold.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 5526 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/Montserrat-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b27ee5c9041ce0a0f08ba30726a57407f676dbfe4a2eb27d186f23ede581d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:41 GMT
x-content-type-options
nosniff
age
35762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33604
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:41 GMT
Montserrat-Regular.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 5526 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/Montserrat-Regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
642f5fd742a9d4ad971464adee5f82c0292f812d14e337e5448cdb29ce5f2a26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:41 GMT
x-content-type-options
nosniff
age
35762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33080
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:41 GMT
Montserrat-Black.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 5526 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/Montserrat-Black.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6448c95ad8e9b1f63465c57952afbf8df9df45103e966407d7b0f1588e9e009e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:41 GMT
x-content-type-options
nosniff
age
35762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30436
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:41 GMT
Montserrat-Light.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/ Frame 5526 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/Montserrat-Light.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e58cb72c1056d2a9345f7cbd4282f32f519cbd2d038145671674d769b7d1d359
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:04:41 GMT
x-content-type-options
nosniff
age
35762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32812
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 11:58:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:04:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5526 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
161836d0e37f894e494ee909fb7cb3b804243d3ae328650bbef441638244fab3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 23:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5542
x-xss-protection
0
60015185_20220506043107841_PULLMAN_V2.jpg
s0.2mdn.net/ads/richmedia/studio/60015185/ Frame 5526 		338 KB
338 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015185/60015185_20220506043107841_PULLMAN_V2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8bee3d52699f63eb3607c3540c64d3df5948101ea63f939dbdf6b48901c8e1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:11:46 GMT
x-content-type-options
nosniff
age
35337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
346059
x-xss-protection
0
last-modified
Fri, 06 May 2022 11:31:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:11:46 GMT
60015185_20220506060233117_MGALLERY_V2.jpg
s0.2mdn.net/ads/richmedia/studio/60015185/ Frame 5526 		493 KB
493 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015185/60015185_20220506060233117_MGALLERY_V2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
795284b3d4f1970204f01462488b21a00e6d8647504c4e59a425f9e23b23818a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61545172/20210706045812138/index.html?e=69&leftOffset=0&topOffset=0&c=28r71jXkHp&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 13:11:46 GMT
x-content-type-options
nosniff
age
35337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
504433
x-xss-protection
0
last-modified
Fri, 06 May 2022 13:02:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 May 2022 13:11:46 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8289 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
206547
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 13:38:16 GMT
expires
Sat, 20 May 2023 13:38:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame B685 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ua.korrespondent.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:42 GMT
server-processing-duration-in-ticks
3969
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1973 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
206547
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 13:38:16 GMT
expires
Sat, 20 May 2023 13:38:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4536 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5526 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 22 May 2022 23:00:43 GMT
async_usersync
ib.adnxs.com/ Frame 2B6F 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a9cefa85-0c87-4ce9-bdad-595442047fc0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 51D8 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
89173555-756b-47bb-b020-bb3cefe2075e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4D27 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
77353aa3-cc71-43a1-b181-ee3430f96c44
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
viewability
anz.audiencemanager.de/log/ad/ Frame A9FF 		43 B
295 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://anz.audiencemanager.de/log/ad/viewability?id=6247113c3104805709594f3e&adId=4202b5628ac09944cf9962886811464947111&alg=r&rp=r&hb=0&hbp=&hbReqId=&pubid=&pid=&nid=&subId=&sqReqId=&atId=&ntuId=4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5&cb=1653267087&lsUserId=null&time=1&percentage=51&hless=0&jsCurl=mediawoot.com
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yjutwti&e=1695597276133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.123.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-123-145.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:43 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
access-control-allow-origin
*
x-powered-by
PHP/7.2.9
requestid
8277a2628ac09b99b0b6227038221091554113
status
200 OK
p3p
CP="NID DSP ALL COR"
hostname
10-0-13-149
responsetime
5
content-type
image/gif
content-length
43
view
liift-trc.audiencemanager.de/ Frame A9FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://liift-trc.audiencemanager.de/view?dataRequestId=4601927983503357598&campaignId=62470fd6a7413d09dc4e7070&tagId=21644363&w=300&h=250&cb=1653268320&time=1&percent=51&hless=0&jscurl=mediawoot.com
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=yjutwti&e=1695597276133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.150.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-150-224.eu-west-1.compute.amazonaws.com
Software
swoole-http-server /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:43 GMT
cache-control
no-cache
server
swoole-http-server
content-length
0
content-type
text/html
viewability
anz.audiencemanager.de/log/ad/ Frame 6E16 		43 B
295 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://anz.audiencemanager.de/log/ad/viewability?id=6247113c3104805709594f3e&adId=8277a2628ac09945eab0197016083925630084&alg=r&rp=r&hb=0&hbp=&hbReqId=&pubid=&pid=&nid=&subId=&sqReqId=&atId=&cb=1653267151&lsUserId=null&time=1&percentage=51&hless=0&jsCurl=mediawoot.com
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=xmycovcd&e=1695597276133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.123.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-123-145.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9 / PHP/7.2.9
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:43 GMT
server
Apache/2.4.34 (Unix) PHP/7.2.9 mod_fcgid/2.3.9
access-control-allow-origin
*
x-powered-by
PHP/7.2.9
requestid
4efadf628ac09b9a61a4354816287110136453
status
200 OK
p3p
CP="NID DSP ALL COR"
hostname
10-0-13-173
responsetime
7
content-type
image/gif
content-length
43
view
liift-trc.audiencemanager.de/ Frame 6E16 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://liift-trc.audiencemanager.de/view?dataRequestId=4304040353409451151&campaignId=62470fd6a7413d09dc4e7070&tagId=21644363&w=300&h=250&cb=1653268160&time=1&percent=51&hless=0&jscurl=mediawoot.com
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=xmycovcd&e=1695597276133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.150.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-150-224.eu-west-1.compute.amazonaws.com
Software
swoole-http-server /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:43 GMT
cache-control
no-cache
server
swoole-http-server
content-length
0
content-type
text/html
async_usersync
ib.adnxs.com/ Frame 79AD 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6250ee96-1070-4458-a4f7-d789008edbae
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pd
u.openx.net/w/1.0/ Frame 8321 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2159 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8a9a3c58-57a7-4372-98d9-1dfe49e443fa
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 97A9 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a2df6418-b8e9-4de4-af49-034de391f442
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/serving/unload/ Frame 79F0 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@53521594,2997134819722320515,100|1011|0|0|0|0|0|0|0||39|1|1325|1112259339837277657_916712572602806661_1|||1|0|0|Fp2ghCKpgKG48M5tcwHHbTGGMl70FBi5R3LAP5NE2lhFGBMT6wlEsRhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 79F0 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=53521594&event=178&time=2&baid=51855161&name=Viewable%20impressions&imprid=2997134819722320515&icid=240036737613266497&eData=Jlx30_9ipGyt9_bJ0JDjRXh9ErTV8WMWYaJU2uM20NlbFu6xLmqkgj5epXVlpB0-A-xGhESPrs4au94oJsHc8Q2&rtbdata=UMxmvGLgj6L5bFyAx23umkxi6BaOqD4Qtvw71dQmB-ih0qBgofQYP1Ymjq0_-_jk-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSCfRMDvNYDAs8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6JnvBeZLG4PiSw2&rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0&rnd=640183004
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
async_usersync
ib.adnxs.com/ Frame 1898 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1821409&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1821409
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
441b492d-9090-42cd-9724-9b6f57c45aed
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 8390 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhDojs7BjrHCyXwYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF45tYFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU4OTc2NTI4OTY1ODk1NDIzODQ4XzEqBDUwNjk6CDUzNTIxNTk0wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATat5OkAYgFAZgFAKAF9vrW4-2juqsHwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFv8xD-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH5tYF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=45624132ad5c020e653f71f618cf5aaf450c68ab&type=pv&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
12e6b8f2-d281-4f8d-aeb8-36d64364c284
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 96A4 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhC0wMbrkJiYiyAYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQobv9nQFYk8KLAWAAaLTYsAF4xNcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDUGFVN0JnUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhUyMzEyMTQxODQwOTcxODMzMzk2XzEqBDUwNjk6CDUyMTAzNzk4wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AShu_2dAYgFAZgFAKAFt4rz5rve0o5mwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF5Zod-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgHxNcF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=8fdf1a2ee5a36deb7f665b77a835cdd0aeba32c0&type=pv&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e45b796d-9933-4c8e-b0d2-71101afbd681
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 0DAF 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhCNncTk2NXE3HQYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQyLi4lwFYk8KLAWAAaLTYsAF45u0FgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTisvK2hjUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU4NDEwNzc0MzE1Njg4MDcwNzk3XzEqBDUwNjk6CDUwMjQxNTAzwAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATIuLiXAYgFAZgFAKAFvN6i59Wlh_QQwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFoeBI-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH5u0F0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=fae0f8cf938243888e726cbe36eb705eca9b0148&type=pv&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ee0c8d0e-4556-4de1-ba30-c03ee131c66f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 79F0 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKBPBMSgIAAAMA1gAFAQiYgauUBhCF4_-Ypae03AwYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF42tkFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMmGhQ5MTY3MTI1NzI2MDI4MDY2NjFfMSoENTA2OToINTM1MjE1OTTAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAXZi_KIoL_itw_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAfa2QXSBw0JAAAAABE4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=4bc4cc3e1ffcaf7803b6c49f5685a0b0ef1eaf5e&type=pv&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2134498d-a49a-4a9f-825a-d7fd31125bc2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame A9FF 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKRC_DtkQUAAAMA1gAFAQiYgauUBhCe7ZaV56PV7j8YrvStjd38oPoRKjYJ3MUkpAUHzD8RvqKeH2v4wz8ZAAAAYI_C5T8hTL8Honz3yz8p5E7pYP2f0z8xAAAAoJmZqT8wy4ipCjiYUECnHEgCUPmOyqgBWJPCiwFgAGi02LABePLVBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgNTYzNDYwOSwgMTY1MzI2MDQ0MCk7dWYoJ2knLCA2NDMxMTc2LCAxNjUzMjYwNDQwKQUdLGcnLCAxNjA4MTExNgEKADUyHgAwcycsIDI3MjM2NzU5MkYfABRyJywgMzUBAgg4NjU2HwDwsJICsQQhQjI4XzN3aktxSjhZRVBtT3lxZ0JHQUFnazhLTEFUQUFPQUJBQUVpbkhGRExpS2tLV0FCZzdnTm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBZFpTMkxDbmw5SV93UUZ2UjhuWEJLRFRQOGtCQUFBQUFBQUE4RF9aQWFsTm5OenZVTzRfNEFISXc0Z0Q5UUVBQU1BX21BSUFvQUlCdFFJQQEzCHZRSQEH2EF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ1BXZGx5QVFDeGdDTFEBO_BDQzZBd2xHVWtFeE9qUTBNemJnQTdBdWdBU2RzNFlIaUFTZzBxd0lrQVFCbUFRQnNnUUtDSTNZb0E0UXBPU1JEY0VFQUEBSAEBCERKQgEHDQEYMkFRQThRUQ0OiEFBQUlnRjFDS1lCZWpfNzRFQnFRV3BUWnpjNzFEdVA3RUZBASQFAQhEQkIRNxRQZ195UVUBFhhnTk1ySVA5MigAAFoZKMBBXzRBWEk3d0h3QmR6QjFRZjRCYkgwMXdLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAVQAQQFgIHFBWUVzZ1lrQxF0DEFBQUUdDABHHQwASR0MOHVBWUuaApkBIWxCVnktUTo1AixKUENpd0VnQUNnQU0RNRBQZ19PZy5tAUhaQXNDNUpxVTJjM085UTdqOVJBFQEEQloVCwhBQmgdDABwHQwAeB0MDDRBSWs1gPDeOEQ4LtgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzYyMyNGUkExOjQ0MzbaBAIIAeAEAfAE-Y7KqAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAUObNgFAeAFAfAFhh76BQQIABAAkAYAmAYAuAYAwQYFISwA8D_QBpgO2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi9BkAAyAfy1QXSBw0JEToBOAjaBwYJJ0TgBwDqBwIIAPAHx9wBiggCEAA.&s=9ec4c142b94a3b3ffe483688711d23764de27f2f&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~6&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0301f436-3033-4c50-a027-4fc607487d11
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 6E16 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QKRC_DtkQUAAAMA1gAFAQiYgauUBhCPiavf3LzB3TsYrvStjd38oPoRKjYJ3MUkpAUHzD8RvqKeH2v4wz8ZAAAAYI_C5T8hTL8Honz3yz8p5E7pYP2f0z8xAAAAoJmZqT8wy4ipCjiYUECnHEgCUPmOyqgBWJPCiwFgAGi02LABeOLXBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgNTYzNDYwOSwgMTY1MzI2MDQ0MCk7dWYoJ2knLCA2NDMxMTc2LCAxNjUzMjYwNDQwKQUdLGcnLCAxNjA4MTExNgEKADUyHgAwcycsIDI3MjM2NzU5MkYfABRyJywgMzUBAgg4NjU2HwDwsJICsQQhOTI1MjFRaktxSjhZRVBtT3lxZ0JHQUFnazhLTEFUQUFPQUJBQUVpbkhGRExpS2tLV0FCZzdnTm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBZFpTMkxDbmw5SV93UUZ2UjhuWEJLRFRQOGtCQUFBQUFBQUE4RF9aQWFsTm5OenZVTzRfNEFISXc0Z0Q5UUVBQU1BX21BSUFvQUlCdFFJQQEzCHZRSQEH2EF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ1BXZGx5QVFDeGdDTFEBO_BDQzZBd2xHVWtFeE9qVXpNRG5nQTdBdWdBU2RzNFlIaUFTZzBxd0lrQVFCbUFRQnNnUUtDSTNZb0E0UXBPU1JEY0VFQUEBSAEBCERKQgEHDQEYMkFRQThRUQ0OiEFBQUlnRnZTbVlCZWpfNzRFQnFRV3BUWnpjNzFEdVA3RUZBASQFAQhEQkIRNxRQZ195UVUBFhhnTk1ySVA5MigAAFoZKMBBXzRBWEk3d0h3QmR6QjFRZjRCYkgwMXdLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAVQAQQFgIHFBWUVzZ1lrQxF0DEFBQUUdDABHHQwASR0MNHVBWUuaApkBIWxCVnctPjUCLEpQQ2l3RWdBQ2dBTRE1EFBnX09nLm0BSGxBc0M1SnFVMmMzTzlRN2o5UkEVAQRCWhULCEFCaB0MAHAdDAB4HQwMNEFJazWA8N44RDgu2AIA4AKbhU7qAh1odHRwczovL3VhLmtvcnJlc3BvbmRlbnQubmV0L4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_f-LuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4yMTcuMTE0LjIxOC4xOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zNjIzI0ZSQTE6NTMwOdoEAggB4AQB8AT5jsqoAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAABQ5s2AUB4AUB8AWGHvoFBAgAEACQBgCYBgC4BgDBBgUhLADwP9AGmA7aBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOL0GQADIB-LXBdIHDQkROgE4CNoHBgknROAHAOoHAggA8AfH3AGKCAIQAA..&s=6125cacd3df67117f24acf06ebbb3e5a9c389aa4&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~6&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d74e9162-191f-4c7c-869c-81e9b18b3414
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
viewability
hal900019.redintelligence.net/ Frame CC98 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900019.redintelligence.net/viewability?s=34328800004871200951425011968019&a=45eec72f&vb=v
Requested by
Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=34328800004871200951425011968019&a=ef4e2eeb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900019.redintelligence.net/request_content.php?s=34328800004871200951425011968019&a=ef4e2eeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sid
mug.criteo.com/ Frame B685
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=korrespondent.net&sn=ChromeSyncframe&so=3&topUrl=ua.korrespondent.net&bundle=NzAdA190YVFpSHpFMGM1MGV4ZGFkWWtSN1AlMkJtSm5zVzhBdGhBJTJGOE45T...
  • https://mug.criteo.com/sid?cpp=Ysha6Hw0cVJsc01pUUJsdjdFcjlCM0dqK00yREQ1TmJNWWk1V2Jnc2k4YXZZT1dZVW04MDg0NE1nN0h5bkUzY1ZLd2g5ZEp6NWRnTVA4SE4rbXJraEZESCswTGgzUk4yNjIwMEZyMjVPa2VuNnl6QnIzemtaVk1LU2tOUk...
454 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Ysha6Hw0cVJsc01pUUJsdjdFcjlCM0dqK00yREQ1TmJNWWk1V2Jnc2k4YXZZT1dZVW04MDg0NE1nN0h5bkUzY1ZLd2g5ZEp6NWRnTVA4SE4rbXJraEZESCswTGgzUk4yNjIwMEZyMjVPa2VuNnl6QnIzemtaVk1LU2tOUkRidmVzVE1McUdEMG5FRWJZR2x5TklTN0F3bGRLWXNpbzF5OUZMWTZSZ3RLSkY3SWdkYWVNbW9GaStZMWdVVDgwR0hkWmIxMXZUQUVQMGI2MUJmZGkvNGZnUjFBM055ZmV5RWxXMFVWa2s0aVVLZjBkcmVaTytqNEp4aWY3alorRjJtWHlOVXFCMnJMbHozRHpQd1VvdndmMGJkdHNOZzRMWXFEVjduSmlEN1lSV2JJZmMvOD18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
b006c68a8961da4424676dc338f9c27c71212096f5c46be686bcfdb5dcdc2753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3779
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=Ysha6Hw0cVJsc01pUUJsdjdFcjlCM0dqK00yREQ1TmJNWWk1V2Jnc2k4YXZZT1dZVW04MDg0NE1nN0h5bkUzY1ZLd2g5ZEp6NWRnTVA4SE4rbXJraEZESCswTGgzUk4yNjIwMEZyMjVPa2VuNnl6QnIzemtaVk1LU2tOUkRidmVzVE1McUdEMG5FRWJZR2x5TklTN0F3bGRLWXNpbzF5OUZMWTZSZ3RLSkY3SWdkYWVNbW9GaStZMWdVVDgwR0hkWmIxMXZUQUVQMGI2MUJmZGkvNGZnUjFBM055ZmV5RWxXMFVWa2s0aVVLZjBkcmVaTytqNEp4aWY3alorRjJtWHlOVXFCMnJMbHozRHpQd1VvdndmMGJkdHNOZzRMWXFEVjduSmlEN1lSV2JJZmMvOD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1381
content-length
567
expires
0
vevent
fra1-ib.adnxs.com/ Frame 7D32 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLRCvBMUQUAAAMA1gAFAQiYgauUBhD3yuvLp-WQjWkYrvStjd38oPoRKjYJ203wTdNnuz8R_x6yBPZxtj8ZAAAAYI_C5T8h_x6yBPZxtj8p200JJPTiATEAAACgmZmpPzDLiKkKOJhQQB1ICFCW2qiGAViTwosBYABotNiwAXis1wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC-AAwCIAwGQAwCYAxegAwGqA7MGCuoFaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUWHBOZUZwVVVURlBWMGwwVG0xT2ExbHBNRE5hUkVrMFRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpFMk56a3hORFV4TWpjM016RTRORFk1Tmpndk5qWXlNak01TlM4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVRE5tWm0weU1qSk5lVjl6VldWWFRrdDJMWEJHTW1jdk1TOHhNeTh3THpBdk9UVTJPREF6THpNMk5EZ3hPREk0TURNdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWBHUTE13ZDAxRVFYZE1WRUYzVFVSQmRFBRA6MAAQY3ZNQzgFfAkIDEUyTnpW_ACoWVcxekx6QXZOekl5THpRdk9UazVMek15TWk4eU1UY3VNVEUwTGpJeE9DNAFQFHVNREF3TAFQ8IZUTXlOakEwTkRBdk1UWTFNekkzTXpBME1DOHhNeTh4TURJMk5DOC9xcFZSbzFWY2tGSTdCUmFFTlNjNjYxUGNEbFEmbm9kZWlkPTE2MDYmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD0xNjc5MTQ1MTI3NzMxODQ2OTY4JnNoYXJka2V5PTE2NzkxNDUyHQDwi3ByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9iYWhhZmQmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzMy4yMjAmc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTUmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITMTY3OTE0NTEyNzczMTg0Aa7wlRoTNzU3MzQzOTU3MzA4MjY5NTAzMSIJMjgxNjg1MjcwKgYxMDE5MzY6BzY2MjIzOTXAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIUaWIgFAZgFAKAFkOyJ-Jn2g6g4wAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWL60v6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Ab5qwHaBhYKEAkSGQGAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGNjUxODcxugcPAVJIGAAgADAAOL0GQADIB6zXBdIHDRWAAUEI2gcGCSdE4AcA6gcCCADwB8fcAYoIAhAA&s=598273e6af015303a7c0fe2c13bbe8b4b4b8d85d&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2624e2a2-980e-42b9-9456-53b6fa0b89ee
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 164D 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLQCvBMUAUAAAMA1gAFAQiYgauUBhDl0Iyv6reprkMYrvStjd38oPoRKjYJ203wTdNnuz8R_x6yBPZxtj8ZAAAAYI_C5T8h_x6yBPZxtj8p200JJPTiATEAAACgmZmpPzDLiKkKOJhQQB1ICFCW2qiGAViTwosBYABotNiwAXjA2wSAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIdaHR0cHM6Ly91YS5rb3JyZXNwb25kZW50Lm5ldC-AAwCIAwGQAwCYAxegAwGqA7IGCukFaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUWHBOZUZwVVVURlBWMGwwVG0xT2ExbHBNRE5hUkVrMFRGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpJNE16SXdOalkyTWpreE1UYzBOakExTnpJdk5qWXlNak01TlM4ME5UWXlNekV5THpFekwxQmxiWHBSUVdGU00wSTFkVkpHUkVGdVlqTktVSGhITFVOWlIxOXliRk5tTUdwSVUwWmpWaTFFUVhjdk1TOHhNeTh3THpBdk9UVTJPREF6THpNMk5EZ3hPREk0TURNdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWBHUDE13ZDABYCxkTVZFRjNUVVJCZEUFEDowABBjdk1DOAV8CQgMSTRNelb8AKhZVzF6THpBdk56SXlMelF2T1RrNUx6TXlNaTh5TVRjdU1URTBMakl4T0M0AVD0IAF1TURBd0x6RTJOVE15TmpBME5EQXZNVFkxTXpJM016QTBNQzh4TXk4eE1ESTJOQzgvVnR1UkZtRU9JdEN6eTd2UEYyNzB2VW1kYWRrJm5vZGVpZD0xNjA2Jmdyb3VwPWNkZyZhdWN0aW9uaWQ9MjgzMjA2NjYyOTExNzQ2MDU3MiZzaGFyZGtleT0yODMyMDY2NjI5MTE3NDYwNTcyJnByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9iYWhhZmQmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzMi42NyZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5NSZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhMyODMyMDY2LpAA8JUaEzQ4NTM5MzY3MzY2NDQwNDg5OTciCTI4MTY4NTI3MCoGMTAxOTM2Ogc2NjIyMzk1wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASFGViIBQGYBQCgBYDAttnokra_KcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBgBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwFSSBgAIAAwADi9BkAAyAfA2wTSBw0VgAFBCNoHBgknROAHAOoHAggA8AfH3AGKCAIQAA..&s=38a58229f6952baa6ebc30c1895f7d5e39d6a96f&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
06865db8-ee24-4073-aa75-6ed944f20439
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame F294 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhDs_e7RxbP6rkYYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ_MXkogFYk8KLAWAAaLTYsAF49tcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDS0RibGhrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU1MDcwNDY1NjEzMjI3MDgxNDUyXzEqBDUwNjk6CDUyODAwOTI4wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AT8xeSiAYgFAZgFAKAF1NiYiYWVxvQwwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF8OhL-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH9tcF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=2063612200567320aa104c9608ceb727c77107f2&type=pv&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
edb07655-432d-409e-9feb-cbb1968e9fb4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/serving/unload/ Frame 8390 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@53521594,2865620393851455242,100|1080|0|0|0|0|0|0|0||42|1|1325|528866325019606390_8976528965895423848_1|||1|0|0|Fp2ghCKpgKG48M5tcwHHbTGGMl70FBi5R3LAP5NE2liWfS6SKYcG0xhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 8390 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=53521594&event=178&time=2&baid=51855161&name=Viewable%20impressions&imprid=2865620393851455242&icid=240036737613266497&eData=bM9FFc1ZPW-t9_bJ0JDjRXh9ErTV8WMWYaJU2uM20NlbFu6xLmqkgv5U47ylXTzfA-xGhESPrs4au94oJsHc8Q2&rtbdata=8mSC5h_-q6zXde5AyVazm75WrmxVILjF8CcVZ_bPoSyRqElUk-zI6z3MIOAm_xzU-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VTYpHDtss2kxrLNhql8glOlRvcyWI0NpSCRj8gMOF0Ub8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6JnvBeZLG4PiSw2&rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0&rnd=241285482
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
/
track.adform.net/serving/unload/ Frame F294 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@52800928,1265322514363346308,100|1049|0|0|0|0|0|0|0||41|1|1325|3524375294589152340_5070465613227081452_1|||1|0|0|obusSdCR-jW48M5tcwHHbTGGMl70FBi5R3LAP5NE2lijrRaNYQGuExhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame F294 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=52800928&event=178&time=2&baid=51196863&name=Viewable%20impressions&imprid=1265322514363346308&icid=240036737613266497&eData=SABfGrH7kad_9xCJePhHqHh9ErTV8WMWYaJU2uM20NlbFu6xLmqkgp_U0FoEjW52A-xGhESPrs4au94oJsHc8Q2&rtbdata=FpT2qF0gKLPLXoyrXBP72S_JN09doPHqY6qzdRVL539STeovYnE_cH_8UXzC0AAwz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYsjA--o6CMZNzjZnCmAeodcwcmrnF5tsDMZG9T1HHliqmMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPXWaUjPx3SqVw2&rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0&rnd=376091105
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame CD32 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
54361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 07:54:42 GMT
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame A97C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
54361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 07:54:42 GMT
viewability
hal90008.redintelligence.net/ Frame 87B5 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=39170100004831600951425011968008&a=728c6fa4&vb=v
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=39170100004831600951425011968008&a=847191ee
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=39170100004831600951425011968008&a=847191ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
track.adform.net/serving/unload/ Frame 0DAF 		35 B
458 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@50241503,6536340079680725062,100|1128|0|0|0|0|0|0|0||44|1|1325|1218255779873206076_8410774315688070797_1|||1|0|0|QjOe1KQ5vWO48M5tcwHHbTGGMl70FBi5R3LAP5NE2lhTAqBt56Tw8RhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 0DAF 		35 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=50241503&event=178&time=2&baid=48780236&name=Viewable%20impressions&imprid=6536340079680725062&icid=240036737613266497&eData=Cq-FUFqy2geM9hC6-631YXfQEB2YCfEwYaJU2uM20NlbFu6xLmqkgnSe8dFSIV1PA-xGhESPrs4au94oJsHc8Q2&rtbdata=1tf6k0Ya10YUVb8qcr5eTRpRm-OKKJAlCzhuOEFJ32jxoPKqTrTuPFNA2bM6BGhBz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYs0QDieQ5c1tzjZnCmAeodcwcmrnF5tsDEkseoNKdIb1mMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPUGP12Pw95Qog2&rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0&rnd=180884866
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
pagead2.googlesyndication.com/bg/ Frame 8289 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 06:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
60633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13723
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 06:10:10 GMT
/
track.adform.net/serving/unload/ Frame 96A4 		35 B
458 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@52103798,7412985473753105656,100|1151|0|0|0|0|0|0|0||45|1|1325|7358119776899351863_2312141840971833396_1|||1|0|0|EjH13V_cA2C48M5tcwHHbTGGMl70FBi5R3LAP5NE2lh4iAojo_OU1BhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 96A4 		35 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=52103798&event=178&time=2&baid=50510754&name=Viewable%20impressions&imprid=7412985473753105656&icid=240036737613266497&eData=lkwEiV1sCFW_R_pKJZMC1Xh9ErTV8WMWYaJU2uM20NlbFu6xLmqkgkLIkA_aqQ7dA-xGhESPrs4au94oJsHc8Q2&rtbdata=0zR12OOaQZf_J8Nee3Ik0K-gFKZ0Tjio6amDyZHvHcD6yDEcFSNB_J1TY3zzkuNtz0A0aZkd1qhIz9aDK4iqqXTz2qGKv1T9sOx-dvd3r-TtPH94GYACq0ME4zo_6j-WzGgTU3xpeDRFClG8npvvYsjA--o6CMZNzjZnCmAeodcwcmrnF5tsDFG8eGMMwMrlmMBu9CjOhYqAda0krhkQrCYfKdpWiWx9-e5KTJQeSPXWaUjPx3SqVw2&rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0&rnd=835427725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
vevent
fra1-ib.adnxs.com/ Frame EC4A 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLKBPBMSgIAAAMA1gAFAQiYgauUBhDZn9_8sM-owgQYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQ2reTpAFYk8KLAWAAaLTYsAF4q9YFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDTHJad2hrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMmGhQzMjU1NjM3MjI1MDM4MDI4NDFfMSoENTA2OToINTM1MjE1OTTAA6wCyAMA2AP3_i7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMTmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBNq3k6QBiAUBmAUAoAWsxq654KC48zHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW_zEP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi9BkAAyAer1gXSBw0JAAAAABE4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=d5eee16880e8f0697bf53bfc9adc7be38c8bc2fe&type=pv&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=0.65&sid=8923275071822777979&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ace7fc79-fdc1-4c2d-8536-2d049c24d42e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/serving/unload/ Frame EC4A 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@53521594,6148204708068032595,65|1026|0|0|0|0|0|0|0||26|1|1325|3595808768508273452_325563722503802841_1|||1|0|0|Fp2ghCKpgKG48M5tcwHHbTGGMl70FBi5R3LAP5NE2liCJUu-QJLlDRhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame EC4A 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=53521594&event=178&time=2&baid=51855161&name=Viewable%20impressions&imprid=6148204708068032595&icid=240036737613266497&eData=LJejkvBkWn6t9_bJ0JDjRXh9ErTV8WMWYaJU2uM20NlbFu6xLmqkgjgFgmTyU4gkA-xGhESPrs4au94oJsHc8Q2&rtbdata=hH51GcFAzLIO8c1TnLtm2fsKUHjc1OTeT8hU9abO35SvgOFx2uLuSNHYlT431gDp-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VeC858dszKAbrLNhql8glOlRvcyWI0NpSPNR4TyrQSEC8TvLgxAJSYgVZhku1euOvoW8zpnzZzcbIg6RKQIU6Jl6KHLXtwwDKw2&rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0&rnd=592724707
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
pagead2.googlesyndication.com/bg/ Frame 1973 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 06:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
60633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13723
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 06:10:10 GMT
vevent
fra1-ib.adnxs.com/ Frame D807 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fua.korrespondent.net%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQiYgauUBhDZ74WsmqqWh0MYrvStjd38oPoRKjYJKFzUBn-Tqj8RbskSOhDEpT8ZAAAAYI_C5T8hbskSOhDEpT8pKFwJJPTTATEAAACgmZmpPzDLiKkKOJhQQPYISFtQgZbmogFYk8KLAWAAaLTYsAF4_9YFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDT2VrblJrUXJRbz3YAgDgApuFTuoCHWh0dHBzOi8vdWEua29ycmVzcG9uZGVudC5uZXQvgAMAiAMBkAMAmAMXoAMBqgMnGhU0ODMxODk3NjU3NDE5MDY5NDAxXzEqBDUwNjk6CDUyOTA4NjQ3wAOsAsgDANgD9_4u4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjE5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASBluaiAYgFAZgFAKAFivPu1-jUyosMwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF5Zod-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq7yAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4vQZAAMgH_9YF0gcNCQAAABU4aNoHBggAEAAYAOAHAOoHAggA8AfH3AGKCAIQAA..&s=301319449a585f8d3c09e7642a85afa0170a3354&type=pv&jm=1003|1018|1008|187&px=0&py=0&bw=300&bh=250&sf=1&sid=8923275071822777979&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21644363&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:43 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
76aae546-1d23-420a-89fd-ecd2513d4f30
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8321 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051801&jk=3061212359890436&bg=!GxilGFzNAAZ4vKt9WLw7ACkAdvg8WvoyL9GrG_BaoxRZ75z_Es8xt49ktPq-aSmb6ms80UwVaYknOgIAAAOjUgAAAAJoAQeZAyfQ3CaevNJk76GelECZv6ZtFv7AVC2rHNl3FEebi3BpERuzJTwpvbjKxRIOapubSNrFFXK0I8ugHfH2POPgGm6tPcwDM0u5ml6Z-XU_a4r-zH8gD8msYSK9JdcoWOAPMRmw7LUAzXclHBNtczi-pbCg4Omrx0uW8V4B1EiU833H5ZpkYhO19RRa2rprmJviV9oIp71yG-Yur1eZGDFhLbylRL6ReFVwZKHYvqU6Y445kvONxGr72JUeHzPrajIv7-DUxcnC9DqJHCeGoC3YSlQ5HZsDHLXERa-uSsItD1oL-o9RLMJaufUz1lslv4VoJQSMG5Mi_FelZqTzedWb8pIuNNchyZYw68yFO1i6JrlTAtZBf5tfGBIPHmELrfytuqJfpDSpedyD5D01m1OqAZsXGNqgt0wtLizSrKzorWupVty0X4tMbTmAmcbK71IHF78gMlpT6U-6CMThosw2HO_WhCjzPDw3TYm-h65NozjP2IujGEcBVry5Dt8guIjaTJZh3S0HsrJOCfAN_LBPQNp1gJ4ssK2FrFd1Vx38CWn-1t4Q76tMgHP9rw-UoigRPuF3iydOhr7fPdzR6pDP2dOADD5sjcO5pdDzUwyT_vBz976SyixHqHlz1VfU0FdQR9s9gehL6Ximz0uYcg5hLWXhn7tWlyz2toMhAKVMBM6mNZCR9XjrpEspr9981vPTAMKu-M6zOFuP9rQZLHjSY8ervLaJvNETRXb0ZlJUrQRI1DTy3975a6VEeaD15iEFttyJtvcjppESlP3TOzfpS-z6nD1KHC6Uihpph4u-J3xd-WT0GZ0UMMjZxwTJy_tbPXdoqgUWoNlfRuzGAlK33RKDTPoqiS3ANXpv3b9Tg3IexwwaPr87csRHjKWSTevPiOBGA8UJ7qEsmdg6Vmmma8PMftAlnvW-OymdhRSTvX75t_wuUaj4QA6j7kiI8vlJbO716PmAws_15PlJwNt_TUsB_zTUoniSD8d2XpXXcaxrkPNaUVGEjR83Gnagbtknzyz0BgsgZHslWn2xMZF2rkbZEIZn3ydClnMym4p07RPMWc1ZK1LVL4w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ua.korrespondent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E86 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8cnQmcCKYuKpDNyBx_AP_8eJ2AcAAAAAOAHgBAI&bg=!bm2lbSnNAAZ4vKt9WLw7ACkAdvg8WlBR_5V7jL2ujwB9ZiDv7X_TsusDnbWybslsIKyuoz_p4msr_QIAAALmUgAAAAJoAQeZA3PyYuU4Pffu6FS8WeFzSPLZthyZT2zB1wMaflzVhSm-1WW-ZUmi3tR9N7DQPoVESHfwrQjEI2ejnzTOWs5ydQXx2dcnJZ9ZqiR-KK-FdtI0VF0I8PpgdFAItgdpAy4jxqK-b_nUN917M2VnUilMx4Jco_tB4gpiNoU7xG6feDIpi533RAGxwiYgUmUU5y9bCfM9xD1yd3qGZKdSFwb_mDPEYwaayyYTKc7-HgysdnelvO4CUbM5QdNheXSmw_gS82eDeknKhnkt9WNN5eXFXwUUlgpng23XBOy6zr4CTaP4KA24uZ-JZRA18CDvcqrvLWYZuHW1b4Z9eW9KQKZnEk7TPmAMMSPUW6aBj6z3v0TkTA3WaBk_X9GUmbdxAnFrHCwpPuz693ajYV96L-508FGCBdwb5qWfqWxzphu2a7ICj3L2vSft_M2xh964dd5OrYFUAtWNBA5PfE6PXWyEDvNUpLqaN50q82GIfI6GtE2TwH77-anKn6mGv40W_MPMcCDBvCCHufjh-2_EeBfstKbMArgzADZW1SnSN7HBEpr4y1jOGXgaKv6Obf2AYBz12KieiyOtsvi-gTJCXwKvXaCHpDm2vJ-e5E5-Owg3uD2Y-huDHaO9jWBEDyICgrUolmD0h8cVmd0rtSzFv52IAswyIxijMb5FCS1ENSQKcCi1KrVldzuU5_e20kYswLLVr6pk2iplROEfTed7gZMMWPsgIxgwYr80bM5mb5L4_weCSP9ZTHWo85gE3PhZToCBDKLokQU0iqGJeqdz0ZBJHym_eohp-0-f-xdy1hoN3Y-MUo3nWPu48vftuk6YsQYBxj0DeaLeCouAcJnXgVPg0vgeBJqOAYnsftslgpvsFZS85mEFLdj8c8ixGjcmgLXXRJ4hJ4dt8LHpHNtf-BeILthKt3Bcv5eusK_bnl5v3_Y-gcoYR-xsA5Ez7xu5bwbchJ46F1i04dqTI_aYFQKAmH-sOKBIEFHMieOb8Eu_vBA-wAPbfYAOAIUGAJ6RrBkYOfVwcp3GqaqO9X1-wwIgBtt22jcjKvlcdnj_px-gnr5rg5QVeNpV0B0kDqZBVW9upo1b5rI-XZpiwG4VT_lMRR4j-QiKeBrFRjaf6FxJRyjnUfiRf6OKav1n2zS99JmCtVxNH_LkpkSD7ZwuYIEEFW_TP5pZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame D807 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@52908647,2157642877135979921,100|1018|0|0|0|0|0|0|0||40|1|1325|871211947704170890_4831897657419069401_1|||1|0|0|emzVTVFgKuW48M5tcwHHbTGGMl70FBi5R3LAP5NE2lhCEy2XkaDAchhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame D807 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=52908647&event=178&time=3&baid=51304471&name=Viewable%20impressions&imprid=2157642877135979921&icid=240036737613266497&eData=0XeE_q_Xw1GK86D99lQPhHh9ErTV8WMWYaJU2uM20NlbFu6xLmqkgjYERX4NIy_AA-xGhESPrs4au94oJsHc8Q2&rtbdata=hFCP7GIZRCYWqmc1wuuLAzywT2R6NdZP3hemrI7_crtPBv_L_tb_VgbkatejBLlA-qShDIMESfzWI9yb3FQUfO15H4EZLlevJ65f4-PM3tfnV4dP3MaOujOd1AOnRR_2-eaXnSfCcyho2szisFf_VdAurXyyupQ-rLNhql8glOlRvcyWI0NpSNTxen2v6cf08TvLgxAJSYgVZhku1euOvoW8zpnzZzcbkjcLyrxkJyt6KHLXtwwDKw2&rtbwp=0.051907-Qg8wzzrOJZe2IdL_tAoTCsHGX0PNHtZq0&rnd=120527377
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
usync.html
eus.rubiconproject.com/ Frame 17B4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0925 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 844548
X-Served-By
cache-lga21957-LGA, cache-hhn4078-HHN
X-Timer
S1653260444.026781,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame E85E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame E120 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
pd
u.openx.net/w/1.0/ Frame 4E7D 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1B0E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 814394
X-Served-By
cache-lga21957-LGA, cache-hhn4081-HHN
X-Timer
S1653260444.047676,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 3609 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame C229 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 4423 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 5C31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7EB5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 844549
X-Served-By
cache-lga21957-LGA, cache-hhn4078-HHN
X-Timer
S1653260444.056724,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 98CA 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame A7A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
usync.html
eus.rubiconproject.com/ Frame 58D4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 364C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame CD9B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
ixmatch.html
js-sec.indexww.com/um/ Frame 5E5E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 11F5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 814395
X-Served-By
cache-lga21957-LGA, cache-hhn4081-HHN
X-Timer
S1653260444.073362,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 5A82 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame B75F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame E073 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
ixmatch.html
js-sec.indexww.com/um/ Frame 0E94 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 11C9 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 8BD9 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 046F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 814396
X-Served-By
cache-lga21957-LGA, cache-hhn4081-HHN
X-Timer
S1653260444.103934,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame D9C6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame E3BF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
usync.html
eus.rubiconproject.com/ Frame C9A2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9832 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 814397
X-Served-By
cache-lga21957-LGA, cache-hhn4081-HHN
X-Timer
S1653260444.143796,VS0,VE0
pd
u.openx.net/w/1.0/ Frame FBF7 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame B3D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
ixmatch.html
js-sec.indexww.com/um/ Frame 4951 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 028F 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7F42 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 814398
X-Served-By
cache-lga21957-LGA, cache-hhn4081-HHN
X-Timer
S1653260444.169504,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 5F4C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 2C12 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame BED1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 844551
X-Served-By
cache-lga21957-LGA, cache-hhn4078-HHN
X-Timer
S1653260444.178191,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame BDC5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame DC3B 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 5806 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 4952 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 6E4C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame DE9F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 812792
X-Served-By
cache-lga21957-LGA, cache-hhn4028-HHN
X-Timer
S1653260444.187106,VS0,VE0
beacon
ap.lijit.com/ Frame 79B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
usync.html
eus.rubiconproject.com/ Frame 1AA6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame B9C8 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6YwMmcCKYr7eOpKU3gP35oAoAAAAADgB4AQC&bg=!rK-lr-vNAAZ4vKt9WLw7ACkAdvg8WvDp6W8a1WiaLsfFopWx_43JPv4q2EP5cKGG8b0zWlKsF8T3RAIAAAKwUgAAAANoAQcKAEHlzu86vqt_dJV9jcNEnlQtxZsW28aaeAEFXxGamrU43mGdx6Ilkz2JhSsTzHB62c6c2CNQSwYLScdAw4NLcGRFg5kC_HsaW8RwScuslDvXFhv3aZygvDkzD2bjCGBibjruvcdqo4B_jyQ3nnOIbTlHEhaKUXTXzknh1X1FIlBQWGLYoHHJk8IOnMzyp6_2LHK9wivFEDrYTZIENC6WiTwzQK8-vI2OZ7aXNQq-M4q0VKlF26t_rSa3UvXpbVyuqfneh1C76MpbUtRBsJ5WgQBAkkW7KjiUtNbARkht7bZo5fFwu8pwv3o4Iqyr4A2sbo-B6LLXrZP-OJMcSqP1gzZKPwBBkHjz0rRGXbqO6Me6nZWG5Znct-JX2ipY6Z31LzlpNmTxHXPgbRrOiFrPsyKxUkyw2h9xFZzh347PdztcZxNZEAKc1cfLWFergMWelqyXZUrliiagVZdLHiI_yUP0ZWC3aSdC1JJE2Q8NoucFh1jqaMrx8SafF24iO3xUd2hhiLNGH6ybCQR8XRk-IGOGl5_4VJvc2IJQHFhWXG7lgbP4wJappgLB1eldDUipHNdQR7uEa_FEapFmzmulBSTWDuMS0Hv_DxKI0dldj2i7BfRAE518l8RvYKopHa6YoHf4wQXP0JiZ4Kvd0mgN0q8Rxxo6hnyBNFO3m_fvqNNrcJVsDj-Hz8qV6Er1O42_WdnLU5hTh6WjauI6bc7oi9FEsNSRpFq0st17D2fohb57JNiTRq4Y5ydCld-dCFh-hN1iZdMwU7B2Q_VRS5bDvpwvC8vFyvx-aCkYRGz5SxO7VbDLC9VKSDlR9gTsn9PGiD9A2YDvSi7ii6ZHmOGt5SXCUYOhLt5hfTEwFW-ejzLwrvFmF_TS7LB040VsOxu1uQkn9CK-il6IHNvCsKTzXxPkQ_SPZwjn8MT2oz3nrmTx0ss6TWQ1aUXzwQQxFId9yxEZbpfSzrRzskrEI-feAErFMAUdyauU9xsu2ON6obQAKwrjaZ_w7El_-T2hRVzKK-h2Lg83Js1d43jdepQ1Lw166jmJXDgI8Du0OdeeEkQjgOHJKbWeoT76dP0XbW_4hiCOvKa7na3CEy_iocEYsQUe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C63B 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BflmKmcCKYr7mOpXP7_UP4va2wA0AAAAAOAHgBAI&bg=!zs2lzYnNAAZ4vKt9WLw7ACkAdvg8Wg4xK1b4TWKRZG6G9dX8JkiH30ICq9Mi6c4sqi4FLoYjNcfF3wIAAAKSUgAAAAtoAQeZAvAgzbi5pnVhlOb4BG5m4iNCEnUxBaukD2ZqBAJq8ZjS1JI58ECphzUOJsgT_y_vYvEZ-JeLO7v9qtL1S5WbxKJJyre2t6JPcnYgOubs1oBgXWIZK7FfwRkNzPrXiXjjmboNs15i1BfMplPd0wRRlgVHHXeoP-NopGQVp58SraonlFh-ZdQJboLBQjc9a_wBFZTPVwGpwZ7eMGgd2hKT3gGh18U02YfwMqNi3Z6-PtPdpaPOrJ0rDJkrLkqUneOI7l9XG0RLABQ2arX_-3O51qx-h52d0zyT0ETAA_QXkvcWvNeXX42YAgDN049RqeqdZJCyCrJI3dFU3uJVgJuyh_VknzXeGoJOoM8LHhJ9OaEUFwuA6EWXwbYYr2TMSbRLUqcVmwFYQXmMKKHNeafZMh7mUY0PJhFVcsbEyeUeXO9mBE9UFfHWbqlbhK4C5unVPridM_jKKYKJ2iklo8JI-UIAFwTytQopU2dyhj3wnkYlROaWp5MZIAT9vPki6cOlzyTqPqov0lFDGnQoL9RXA6RK-MuHhUqzmu1oAXXXGvCYbquUOmFN_KFY29EoQeFBRyBDP2r45R-7lIQxAmzOs_BYMCK1l6t41G4s8gsZT584GaVpFi3ldLKn4x2ZuFfvAFO5fZw506A0Lsmr-U1_rfEY0H-1BpPEvtfpSXnEftuHb0SaUZjERpP7xmzQ1cEVlPX-bemv6_MFxrx6tHBflhKV0bD_1_e9XzWBzjhYXF9SRPRhjrc-2rneKU5ItPz92dzFtXykhgqAfwRpYe9XVOfg2c2PMLf4blSoUjp-OQZxN5wJHnqHJLd6rYlwQzsaDIvog8sGj9-yvdN0C9dTVogXIDBquEnlC83vXWgBGFgFfnF6byqdgqBLwMWnIu0riWY5862ObQbFzzjN_GdXYWwWv7UHI3vyH3aAqeHFPeODOL3FHk0dA7ObzZZ0RsSpN681mYAGTr-Awzj4ELYVCLD1y-7Jq57e6HmJSB7LRQQKlg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame F4DA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 5B49 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
pd
u.openx.net/w/1.0/ Frame B21C 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 99EF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 812793
X-Served-By
cache-lga21957-LGA, cache-hhn4028-HHN
X-Timer
S1653260444.321946,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 5AD9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 08D0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 844552
X-Served-By
cache-lga21957-LGA, cache-hhn4078-HHN
X-Timer
S1653260444.316782,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 92AC 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame BE48 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
usync.html
eus.rubiconproject.com/ Frame 9D53 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 5981 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E82C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 814400
X-Served-By
cache-lga21957-LGA, cache-hhn4081-HHN
X-Timer
S1653260444.330101,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 0DE0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 8713 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
ixmatch.html
js-sec.indexww.com/um/ Frame 996B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 4D1C 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 81FF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 814401
X-Served-By
cache-lga21957-LGA, cache-hhn4081-HHN
X-Timer
S1653260444.370354,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 375C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame B721 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
pd
u.openx.net/w/1.0/ Frame B22C 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 5870 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 8665 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 22 May 2022 23:00:44 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
pd
u.openx.net/w/1.0/ Frame F6ED 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 22 May 2022 23:00:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame AE8D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 6F0B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D4B3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
66837
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
158116, 812794
X-Served-By
cache-lga21957-LGA, cache-hhn4028-HHN
X-Timer
S1653260444.394846,VS0,VE0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5FA0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLETkEIIEgNu5SCWBcPOiNjkGnQpxf-MEuPTawGFJ2zM2OPhbzmFNyQSXGipG9z9xKmgV75RwUxycQenebBNuiYJEfKs9S8T0&sig=Cg0ArKJSzIgTFTbVLd-QEAE&id=lidar2&mcvt=1257&p=0,0,250,300&mtos=1257,1257,1257,1257,1257&tos=1257,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=3258648039&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653260440823&rpt=1216&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F8C9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIsPj2liCzVL9SZWa5uffs3biVoSYc5kLtptSDZzRBgo37zM4s0m7gD7DB6GtsebgPZjckEp92XGPKDdMua8T7D3JkOOuD-js&sig=Cg0ArKJSzPmbKnSMMWz2EAE&id=lidar2&mcvt=1261&p=0,0,250,300&mtos=1261,1261,1261,1261,1261&tos=1261,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=3458418712&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653260440844&rpt=1241&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 17B4 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
usync.js
eus.rubiconproject.com/ Frame 3609 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
usync.js
eus.rubiconproject.com/ Frame 58D4 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
usync.js
eus.rubiconproject.com/ Frame B75F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
usync.js
eus.rubiconproject.com/ Frame 11C9 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
async_usersync
ib.adnxs.com/ Frame 0925 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d723550d-f439-41e0-85fc-69a634662d7c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7412 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_rWa8BsC1XY-9zTGFrQ4fCIu6Vz8nSnhdxZaw4-sbta9k_ZczFnYdCoM96tyVHcoWt5WRu6dpkJdCAd-jXhz51pkFPeMH&sig=Cg0ArKJSzFcCZiDNBcAnEAE&id=lidar2&mcvt=1279&p=0,0,250,300&mtos=1279,1279,1279,1279,1279&tos=1279,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=2878691016&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653260439097&rpt=3168&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1B0E 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9fa0606e-27ee-44c5-bded-90282c8d664a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame C9A2 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
async_usersync
ib.adnxs.com/ Frame 7EB5 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
54d0cd2d-bd46-4e77-a3dc-f8435e7fc958
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/unload/ Frame 7412 		35 B
486 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1653260443674
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
usync.js
eus.rubiconproject.com/ Frame 5F4C 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
usync.js
eus.rubiconproject.com/ Frame 5806 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
usync.js
eus.rubiconproject.com/ Frame 1AA6 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
async_usersync
ib.adnxs.com/ Frame 11F5 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4f731980-f661-44e7-8329-b3686785892b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8BE3 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
802bd68b7e71f687e6bf1a6d868a046051075a062143518065cb6abdbcf6db39

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1623
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
241|230|39|73|41|191|31|26
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame 046F 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b18177ac-2bbc-4ccf-81ca-bc85ef93aa0e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F26B 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf19c6cddeeea2fcf4b729242f28963765906fb8ae01d5c382e4166ab51481c9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1547
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
230|39|241|73|130|24|81|5
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usync.js
eus.rubiconproject.com/ Frame F4DA 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
usync.js
eus.rubiconproject.com/ Frame 9D53 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 7412 		0
268 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=fdfb30d38b74423b946fc17a9f613c42&nav_pltfrm=Linux%20x86_64&cbust=1653260443740152
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
Vary
Origin
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/21/2022 23:00:44
usermatch
ssum-sec.casalemedia.com/ Frame 4C9F 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f25af96f95230237d17d4f13d87fd0cbc9e625b5c92efc809c2f105a015e6b9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1456
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
46|130|206|3|8|4|105|156
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usync.js
eus.rubiconproject.com/ Frame 0DE0 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 019D 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e70fbff8c9343803963e06c132a5cfa534043665b75ce85f227edeb2c215d7c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1553
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
46|88|4|130|17|152|13|191
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usermatch
ssum-sec.casalemedia.com/ Frame 2A8E 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
22ac541f68479287efa047d09b9756665ced87849fcd599bb51f5f95a9aa8903

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1531
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
46|206|88|130|230|39|123|105
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usync.js
eus.rubiconproject.com/ Frame 375C 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame B6EF 		0
268 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=0bb617d7dd9f468f8325136528a27e6a&nav_pltfrm=Linux%20x86_64&cbust=1653260443753829
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
Vary
Origin
Access-Control-Allow-Origin
https://mediawoot.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/21/2022 23:00:44
usync.js
eus.rubiconproject.com/ Frame AE8D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24993
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Mon, 23 May 2022 05:57:17 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B24A 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9c15871283392216cf75c6464ad3b2a0a264b6cff331a323e2cec2f431f34959

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1404
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
46|4|206|130|111|57|26|41
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame 9832 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
65a122d1-789c-456d-bf81-bcee5d0ad760
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5D67 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dc909023aef7914468afca2977244147a8575d48f9787332d7672c4f5d2cdd62

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1581
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
46|4|88|3|191|105|65|190
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame 7F42 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7269c11e-59eb-46e8-83b5-eba73211696f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 727D 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
db8ee1bbeacf966e2910f1f9a4d81634d60fde526057b28fcb24b4c9155bf3e9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1709
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
46|3|4|206|88|195|64|17
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame BED1 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
33eba1ee-2bc5-44a2-9c20-ff7e205f281f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C1E6 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dc61374b834af7f80c2bff31e7f08392cb8033ca8b28b52da66403ecde5fddef

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1457
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
206|3|65|111|41|8|4|40
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame DE9F 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3ba399dd-afa3-420a-8b14-83b7d336ef62
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F785 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
07f74fc327df1093827e2c70ee9e2c28805f9a12f251f276b3209b9a0d555f26

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1565
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
81|64|176|47|241|41|156|24
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame 08D0 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
42d1d03e-11e4-4a01-922d-291b2994647e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 628C 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cac411579ea950bffc80e9af1e98a4314cf7e27a21999d45ba633eb74a1647e7

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1333
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
81|90|64|105|5|17|41|191
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame 99EF 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f9a2f63f-e608-4bec-9173-d9a9db6dbcd6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E82C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
039ffd08-d3f4-47ed-9b68-4306fe965a44
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 97D3 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d453b0ccc5017073ee44f39fb3b3ecf15d7de92b07ebac0c29763c2168354487

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1526
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
90|105|57|18|46|109|230|24
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame 81FF 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
842801cf-af9f-45ff-9871-139307373bb1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3850 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c40a00defbc49939b40de73a512c8f04ee33b3947a50b6c20ea1be480c9b75e8

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1441
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
90|105|57|123|47|191|4|206
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usermatch
ssum-sec.casalemedia.com/ Frame 5337 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0ac1d3b952aa008e4df527204581057c5d398e9f4490c2c10859dbed9e1e38b9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1375
Content-Type
text/html
Date
Sun, 22 May 2022 23:00:44 GMT
Dropped-Udsids
176|47|123|57|105|39|90|26
Expires
Sun, 22 May 2022 23:00:44 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame D4B3 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5d90239f-c532-4816-ac1f-112d718558de
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8BE3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WKY9VN1PVBNRDQQWHT1H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YSGMWT2XDQBQQCZ6SYY5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8BE3 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8BE3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8BE3 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c111:9aee:7bd3:6707 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
bridge
cm.adgrx.com/ Frame 8BE3 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-8
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
index
dmp.brand-display.com/cm/api/ Frame 8BE3 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.212.72.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-72-103.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
last-modified
Sun, 22 May 2022 23:00:45 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Sun, 22 May 2022 23:00:46 GMT
noop
px.owneriq.net/ Frame 8BE3
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7065468451559907359&uid=Q7065468451559907359&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-246-168.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sun, 22 May 2022 23:00:45 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 8BE3 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25749
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8BE3 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
pixel
cm.g.doubleclick.net/ Frame F26B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F26B 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame F26B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3R8AN6E2HM8NJBRB2B2P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Z22V3VFK64ZSBWVQQ5YJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F26B 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c111:9aee:7bd3:6707 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
ie
match.prod.bidr.io/cookie-sync/ Frame F26B 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.228.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-228-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F26B
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=cac74d0e-d345-4e26-960b-7f2d81aca944&us_privacy=null&gdpr_consent=null&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=cac74d0e-d345-4e26-960b-7f2d81aca944&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=cac74d0e-d345-4e26-960b-7f2d81aca944&us_privacy=null&gdpr_consent=null&gdpr=1
date
Sun, 22 May 2022 23:00:45 GMT
server
_
content-length
0
rum
dsum-sec.casalemedia.com/ Frame F26B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=x_pqOpL4a2_crmI4wP1_acKqZG_c-GBjyay4CjD6
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=x_pqOpL4a2_crmI4wP1_acKqZG_c-GBjyay4CjD6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=x_pqOpL4a2_crmI4wP1_acKqZG_c-GBjyay4CjD6
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ix
ad4m.at/ad/sim/ Frame F26B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F26B 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
709414.gif
id.rlcdn.com/ Frame 17B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
rubicon
match.adsrvr.org/track/cmf/ Frame 17B4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 17B4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIV0tWWE4tMTktSE1XSQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIV0tWWE4tMTktSE1XSQ==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIV0tWWE4tMTktSE1XSQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 17B4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmIwNWVlOWJmOTFiMjdiMDA5ZjdjOTFjZWI2YzQyMGRlZTlmNDkwMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmIwNWVlOWJmOTFiMjdiMDA5ZjdjOTFjZWI2YzQyMGRlZTlmNDkwMA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmIwNWVlOWJmOTFiMjdiMDA5ZjdjOTFjZWI2YzQyMGRlZTlmNDkwMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 17B4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=llh7roX2SAq097_7DBwEmA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=llh7roX2SAq097_7DBwEmA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=llh7roX2SAq097_7DBwEmA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WK1ZJT2944GKYXSAH045
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=llh7roX2SAq097_7DBwEmA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 17B4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/VMCOtyEEZZdMbHFvHkkg-Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3750020954833946395
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3750020954833946395
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

date
Sun, 22 May 2022 23:00:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3750020954833946395
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 17B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHbyot2tf2MP7ta3nHj97HU&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHbyot2tf2MP7ta3nHj97HU&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHbyot2tf2MP7ta3nHj97HU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 17B4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3HWKVXN-19-HMWI
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3HWKVXN-19-HMWI
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:44 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A49ABB949D934DE6986DA12E61DE3F7E Ref B: FRAEDGE1212 Ref C: 2022-05-22T23:00:45Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXfobGR9FYte528xeEqJw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3HWKVXN-19-HMWI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
getuid
secure.adnxs.com/ Frame 4C9F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
ie
match.prod.bidr.io/cookie-sync/ Frame 4C9F 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.228.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-228-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 4C9F 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:45 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 4C9F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Date
Sun, 22 May 2022 23:00:45 GMT
Server
MT3 4419 e1034d5 master zrh-pixel-x30 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 22 May 2022 23:00:44 GMT
crum
dsum-sec.casalemedia.com/ Frame 4C9F
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8a500005-263c-4624-a857-cada35ce1fa8&expiration=1684796445
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8a500005-263c-4624-a857-cada35ce1fa8&expiration=1684796445
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8a500005-263c-4624-a857-cada35ce1fa8&expiration=1684796445
date
Sun, 22 May 2022 23:00:45 GMT
server
Kestrel
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 4C9F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9148799219336436403
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9148799219336436403
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9148799219336436403
pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4C9F
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sun, 22 May 2022 23:00:45 GMT
server
nginx/1.20.0
content-length
76
cookiesync
bttrack.com/pixel/ Frame 4C9F 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-ServerName
Track001-iad
Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4C9F 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
getuid
secure.adnxs.com/ Frame 019D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 019D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YorAnQADVPJpNAA2
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YorAnQADVPJpNAA2&gdpr=1&_test=YorAnQADVPJpNAA2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YorAnQADVPJpNAA2&gdpr=1&_test=YorAnQADVPJpNAA2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1653260445.341070,VS0,VE0
x-served-by
cache-hhn4082-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YorAnQADVPJpNAA2&gdpr=1&_test=YorAnQADVPJpNAA2
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 019D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8932626437222652595
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8932626437222652595
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8932626437222652595
pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ie
match.prod.bidr.io/cookie-sync/ Frame 019D 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.228.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-228-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 019D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 019D
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=e547c99f-390b-4f15-a395-abd2fcc18485
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=e547c99f-390b-4f15-a395-abd2fcc18485
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=e547c99f-390b-4f15-a395-abd2fcc18485
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 019D
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Sun, 22 May 2022 23:00:45 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
index
dmp.brand-display.com/cm/api/ Frame 019D 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.212.72.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-72-103.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
last-modified
Sun, 22 May 2022 23:00:45 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Sun, 22 May 2022 23:00:46 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 019D 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
getuid
secure.adnxs.com/ Frame 2A8E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame 2A8E 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:45 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 2A8E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YorAnQADU_2o9gAo
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YorAnQADU_2o9gAo&gdpr=1&_test=YorAnQADU_2o9gAo
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YorAnQADU_2o9gAo&gdpr=1&_test=YorAnQADU_2o9gAo
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1653260445.369806,VS0,VE0
x-served-by
cache-hhn4082-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YorAnQADU_2o9gAo&gdpr=1&_test=YorAnQADU_2o9gAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ie
match.prod.bidr.io/cookie-sync/ Frame 2A8E 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.228.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-228-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2A8E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 2A8E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 2A8E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=6bGR7mBZTSdK3NPdt5sIj9ly2hM
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=6bGR7mBZTSdK3NPdt5sIj9ly2hM
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=6bGR7mBZTSdK3NPdt5sIj9ly2hM
Date
Sun, 22 May 2022 23:00:45 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 2A8E
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sun, 22 May 2022 23:00:45 GMT
server
nginx/1.20.0
content-length
76
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 2A8E 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
getuid
secure.adnxs.com/ Frame B24A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame B24A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3312134102264273587
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3312134102264273587
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3312134102264273587
pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ups.analytics.yahoo.com/ups/55940/ Frame B24A 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:45 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame B24A 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.228.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-228-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame B24A 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame B24A
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196422168524089
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196422168524089
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196422168524089
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
sync.taboola.com/sg/indexscod/1/cm/ Frame B24A 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25749
bridge
cm.adgrx.com/ Frame B24A 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-8
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B24A 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
getuid
secure.adnxs.com/ Frame 5D67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 5D67
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2591558161884994227
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2591558161884994227
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2591558161884994227
pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 5D67
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YorAnQADSo9QOQAj
85 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YorAnQADSo9QOQAj
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2710
x-served-by
cache-hhn4082-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1653260445.369826,VS0,VE0
content-length
85
x-cache-hits
11275

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1653260445.232457,VS0,VE89
x-served-by
cache-hhn4082-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YorAnQADSo9QOQAj
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 5D67
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Date
Sun, 22 May 2022 23:00:45 GMT
Server
MT3 4419 e1034d5 master zrh-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 22 May 2022 23:00:44 GMT
index
dmp.brand-display.com/cm/api/ Frame 5D67 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.212.72.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-72-103.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
last-modified
Sun, 22 May 2022 23:00:45 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Sun, 22 May 2022 23:00:46 GMT
crum
dsum-sec.casalemedia.com/ Frame 5D67
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sun, 22 May 2022 23:00:45 GMT
server
nginx/1.20.0
content-length
76
rum
dsum.casalemedia.com/ Frame 5D67
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1653346845&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1653346845&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1653346845&gdpr=1
pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
getuid
ib.adnxs.com/ Frame 5D67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5D67 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
getuid
secure.adnxs.com/ Frame 727D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 727D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Date
Sun, 22 May 2022 23:00:45 GMT
Server
MT3 4419 e1034d5 master zrh-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 22 May 2022 23:00:44 GMT
rum
dsum-sec.casalemedia.com/ Frame 727D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8716453655108868787
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8716453655108868787
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8716453655108868787
pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ups.analytics.yahoo.com/ups/55940/ Frame 727D 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:45 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 727D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YorAnQADVTpqaQA2
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YorAnQADVTpqaQA2&gdpr=1&_test=YorAnQADVTpqaQA2
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YorAnQADVTpqaQA2&gdpr=1&_test=YorAnQADVTpqaQA2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1653260445.384130,VS0,VE0
x-served-by
cache-hhn4082-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YorAnQADVTpqaQA2&gdpr=1&_test=YorAnQADVTpqaQA2
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 727D
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1521be1b-ae28-4987-9d43-5e66cfe08a06
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1521be1b-ae28-4987-9d43-5e66cfe08a06
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-1521be1b-ae28-4987-9d43-5e66cfe08a06
date
Sun, 22 May 2022 23:00:45 GMT
server
Apache-Coyote/1.1
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 727D 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 727D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 727D 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame C1E6 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:45 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame C1E6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Date
Sun, 22 May 2022 23:00:45 GMT
Server
MT3 4419 e1034d5 master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=aba9628a-c095-4000-aa2f-02433781728b&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 22 May 2022 23:00:44 GMT
rum
dsum.casalemedia.com/ Frame C1E6
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1653346845&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1653346845&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1653346845&gdpr=1
pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
match
c1.adform.net/serving/cookie/ Frame C1E6 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
bridge
cm.adgrx.com/ Frame C1E6 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-8
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame C1E6
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=645de8a2-bd4b-404a-a27d-decf8eedfc2d&expiration=1684796445
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=645de8a2-bd4b-404a-a27d-decf8eedfc2d&expiration=1684796445
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=645de8a2-bd4b-404a-a27d-decf8eedfc2d&expiration=1684796445
date
Sun, 22 May 2022 23:00:45 GMT
server
Kestrel
content-length
0
rum
dsum-sec.casalemedia.com/ Frame C1E6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9220856813374364339
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9220856813374364339
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9220856813374364339
pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
htw-pixel.gif
js-sec.indexww.com/ht/ Frame C1E6 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
rum
dsum-sec.casalemedia.com/ Frame F785
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=x_pqOpL4a2_crmI4wP1_acKqZG_c-GBjyay4CjD6
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=x_pqOpL4a2_crmI4wP1_acKqZG_c-GBjyay4CjD6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=x_pqOpL4a2_crmI4wP1_acKqZG_c-GBjyay4CjD6
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F785 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
113
match.deepintent.com/usersync/ Frame F785 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:44 GMT
content-length
0
server
b
crum
dsum-sec.casalemedia.com/ Frame F785
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9eNmxq0s1NSUz35&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9eNmxq0s1NSUz35&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-0eac7293533ef1427@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9eNmxq0s1NSUz35&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F785
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KA3Z2CVKNK8CT2E79ZKK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VYV82ZZZR1TYX2Q45NS0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bridge
cm.adgrx.com/ Frame F785 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-8
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
cookiesync
bttrack.com/pixel/ Frame F785 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Sun, 22 May 2022 23:00:23 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rum
dsum-sec.casalemedia.com/ Frame F785
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=ed4a2fb5-3d8a-47ec-af4a-62ba4caf4f86&us_privacy=null&gdpr_consent=null&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=ed4a2fb5-3d8a-47ec-af4a-62ba4caf4f86&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=ed4a2fb5-3d8a-47ec-af4a-62ba4caf4f86&us_privacy=null&gdpr_consent=null&gdpr=1
date
Sun, 22 May 2022 23:00:45 GMT
server
_
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F785 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
rum
dsum-sec.casalemedia.com/ Frame 628C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=x_pqOpL4a2_crmI4wP1_acKqZG_c-GBjyay4CjD6
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=x_pqOpL4a2_crmI4wP1_acKqZG_c-GBjyay4CjD6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=x_pqOpL4a2_crmI4wP1_acKqZG_c-GBjyay4CjD6
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
no_match_opted_out
um.simpli.fi/ Frame 628C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:45 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Sun, 22 May 2022 23:00:45 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 21 May 2022 23:00:45 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 628C 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 628C
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sun, 22 May 2022 23:00:45 GMT
server
nginx/1.20.0
content-length
76
ix
ad4m.at/ad/sim/ Frame 628C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 628C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
bridge
cm.adgrx.com/ Frame 628C 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-8
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
index
dmp.brand-display.com/cm/api/ Frame 628C 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.212.72.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-72-103.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
last-modified
Sun, 22 May 2022 23:00:45 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Sun, 22 May 2022 23:00:46 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 628C 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
no_match_opted_out
um.simpli.fi/ Frame 97D3
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:45 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Sun, 22 May 2022 23:00:45 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 21 May 2022 23:00:45 GMT
crum
dsum-sec.casalemedia.com/ Frame 97D3
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sun, 22 May 2022 23:00:45 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame 97D3
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336718502722488
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336718502722488
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336718502722488
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 97D3
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1669158045&external_user_id=5cee00e2-8339-4cbb-a5ae-7acdc5326c35
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1669158045&external_user_id=5cee00e2-8339-4cbb-a5ae-7acdc5326c35
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1669158045&external_user_id=5cee00e2-8339-4cbb-a5ae-7acdc5326c35
date
Sun, 22 May 2022 23:00:45 GMT
access-control-allow-origin
*.casalemedia.com
content-length
157
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
getuid
secure.adnxs.com/ Frame 97D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 97D3
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6bce9e733dbc4d829d8ad7705de7026f&expiration=1655852445
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6bce9e733dbc4d829d8ad7705de7026f&expiration=1655852445
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6bce9e733dbc4d829d8ad7705de7026f&expiration=1655852445
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 97D3 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 97D3
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0b4e7569-f609-47a7-af8d-35203eee8a25&us_privacy=null&gdpr_consent=null&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0b4e7569-f609-47a7-af8d-35203eee8a25&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0b4e7569-f609-47a7-af8d-35203eee8a25&us_privacy=null&gdpr_consent=null&gdpr=1
date
Sun, 22 May 2022 23:00:45 GMT
server
_
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 97D3 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
no_match_opted_out
um.simpli.fi/ Frame 3850
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:45 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Sun, 22 May 2022 23:00:45 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 21 May 2022 23:00:45 GMT
crum
dsum-sec.casalemedia.com/ Frame 3850
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sun, 22 May 2022 23:00:45 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame 3850
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196422168524088
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196422168524088
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196422168524088
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 3850
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=_BAOVK6cQw1G8eYHrydjINly2hM
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=_BAOVK6cQw1G8eYHrydjINly2hM
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=_BAOVK6cQw1G8eYHrydjINly2hM
Date
Sun, 22 May 2022 23:00:45 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 3850
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9eNmxq0s1NSUz35&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9eNmxq0s1NSUz35&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-0d838a898723b026e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9eNmxq0s1NSUz35&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame 3850 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.212.72.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-72-103.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
last-modified
Sun, 22 May 2022 23:00:45 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Sun, 22 May 2022 23:00:46 GMT
rum
dsum-sec.casalemedia.com/ Frame 3850
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2519500567847066291
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2519500567847066291
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2519500567847066291
pragma
no-cache
date
Sun, 22 May 2022 23:00:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ups.analytics.yahoo.com/ups/55940/ Frame 3850 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YorAlj6DHKWdlS-o0q0o5wAABLcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:45 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3850 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
113
match.deepintent.com/usersync/ Frame 5337 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:45 GMT
content-length
0
server
b
crum
dsum-sec.casalemedia.com/ Frame 5337
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9eNmxq0s1NSUz35&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9eNmxq0s1NSUz35&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:44 GMT
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-057420aad53a017a6@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9eNmxq0s1NSUz35&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5337
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=sAeoejtuRblu3RpTx3buzNly2hM
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=sAeoejtuRblu3RpTx3buzNly2hM
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=sAeoejtuRblu3RpTx3buzNly2hM
Date
Sun, 22 May 2022 23:00:45 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 5337
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588520348080786
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588520348080786
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588520348080786
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 5337
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sun, 22 May 2022 23:00:45 GMT
server
nginx/1.20.0
content-length
76
casale
match.adsrvr.org/track/cmf/ Frame 5337 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
no_match_opted_out
um.simpli.fi/ Frame 5337
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:45 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Sun, 22 May 2022 23:00:45 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 21 May 2022 23:00:45 GMT
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 5337 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25749
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5337 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YorAlj6DHKWdlS.o0q0o5wAA%261207
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 23:00:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:15:32 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 6A99
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmediawoot.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.247.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-247-148.compute-1.amazonaws.com
Software
/
Resource Hash
704343dc14973f226fe748c69977001fe402edf5ceb9bf83923f2310633c16f6

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Sun, 22 May 2022 23:00:45 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sun, 22 May 2022 23:00:45 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Sun, 22 May 2022 23:00:45 GMT
location
/um/cs&eq_cc=1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8289 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bo78ImsCKYo6XOY3hx_APodG80AUAAAAAOAHgBAI&bg=!a2ilaCzNAAZ4vKt9WLw7ACkAdvg8Ws0y0gVquiwxG-UVG0QAgD4Q_rvAOS6WK_Ev7mr1F0jap5nRHgIAAASqUgAAAAFoAQcKAE1ZTCQxZwtBe1Pfi0g_A17lKzx03EUQgUUSO4jh4L0QkBr0PLbxQM8yBs_WhGSdSax1WIzZxBquyLEkdyRG46--fNGqlDBkGp37GqrNkZkC0nmBVhoZ6XhSiMxL7t5AvgDtSIeITW-rzucECK_TLbaTaQSiqUqhBpI4jMuLLPG9hjY6LwNAkYkKRYFb3Es119XE2hNMFC5dJM5xrzTG5s1qcGnSfBsTRsthzrcBQ9MDs_R_Irj9b04YXR22kiXiQUMWUl2l6M3qAoQKd710vZ1kchmj5dndEsqLE1AIjZt5Kpcqdu8Dh1oXMDz0V6Dm0FEPKEGwCTCq3FYrMAR-mSrpc_6WdRPntVUWFfpFBz_Y9hl4_IFg0Hxsqyv6GyMk_Ki-MS4YPQgIb1z2__yyC__kAR0m8nuQdva_ZX9ZTzxbzt14WItsPaBwXmjFOPyk2SZqGs28QxfyvinOrfk6Rh15NEJ9ozR0ZmJ7rckaWPsdAvzta3ppvPSfhxQED26Q5IdABttqnJnx34FfTbcT1euM6a75quGB9_My1WsfCbv7f2BSZnTCWvHYE1LwM6OkXwKGQ82-ohLWOnLNn-hFmhYsbH1Xatgro1ti7eQBt9KsA6udj2JwrAD804azaaB6Y1GkCKAgorwdvpyVCwEKfm4ohpg3yceYzl1jRWsZL-bVcpRWNyQeqzU8oEgSqQEU0TfswPuf8gFNUeUBT81o8QSL-i9Juq4uKilkvYRp515JmkFeHIbEMoJo4G3jLBYwupYIh9CtX8xM9E2vnctjjCV9QdqyzVHTfxcMiY-22d18LoKJh7BvooeiCACc2fABdf8LDFntKG68S3I_BwbHk5-O6E78biXdkQVJUNicZ3gdLutBAOyF9rgXMGzhbdHC_dhi3PdShIwQpwN3l3aXpWr4sLCpQt11bQ7dcAT4plBBpuCO-iy_FSTeXQPIImx_0-U5d51xnPCbSLWvlu9TbFJCkucwwZDw2LnxSTzNuBjtXfXUF7TZrz7hnKNc_cSEe4DAJJF49yMUF8P1c8nA6nna9p1xAdex2WsH1gIyIQCTD5iD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1973 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpYNymsCKYvbBO4Wk3gONt4TAAwAAAAA4AeAEAg&bg=!aGulay_NAAZ4vKt9WLw7ACkAdvg8WmjVjtfeFBWhSeCyWD-ifWrW65gj1bxPOmoFRzWJGdGi5OHQpQIAAASzUgAAAAJoAQeZAtEX51V1zfJJ07jbZE_K-RAyYEzkghUczdNnBPHlygQ5vhc0DQ6B92RU83lWItMHy0pargf91tFdzxIigXZl8-ad3duOnsUP7VjeHfFC8_m7s0kS8YuBRTZfLhQvXEoh6bLqcMuUGjvyuIAN_d8Fi4PbmYNKr8mFl9U5bY-Ncoa5YY4BFf-YHYcsYzW8VCKmXERhcFt8XXWjV2CepsDP76mc4JvZUiBsyALwnLYHFGJfZXsJwuChdgv5f2wAUkJQstyYP8seDIMGlz3897OckXJTJ_3Dqru7GXqKvOBqiyPxJjbaSk9YQmUHKaF-rTpeKkuEt3CxH1vTVIXtokXWlHzGMnhVie8vU0CXyJ1en_XkGeGjGyOkgUl4e0fKeZ7fsgSUBvVQPxY5gGQxNKQM43sIZ8WFZDZW9F5f4JozpbafoQfXrPpVAT0w02nw0-U8JeBcZLPmmYqWmrbvMVe42kTJ3QbHywHBaiypE81T-f0imcmhxUWag5YTT6HHkSUZhZBcR8OSNwWhVtpIDrInfHEedCzOibpbdeZB50Wp3LltlxFQDHgmW7hk2swo8BaF0JtVVzeqdmh2oJLRELm8lR-cnTEBzhXhrGNAy1lFuhUs_rJ2LtRYvzFDXzoF4pSpGoo4GR0MG8gGv2hOPrq9MKW7UYiVcyWsONMKKBJMTdfdIjEhIaiG-5hi4UTy9DLus1gOP5TuMd54H0O93Ue2O3bDFKdt6V65cExHnPhjpvyIPaObnF8H32Vb5ElNz9tiEu79ynxXtwiio9KgYVluzcMUdUwODQyJt5nKVgjrImrKV1AsQSDZPAemvil2V9a_d-o5jSb95salQ0MyczvOluqpETNBMLr-Kq3GH7hZsyB1WkGvstUyGYvc3p1KoRF_KF2B-UmcnuN408sOUMmGqtSdSek07O1RFmuqtw7WrMkjkt0eWYJ0vSctmm-1Ei1VqvRr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0925 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7a074dbd-9d85-4c6d-ad95-e9e329ca1f78
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6A99 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=4a1b0dbb-6056-4d52-a4ed-e004e73ec6aa&expiration=1661209245
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 22 May 2022 23:00:45 GMT
async_usersync
ib.adnxs.com/ Frame 1B0E 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e3b4100e-02a3-4eaf-8c9f-7e64884bb256
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7EB5 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3e7dc45d-8b1f-4d1b-8159-2d5b9ed41591
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 11F5 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f4863b5c-8ff9-4f75-a9d7-f8d3cf32152a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 046F 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2afc56c2-ed9e-4045-bf54-ffaa54a60ba4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9832 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
886e9f2c-aa55-4ac3-92f6-ab8df91de0b8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7F42 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8e8b46ea-44e2-4c05-ab55-cfca279aefa2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BED1 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
59be7a9a-a4cb-44a5-92a0-6c2cd90085ea
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DE9F 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f7f21a85-a548-42c6-b3a2-b4b1d1e01223
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 08D0 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0adaf43c-29ca-48a6-a8e4-7b4f591c6e84
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 99EF 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
47c2e44e-662d-4105-8b3d-008ccdc3a698
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E82C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9866f41c-eda0-4be6-9c11-3418b6ae3999
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 81FF 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
424d0a32-c457-426d-83dc-f9783b993aae
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D4B3 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:45 GMT
X-Proxy-Origin
217.114.218.19; 217.114.218.19; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3ed66858-53d4-41d5-9365-a7f52502b77a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 164D 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3432245&wgcampaignid=99582&viewref=34328800004871200951425011968019&js=1&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-49.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 11:22:01 GMT
server
AmazonS3
age
67814
etag
"101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 22 May 2022 04:44:32 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
52083
x-amz-cf-id
1V94LK5vKgo5J02IA8-VR1gNum2V5FM8Y0xyctegj0MWPbf4lv0rtw==
link.html
track.webgains.com/ Frame 164D 		667 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=99582&viewref=22519100003889204444614011968017&wglinkid=3432245
Requested by
Host: mediawoot.com
URL: https://mediawoot.com/r/p.html?f=empfpdc&e=1695597276133
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-35-87.servers.dedipower.net
Software
Apache /
Resource Hash
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 22 May 2022 23:00:47 GMT
Last-Modified
Sun, 22 May 2022 23:00:47 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/jpeg
Content-Length
667
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
track.adform.net/serving/unload/ Frame 79F0 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@53521594,2997134819722320515,100|4520|0|0|0|0|0|0|0||177|1|1325|1112259339837277657_916712572602806661_1|||1|0|0|Fp2ghCKpgKG48M5tcwHHbTGGMl70FBi5R3LAP5NE2lhFGBMT6wlEsRhpnBRkvb3lA7z_uuw_WOM1|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 8390 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@53521594,2865620393851455242,100|4538|0|0|0|0|0|0|0||177|1|1325|528866325019606390_8976528965895423848_1|||1|0|0|Fp2ghCKpgKG48M5tcwHHbTGGMl70FBi5R3LAP5NE2liWfS6SKYcG0xhpnBRkvb3lA7z_uuw_WOM1|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 0DAF 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@50241503,6536340079680725062,100|4581|0|0|0|0|0|0|0||179|1|1325|1218255779873206076_8410774315688070797_1|||1|0|0|QjOe1KQ5vWO48M5tcwHHbTGGMl70FBi5R3LAP5NE2lhTAqBt56Tw8RhpnBRkvb3lA7z_uuw_WOM1|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 96A4 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@52103798,7412985473753105656,100|4605|0|0|0|0|0|0|0||180|1|1325|7358119776899351863_2312141840971833396_1|||1|0|0|EjH13V_cA2C48M5tcwHHbTGGMl70FBi5R3LAP5NE2lh4iAojo_OU1BhpnBRkvb3lA7z_uuw_WOM1|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame F294 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@52800928,1265322514363346308,100|4708|0|0|0|0|0|0|0||184|1|1325|3524375294589152340_5070465613227081452_1|||1|0|0|obusSdCR-jW48M5tcwHHbTGGMl70FBi5R3LAP5NE2lijrRaNYQGuExhpnBRkvb3lA7z_uuw_WOM1|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame EC4A 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@53521594,6148204708068032595,65|4785|0|0|0|0|0|0|0||122|1|1325|3595808768508273452_325563722503802841_1|||1|0|0|Fp2ghCKpgKG48M5tcwHHbTGGMl70FBi5R3LAP5NE2liCJUu-QJLlDRhpnBRkvb3lA7z_uuw_WOM1|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame FF4F 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@53521594,4982665008771994412,28|0|0|0|0|0|0|0|0||0|1|1325|4985916912516786065_970827348278350710_1|||1|0|0|Fp2ghCKpgKG48M5tcwHHbTGGMl70FBi5R3LAP5NE2lh0o9HhYc6VOBhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame D807 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=240036737613266497@@52908647,2157642877135979921,100|4649|0|0|0|0|0|0|0||182|1|1325|871211947704170890_4831897657419069401_1|||1|0|0|emzVTVFgKuW48M5tcwHHbTGGMl70FBi5R3LAP5NE2lhCEy2XkaDAchhpnBRkvb3lA7z_uuw_WOM1|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://mediawoot.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
tracking-event
api.webgains.io/ Frame 164D 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mediawoot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 22 May 2022 23:00:48 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mediawoot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sun, 22 May 2022 23:00:48 GMT
server
nginx
dc_oe=ChMI8qeUiZv09wIVFL13Ch1GUQs2EAAYACCUmOxPQhMIobT2iJv09wIVqYCDBx23WAiO;met=1;&timestamp=1653260448344;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A972 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8qeUiZv09wIVFL13Ch1GUQs2EAAYACCUmOxPQhMIobT2iJv09wIVqYCDBx23WAiO;met=1;&timestamp=1653260448344;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIyPCUiZv09wIV2JV3Ch01zwm2EAAYACCUmOxPQhMItOf1iJv09wIVZRCLCh3yTAAl;met=1;&timestamp=1653260448345;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 098C 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyPCUiZv09wIV2JV3Ch01zwm2EAAYACCUmOxPQhMItOf1iJv09wIVZRCLCh3yTAAl;met=1;&timestamp=1653260448345;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIgNj6iJv09wIVsRWLCh0l6QC2EAEYACDQ9bxR;met=1;&timestamp=1653260448346;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 463B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgNj6iJv09wIVsRWLCh0l6QC2EAEYACDQ9bxR;met=1;&timestamp=1653260448346;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame B6B7 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:50 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 May 2022 23:00:50 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 9421 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:50 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 May 2022 23:00:50 GMT
syncframe
gum.criteo.com/ Frame E611 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:49 GMT
server-processing-duration-in-ticks
4950
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame B6B7 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:50 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 May 2022 23:00:50 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 511B 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:50 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 May 2022 23:00:50 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 56E3 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:50 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 May 2022 23:00:50 GMT
syncframe
gum.criteo.com/ Frame AB10 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:50 GMT
server-processing-duration-in-ticks
3597
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9421 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:50 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 May 2022 23:00:50 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 5E34 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:50 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 May 2022 23:00:50 GMT
sid
mug.criteo.com/ Frame E611
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=VehIsHx6TjhKRExjd0E4NkZJVkJ0Zk1qb1l4UkJYczJFZ1h6Qm9LTm02U3BkVXNZSlpKMi8wUzZZbWREd29qcE1pQVdSNEVrYkpyb2cxMVhTa3hLQ3pKOStFbHpJRjZqNUE4QUdxMGVBQnFFVE9pRUlGbUtUVnRURnp4ck...
457 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=VehIsHx6TjhKRExjd0E4NkZJVkJ0Zk1qb1l4UkJYczJFZ1h6Qm9LTm02U3BkVXNZSlpKMi8wUzZZbWREd29qcE1pQVdSNEVrYkpyb2cxMVhTa3hLQ3pKOStFbHpJRjZqNUE4QUdxMGVBQnFFVE9pRUlGbUtUVnRURnp4ckV2OHhoSytmQXdYc3ozTTJYWmw3MDc2eFNPMkI4N0srR0xPVEduYktEcGluelBFbUdwSC9MemR1M1RkeG1POTAzOXBNVS8rUk90OWdWaHJNbStIbkI2RUdOUDBYU2R3Y3ptZjFnc0phcmVJS0s3bUR4ZlVBS1p0NnNsbGtoeU9YSkloNURHbUNVTjFBWmticlVVNHozSnI0TDU1bGF6UmVUOVpFTGF4SERYR3pyWmZDclBIcz18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
eea7f106b063c14dd6c80523446b67d00890181042e95be948f201008706f0e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:49 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3697
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 22 May 2022 23:00:50 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=VehIsHx6TjhKRExjd0E4NkZJVkJ0Zk1qb1l4UkJYczJFZ1h6Qm9LTm02U3BkVXNZSlpKMi8wUzZZbWREd29qcE1pQVdSNEVrYkpyb2cxMVhTa3hLQ3pKOStFbHpJRjZqNUE4QUdxMGVBQnFFVE9pRUlGbUtUVnRURnp4ckV2OHhoSytmQXdYc3ozTTJYWmw3MDc2eFNPMkI4N0srR0xPVEduYktEcGluelBFbUdwSC9MemR1M1RkeG1POTAzOXBNVS8rUk90OWdWaHJNbStIbkI2RUdOUDBYU2R3Y3ptZjFnc0phcmVJS0s3bUR4ZlVBS1p0NnNsbGtoeU9YSkloNURHbUNVTjFBWmticlVVNHozSnI0TDU1bGF6UmVUOVpFTGF4SERYR3pyWmZDclBIcz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2012
content-length
567
expires
0
syncframe
gum.criteo.com/ Frame DF12 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:50 GMT
server-processing-duration-in-ticks
5651
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame B9C4 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:50 GMT
server-processing-duration-in-ticks
5445
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame AB10
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=aFipWHxBdXI4clM0RzVVbGFzdjVxbWd5Wm0yQVFxdklyajJNbjRVYlpheW13U1NJS1ovRlU2ZXg2MFFnWnovc09hMjZ6WVlxSDcrSzlMelphSG40Y2pkNmNXRnI3MkY4TytVbEliakRQUm1OMTVuUkpTYXZ3a01vQ0tDL0...
0
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame B336 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mediawoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 23:00:50 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 23 May 2022 23:00:50 GMT
syncframe
gum.criteo.com/ Frame 5318 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mediawoot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6039
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 22 May 2022 23:00:50 GMT
server-processing-duration-in-ticks
3976
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame D6A8 		0
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 7518 		0
0
json
gum.criteo.com/sid/ Frame DF12 		0
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame A057 		0
0
json
gum.criteo.com/sid/ Frame B9C4 		0
0
syncframe
gum.criteo.com/ Frame F8EC 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mug.criteo.com
URL
https://mug.criteo.com/sid?cpp=aFipWHxBdXI4clM0RzVVbGFzdjVxbWd5Wm0yQVFxdklyajJNbjRVYlpheW13U1NJS1ovRlU2ZXg2MFFnWnovc09hMjZ6WVlxSDcrSzlMelphSG40Y2pkNmNXRnI3MkY4TytVbEliakRQUm1OMTVuUkpTYXZ3a01vQ0tDL0hFYUo3cTU1ZmZmUzJ4dk9BTHhPdkZGYnNFblVGUDlXb3JOQ2VkNjFTOEFodzBhZHpXcGFFNkhic2VDUklVUDEvNXZxaTRoMmRvVXZvam02RHM1N3J0cXozU1NrZUtpZmUrOXRXTzFNblE1MS9hSy9ENzZrcHRuQklYZERkdTZPbk1Ba1EweW1uWERxRzA5Mjl3VTZyLzEwcVlmaDFhSDd6Skc5OCtFWlNPR3pLaUhjVStxYz18&cppv=2
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=mediawoot.com&sn=ChromeSyncframe&so=0&topUrl=ua.korrespondent.net&lsw=1&topicsavail=0
Domain
gum.criteo.com
URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ua.korrespondent.net

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| gtag object| dataLayer object| Domain object| korr function| $ function| jQuery function| movePremiumBeforeTagOnMobile function| changeClass1 function| changeClass2 function| foundMistake function| FormDefaultButton object| jQuery19105639938559444144 object| selection number| H_DEV object| holderPlaces function| holder function| loadWeather function| FixScript1055 function| ajaxNews1055 undefined| rubrics undefined| href string| iS object| iD string| iT string| iH number| iI function| ABNS string| ABNSh object| ABNSl object| a0_0x433e function| a0_0x3d7e object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad object| google_tag_manager function| setUMHBibbCode function| loadUMHBranding function| admixerLisBrndMsg function| runZoneJS object| UMH function| ABN object| pr number| pos string| k number| v object| e object| b object| google_tag_data string| GoogleAnalyticsObject function| ga object| hb_dmx_res object| gaplugins object| gaGlobal object| gaData function| UserNotification function| loginWithFB function| ShowHiddenTop object| mql function| changeposition function| ShowHidden function| SetLocalStorage function| ajaxNews1064 string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| __CF$cv$params function| _jqjsp object| regeneratorRuntime object| mwayss object| adsbygoogle boolean| admixerLisBrndMsgSet object| googletag object| s object| p object| timeout object| gemius_cmpclient object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_image_requests boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint function| setImmediate function| clearImmediate function| Achernar object| gemius_gsconf object| pbjsChunk object| pbjs object| _pbjsGlobals function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| Swiper number| tns_already object| tnscm_adn string| tnscm_pak object| cm_events function| html2canvas function| _open function| idCoreOnReady function| tnsOnStatResult object| IDCore object| __cm function| CrossDomainStorage object| adpnExecutions object| aliveChecks boolean| adpnLoaded object| GoogleGcLKhOms object| criteo_syncframe_state

167 Cookies

Domain/Path Name / Value
.korrespondent.net/ Name: dcw
Value: 44
ua.korrespondent.net/ Name:
Value: store.test
.i.ua/ Name: __cf_bm
Value: ZjsyWSt1MKOHvAN1ettSOpTvGGzqLQ56SPRggd8Cuvc-1653260436-0-AeU3a9wnFSBTYgWmyr2d9gjFcAxDVDwOiTQb/CuH+yQVlO6kj/+JfFXkOLN8fHhE+Xbn85uCBEqwA+TJdq0EBw0=
.cdn.umh.ua/ Name: AU
Value: d3e876fd6ed8f4c5
.korrespondent.net/ Name: _ga
Value: GA1.2.1369755530.1653260436
.korrespondent.net/ Name: _gid
Value: GA1.2.1857324167.1653260436
.korrespondent.net/ Name: _gat_gtag_UA_1609229_9
Value: 1
ad.mox.tv/ Name: moxuuid
Value: 0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68
ad.mox.tv/ Name: _mwayss_zone_imp[1554][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[1554][frequencyPeriodEnd]
Value: 1653346836
ad.mox.tv/ Name: _mwayss_imp[15493][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15493][frequencyPeriodEnd]
Value: 1653346836
ad.mox.tv/ Name: _mwayss_camp_imp[4849][frequencyPeriodEnd]
Value: 1653346836
ad.mox.tv/ Name: _mwayss_imp[15495][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15495][frequencyPeriodEnd]
Value: 1653346836
ad.mox.tv/ Name: _mwayss_camp_imp[2822][frequencyPeriodEnd]
Value: 1653346836
ad.mox.tv/ Name: _mwayss_imp[12260][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[12260][frequencyPeriodEnd]
Value: 1653346836
ad.mox.tv/ Name: _mwayss_camp_imp[1946][frequencyPeriodEnd]
Value: 1653346836
.korrespondent.net/ Name: __cf_bm
Value: 9aLzeGYV_buQHebkNgvD.oI3iRR4lXwqwLbiQLrklME-1653260436-0-AeXkUL4GSJy5os6W2TZyaS4dtEPI2W4T33W1CgYde2uLyDZF4Puah+PhJ3TdKUWM9P9SaCsBF/EiSjKhJmyFL8J1k4ApO91ucdTYU63yZ9ADKAqMr8WMOEvLjPLU1XUMONADWOBgdU9nI5LGtjqH9gSlMngXFiVqLxNVOeWYauIb
.ua.korrespondent.net/ Name: _ga
Value: GA1.3.1369755530.1653260436
.ua.korrespondent.net/ Name: _gid
Value: GA1.3.1857324167.1653260436
.ua.korrespondent.net/ Name: _dc_gtm_UA-1609229-30
Value: 1
.korrespondent.net/ Name: __gfp_64b
Value: BFkaAV1Gp32N1sPaR3BHCIcpx6NswKzHHz3wU5gYh6P.87|1653260436
.quantserve.com/ Name: mc
Value: 628ac094-f0c15-23b64-0288d
.admixer.net/ Name: am-uid
Value: 9a8198da32d74d73a6c2e9e46aac7929
.bidswitch.net/ Name: tuuid
Value: 7a1b11ff-3ef2-4dee-afaa-5010608bc125
.bidswitch.net/ Name: c
Value: 1653260436
.bidswitch.net/ Name: tuuid_lu
Value: 1653260437
ua.korrespondent.net/ Name: am-uid
Value: 9a8198da32d74d73a6c2e9e46aac7929
.mathtag.com/ Name: uuid
Value: aba9628a-c095-4000-aa2f-02433781728b
.hit.gemius.pl/ Name: Gtest
Value: KlG_URXGQMGGCO8ZCvFMtHMissGMXP8c25nSGDsj0P4IXBG.
ad.mox.tv/ Name: _mwayss_zone_imp[6798][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[6798][frequencyPeriodEnd]
Value: 1653346837
ad.mox.tv/ Name: _mwayss_imp[15627][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15627][frequencyPeriodEnd]
Value: 1653346837
ad.mox.tv/ Name: _mwayss_camp_imp[3084][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[3084][frequencyPeriodEnd]
Value: 1653346837
ad.mox.tv/ Name: _mwayss_imp[15390][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15390][frequencyPeriodEnd]
Value: 1653346837
ad.mox.tv/ Name: _mwayss_camp_imp[4849][count]
Value: 1
ad.mox.tv/ Name: _mwayss_imp[15656][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15656][frequencyPeriodEnd]
Value: 1653346837
ad.mox.tv/ Name: _mwayss_camp_imp[2822][count]
Value: 1
ad.mox.tv/ Name: _mwayss_imp[15650][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15650][frequencyPeriodEnd]
Value: 1653346837
ad.mox.tv/ Name: _mwayss_camp_imp[2821][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[2821][frequencyPeriodEnd]
Value: 1653346837
ad.mox.tv/ Name: _mwayss_imp[15725][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15725][frequencyPeriodEnd]
Value: 1653346837
ad.mox.tv/ Name: _mwayss_camp_imp[1946][count]
Value: 1
ad.mox.tv/ Name: _mwayss_imp[14085][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[14085][frequencyPeriodEnd]
Value: 1653346837
ad.mox.tv/ Name: _mwayss_camp_imp[4140][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4140][frequencyPeriodEnd]
Value: 1654124437
ad.mox.tv/ Name: _mwayss_imp[14277][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[14277][frequencyPeriodEnd]
Value: 1653346837
ad.mox.tv/ Name: _mwayss_imp[15719][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15719][frequencyPeriodEnd]
Value: 1653346837
ad.mox.tv/ Name: _mwayss_camp_imp[4599][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4599][frequencyPeriodEnd]
Value: 1653346837
ad.mox.tv/ Name: bdswtch_sync
Value: 7a1b11ff-3ef2-4dee-afaa-5010608bc125
.hit.gemius.pl/ Name: Gdyn
Value: KlxU2RGGQMGGCO8ZCvFMtHMissGMXP8c25nSGDsj0P4IFRxSG7RrGS6GNgEBFlMQYH8W8jBGqSRxSG8.
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 1d5f3162-9159-528f-a74f-4cdcc5c58c49
.betweendigital.com/ Name: ss
Value: 1
ad.mediawayss.com/ Name: bdswtch_sync
Value: 7a1b11ff-3ef2-4dee-afaa-5010608bc125
ad.mediawayss.com/ Name: moxuuid
Value: 0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68
.betweendigital.com/ Name: ut
Value: YorAlQAJXnC4bg_nEnJfuGfRiWf8lLhEAk7RqA==
ad.outstream.today/ Name: bdswtch_sync
Value: 7a1b11ff-3ef2-4dee-afaa-5010608bc125
ad.outstream.today/ Name: moxuuid
Value: 0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68
.doubleclick.net/ Name: IDE
Value: AHWqTUlTBFWDuPFPf8W72LngYAOq1_fx21-_JRNc2mr4kpJCzc7H5v4MXriWeAQoK6Q
.doubleclick.net/ Name: DSID
Value: NO_DATA
ua.korrespondent.net/ Name: user_hash
Value: YlR5cGU9Q2hyb21lJmJWZXJzaW9uPTEwMSZyV2lkdGg9MTIwMCZySGVpZ2h0PTE2MDA=
ua.korrespondent.net/ Name: initRef
Value:
ad.adopx.net/ Name: bdswtch_sync
Value: 7a1b11ff-3ef2-4dee-afaa-5010608bc125
prebid.a-mo.net/ Name: __amc
Value: 1_1653260437_1653260437
ad.adopx.net/ Name: moxuuid
Value: 0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68
ad.invamia.com/ Name: bdswtch_sync
Value: 7a1b11ff-3ef2-4dee-afaa-5010608bc125
ad.invamia.com/ Name: moxuuid
Value: 0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68
.casalemedia.com/ Name: CMPS
Value: 5196
.casalemedia.com/ Name: CMID
Value: YorAlj6DHKWdlS.o0q0o5wAA
.yandex.ru/ Name: i
Value: CHgobfKzuoWeIqruykuhDaDSFuHukZkUwbnYubq+R6M9uS8VvvlBWoiU8clqSZXH2blaN0ccdh/yTxP7kIeYYfqfO8g=
.adnxs.com/ Name: uuid2
Value: 1293804016050600494
ad.vidverto.io/ Name: bdswtch_sync
Value: 7a1b11ff-3ef2-4dee-afaa-5010608bc125
ad.vidverto.io/ Name: moxuuid
Value: 0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68
.casalemedia.com/ Name: CMPRO
Value: 1207
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GUcq1UMh!@wnfH8K6pQK`!5=E<*L5?%M#3Akp(0VDFIgZZPA5=JCBk?/7u@JF#oq:%Rc%nugO%v4VB%nm1v)i@Z]
.mail.ru/ Name: FTID
Value: 3PSjeJ0hlZIA:1653260438:0:::
ad.vidver.to/ Name: bdswtch_sync
Value: 7a1b11ff-3ef2-4dee-afaa-5010608bc125
ad.vidver.to/ Name: moxuuid
Value: 0a2dd83f-e57b-4883-bd3b-4fe3e4d9be68
.adtriba.com/ Name: atbgdid
Value: de763be5-6a1b-4e98-a94c-00e2a995e9e6
.korrespondent.net/ Name: tmr_reqNum
Value: 0
.korrespondent.net/ Name: tmr_lvid
Value: 7364563247292df683344cf2a4faff4b
.korrespondent.net/ Name: tmr_lvidTS
Value: 1653260437667
.korrespondent.net/ Name: _ym_uid
Value: 1653260438127775828
.korrespondent.net/ Name: _ym_d
Value: 1653260438
.yandex.com/ Name: yandexuid
Value: 4224265391653260438
.yandex.com/ Name: yuidss
Value: 4224265391653260438
mc.yandex.com/ Name: yabs-sid
Value: 171706861653260438
.yandex.com/ Name: i
Value: 2nRNplb0lUH6Qe1jGDLuoznlu7unvvu3eIT6rbLdgoJg9C7nyj54uftWxJkCbraaIhIq9mD3w+gvhwGtAGXUhJTTxIM=
.yandex.com/ Name: ymex
Value: 1684796438.yrts.1653260438#1684796438.yrtsi.1653260438
.mathtag.com/ Name: mt_mop
Value: 4:1653260438
.adfarm1.adition.com/ Name: UserID1
Value: 7100699512996821143
.3lift.com/ Name: tluid
Value: 1044204170203985916840
.korrespondent.net/ Name: _ym_isad
Value: 2
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.media.net/ Name: visitor-id
Value: 2962620388280386000V10
.media.net/ Name: data-g
Value: CAESEMg3HxlXel_D-94q_jdzUq4~~3
.otm-r.com/ Name: mpid
Value: NjI4YWMwOTYwOTEzYjRiMg==
.innovid.com/ Name: uuid
Value: 6a20937d-7227-450f-8eee-3bfddea13b63-20220522 19:00:38
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7CDF53B6-3136-4077-BE36-DC88DE124149
.adform.net/ Name: C
Value: 1
.yandex.ru/ Name: yandexuid
Value: 8270410251653260439
.adform.net/ Name: uid
Value: 240036737613266497
.rubiconproject.com/ Name: khaos
Value: L3HWKVXN-19-HMWI
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EiPzK/xN0S7z7U1ZxogGjlwOA+xFj1I9sdCW7L1Z9UHRvh5um+AHYWKLvUXc3wL4Jyp/4cE1c81ZQ7DMcu1h88EaVlRwbFEgPfQD5U7tEfUTQ==
.korrespondent.net/ Name: __gads
Value: ID=d3a2dfc05a4ee392:T=1653260437:S=ALNI_MYoh47LuJwChdTwreypbD6-adnXRA
.adnxs.com/ Name: icu
Value: ChgI4ZVvEAoYAyADKAMwmYGrlAY4A0ADSAMKGAjYqXkQChgBIAEoATCWgauUBjgBQAFIARCZgauUBhgD
.adsby.bidtheatre.com/ Name: __kuid
Value: 34e3cb87-a63f-402b-b05e-c0c5e31a0ae3.422474441
.criteo.com/ Name: uid
Value: 0c824876-21b4-4aad-aebb-218c1baee745
.audiencemanager.de/ Name: Nano
Value: 4f7d59f9629d45de17517869b3cbdb4813fca1d10db52f1eaaf43fdd81c8f2e5
.nrich.ai/ Name: _nauid
Value: 91d0748b-3725-4812-ad62-4bdf18331886
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: e38710fdc115084b
.adform.net/ Name: TPC
Value: 1653260441438
.onaudience.com/ Name: cookie
Value: a051c23819984cc9
.onaudience.com/ Name: done_redirects161
Value: 1
.advertising.com/ Name: APID
Value: UP00e0691f-da23-11ec-a421-068f2ada2e5e
.spotxchange.com/ Name: audience
Value: 00d4898e-da23-11ec-9919-10a0cca80106
.awin1.com/ Name: awpv14098
Value: 296283|1653260441|01124d90-da23-11ec-91ba-2230ae711e76
ua.korrespondent.net/ Name: tmr_detect
Value: 0%7C1653260440870
.awin1.com/ Name: awpv11830
Value: 296283|1653260441|012ba1f0-da23-11ec-977a-2266206bbad7
.awin1.com/ Name: awpv22610
Value: 296283|1653260442|0135b410-da23-11ec-85d9-223185680794
.awin1.com/ Name: AWSESS
Value: 408799:2874697
.fairnergy.org/ Name: session_trs
Value: 628ac09a10134340b0391383
.fairnergy.org/ Name: trs
Value: 628ac09a10134340b0391383
.trck.fairnergy.org/ Name: trscj
Value: MTY1MzI2MDQ0MnxMM1J5WTJzdlpYQjJMMk5qWmpOaFptSmxNalZpTkRRNE9HTTJOell4Tm1RNU4yRXhaR0k1Tm1VNVAzTjFZbWxrUFRNNU1UY3dNVEF3TURBME9ETXhOakF3T1RVeE5ESTFNREV4T1RZNE1EQTRKblE5YUhSc2NBPT18YUhSMGNITTZMeTl0WldScFlYZHZiM1F1WTI5dEx3PT0%3D
.tribalfusion.com/ Name: ANON_ID
Value: ajntuJOleq8PZabprMfa7jjDZaYkJIL86pege8fuPdQZch1TlyFoAZctUHZcV06ic6INNTZaTrfjTpDGRUnmiUZaoegkts4
.korrespondent.net/ Name: cto_bundle
Value: A_V_Y190YVFpSHpFMGM1MGV4ZGFkWWtSN1AlMkZRbHBaZUVyJTJGNHk2aHZpVnU5MDlqaXJUU3NmdXNBb3BtMUdQa0s1emhuR0V0QnRaNERQNnZlakxZeGh5NG4yNDVHS1ZyaDZTbHJHWk9PQlBNbyUyQnRRU2RKaEFIVEk5VlFPN0tXSXk0MlJ2Wm1YdEFyWUN4RFhqT05RcFFScFJoWDJiY0s0dyUyRk9KZU5WOG5qbGgwbUQlMkZNJTNE
.quantserve.com/ Name: d
Value: ECIBEAGZJoEK_fsQ
.owneriq.net/ Name: si
Value: Q7065468451559907359
.owneriq.net/ Name: p2
Value: cc
.turn.com/ Name: uid
Value: 9148799219336436403
.casalemedia.com/ Name: CMST
Value: YorAlmKKwJ0A
.simpli.fi/ Name: suid
Value: 301FFE8C631F45E2942B09D1D3317536
.yahoo.com/ Name: A3
Value: d=AQABBJ3AimICEC3c1ukxWYyCWBEMcp110lUFEgEBAQESjGKUYgAAAAAA_eMAAA&S=AQAAApef0hRvNw7bdZmmoNwMum8
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YorAnQADVTpqaQA2
.w55c.net/ Name: wfivefivec
Value: 9eNmxq0s1NSUz35
.ctnsnet.com/ Name: cid_6bce9e733dbc4d829d8ad7705de7026f
Value: 1
.w55c.net/ Name: matchcasale
Value: 5
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1MjA2sTCwMDC3MBPiM9TNz_IqDi_xczVITA6W4jU0MzU2MjMAqjQxNAEA-UFTFDQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmpsZGZgYmJqYmgCANWHok0QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1MjA2sTCwMDC3MBPiM9TNz_IqDi_xczVITA4GAHP4FG0lAAAA
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&26d1fb55-9378-47be-866d-d6addf13d528"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTMyNjA0NDU7MjswMjExpanOgjuGC5n3SExld2PGi5XOYTiZcM494UpJXcLMNw==
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2294:u=1:x=1:i=1653260445:t=1653346845:v=2:sig=AQGUQbyDEXhwDVr2SOMZQQacM4TRSrCN"
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 8a500005-263c-4624-a857-cada35ce1fa8
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 6A4%2B3RuLwNaFAPWnLl4AhW68vCFlMpMENV8Mz7AP8oZbEMcTi0xKpjXtXUoArG048ISBrT%2B0FkOulTUzWT5GTA%3D%3D
.amazon-adsystem.com/ Name: ad-id
Value: A7WaNvxMAUQkrYMeTAWK2jM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.eqads.com/ Name: EQUser
Value: UID=4a1b0dbb-6056-4d52-a4ed-e004e73ec6aa
.company-target.com/ Name: tuuid
Value: 5cee00e2-8339-4cbb-a5ae-7acdc5326c35
.company-target.com/ Name: tuuid_lu
Value: 1653260445
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b007a87a-3b6e-45b9-6edd-1a53c776eecc.3uBMJAUELxPmZgl5yxWWaa2Wu7DUaYkiFVtG55X8u5A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AsAeoejtuRblu3RpTx3buzNly2hM.f9DsS%2FsWe9IpcvjX8bCUzjiKeq1NMMsukP475Dzx7fk
.casalemedia.com/ Name: CMRUM3
Value: 05628ac09c05a0&41628ac09c05a0&ce628ac09c05a0&27628ac09c0b40&40628ac09c05a0&98628ac09c05a00&2e628ac09c05a0&1a628ac09c05a0&e6628ac09c2760&6f628ac09c05a0&7b628ac09d2760sAeoejtuRblu3RpTx3buzNly2hM&28628ac09c05a00&c3628ac09d2760av-1521be1b-ae28-4987-9d43-5e66cfe08a06&11628ac09c05a0&1f628ac09c05a00&2d628ac09605a0CAESEFn9qnemlg2SYcEZrE88rSQ&5a628ac09c05a0&2f628ac09c05a0&49628ac09c05a0&39628ac09d27605144588520348080786&03628ac09d2760aba9628a-c095-4000-aa2f-02433781728b&51628ac09c05a0&82628ac09ca8c0&bf628ac09c05a0&f1628ac09c05a0&04628ac09c05a0&b0628ac09c05a00&69628ac09c05a0&08628ac09d27608a500005-263c-4624-a857-cada35ce1fa8&29628ac09c05a0&58628ac09c05a0

18 Console Messages

Source Level URL
Text
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1554&height=288&width=400&tld=korrespondent.net&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6795&height=250&width=300&tld=korrespondent.net&ctype=iframe
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=6798&height=250&width=300&tld=korrespondent.net&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pixel.advertising.com/ups/55946/sync?uid=CAESEBxP5KMJRJuvTG-5YvuSYeI&_origin=1&google_cver=1&verify=true
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=34328800004871200951425011968019&t=htlp
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network error URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=34328800004871200951425011968019
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.code.cotsta.ru
5308e3e941783da1b0a117000ddea7de.safeframe.googlesyndication.com
a.cotsta.ru
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.adopx.net
ad.doubleclick.net
ad.invamia.com
ad.mail.ru
ad.mediawayss.com
ad.mox.tv
ad.outstream.today
ad.turn.com
ad.vidver.to
ad.vidverto.io
ad4m.at
ade.googlesyndication.com
adpone-d.openx.net
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.adform.net
ag.innovid.com
analytics.webgains.io
anz.audiencemanager.de
ap.lijit.com
api.webgains.io
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bgstats.mox.tv
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c530bf985f7d9aac0979a41040ffead8.safeframe.googlesyndication.com
casale-match.dotomi.com
cdn.admixer.net
cdn.adnxs.com
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.umh.ua
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
cs.emxdgt.com
cs.media.net
csskor.ill.in.ua
csync.loopme.me
d.adroll.com
d.adtriba.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
ee326b482b00607f5546a138e736504d.safeframe.googlesyndication.com
ef8857ffc5d97eab0d181477be990ae3.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
gaua.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
h.holder.com.ua
hal9000.redintelligence.net
hal900019.redintelligence.net
hal90008.redintelligence.net
hb.adpone.com
htlb.casalemedia.com
i.clean.gg
i.holder.com.ua
ib.adnxs.com
id.korrespondent.net
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
js-sec.indexww.com
jskor.ill.in.ua
kor.ill.in.ua
korrespondent.net
liift-trc.audiencemanager.de
loada.exelator.com
ls.hit.gemius.pl
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mediawoot.com
mug.criteo.com
nep.advangelists.com
onetag-sys.com
p.rfihub.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.everesttech.net
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prg.smartadserver.com
pv.medialead.de
px.ads.linkedin.com
px.owneriq.net
r.i.ua
rtb.openx.net
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
secure.adnxs.com
securepubads.g.doubleclick.net
source.mmi.bemobile.ua
sslpagestat.mmi.bemobile.ua
ssp.otm-r.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.teads.tv
t.cotsta.ru
tags.mathtag.com
token.rubiconproject.com
top-fwz1.mail.ru
tpc.googlesyndication.com
track.adform.net
track.webgains.com
trc.audiencemanager.de
trck.fairnergy.org
u.openx.net
ua.korrespondent.net
ui.ill.in.ua
um.simpli.fi
um2.eqads.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
yandex.ru
yastatic.net
z.cdn.umh.ua
gum.criteo.com
mug.criteo.com
static.criteo.net
104.111.239.217
104.111.242.245
104.18.3.81
108.128.215.255
138.201.63.149
138.201.63.150
141.226.228.48
141.94.170.64
141.95.171.141
141.95.98.68
142.250.184.226
142.250.186.130
142.250.186.98
143.204.215.112
143.204.215.49
145.239.193.130
145.239.237.56
145.40.89.200
146.0.227.110
146.59.10.80
151.101.1.108
151.101.2.49
151.101.65.108
157.90.215.235
159.122.14.34
159.65.197.210
167.71.9.19
168.119.79.239
169.197.150.7
172.217.16.134
178.250.2.131
178.250.2.146
18.156.0.31
18.195.155.181
185.119.59.4
185.165.240.175
185.180.220.208
185.183.112.148
185.184.8.90
185.29.132.241
185.29.132.242
185.64.190.78
185.86.138.16
185.94.180.125
188.42.196.115
190.2.153.150
192.132.33.46
193.0.160.128
193.29.200.140
193.29.200.151
193.29.200.157
194.247.175.26
194.247.175.38
195.201.152.110
2.18.233.201
2001:678:cb4:bbbb::11
212.8.250.228
212.8.250.83
23.205.235.133
23.32.59.34
23.35.228.23
23.35.236.188
23.35.236.247
23.75.246.168
23.88.75.186
2602:803:c003:200::21
2606:4700:20::681a:a19
2606:4700:20::ac43:4a81
2606:4700:4400::6812:230b
2606:4700::6810:5714
2606:4700::6810:7caf
2606:4700::6812:1eb6
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:21::14
2a00:1148:db00::17
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a00:1450:4001:831::2008
2a00:1450:400c:c08::9a
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:3500:585::4469
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8:a::a
2a02:fa8:8806:12::1400
2a03:90c0:41:2801::254
2a05:d018:d29:3605:c111:9aee:7bd3:6707
2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468
3.120.99.209
3.125.240.25
3.95.92.58
34.149.12.213
34.196.247.148
34.200.28.249
34.202.76.73
34.212.72.103
34.254.130.126
34.254.143.3
34.95.69.49
35.158.166.215
35.170.174.103
35.186.193.173
35.186.253.211
35.244.159.8
35.244.174.68
35.71.131.137
37.157.3.29
37.157.5.71
37.157.6.241
37.252.172.45
37.252.173.27
44.196.137.234
46.236.35.87
51.255.68.171
51.83.212.112
51.89.9.251
52.18.123.145
52.213.228.15
52.46.130.91
52.50.150.224
52.57.149.120
52.94.220.185
54.229.135.46
65.9.66.173
66.155.71.25
69.173.144.138
69.173.144.165
70.42.32.191
72.251.245.181
72.251.249.9
72.34.250.75
76.223.111.18
78.159.118.240
78.46.90.238
85.114.159.93
91.198.36.26
91.198.36.35
95.163.52.67
00215534b8bfbee85755fa9aa4a9b6991284de6c25528d09fa2bb7298a2b0519
018370cdea1810ad5387e8a6f4ea890e03221d4d87b0d412968a23ba0948af98
02bbc84d003c2d2255685dc686181313cd5252fb344b2c611904d99612ce9d32
03885dc12f28590c56fce7e3c7a009fd7cce71beb05ddc93c50232f247422280
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
04290a943779ef9c997c8a1623e2be2702292926baf698f41239d27e72abe874
0436ff8bc8306bee2d37b6bb4eabf54814e9cfc3ff948d967d7cf81bc70b80da
04a165e49a822f67f238f9975da7c207f74809f73310944d4ebcead7d346d4bc
04ac6d74cace46acdae160a1dadbea312a9f48114f1b9a738ea571d7fc6f1cf1
06460c5ac2ac6f0dcecb946cb8160e58c2c1b81977086c1ac9d2a181fc73d92a
064b2f85c517a9f3712a666386b163fc0ab3c9f3280b1b9cc4b7b572a9ccf249
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07f74fc327df1093827e2c70ee9e2c28805f9a12f251f276b3209b9a0d555f26
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da
094ae68d4f053abcb87672435c61bcf9b23d3df6038c6fd099eeb536e5a98611
096d5206bf60e371476e8ab705287bbb120a8f8a2dc9e51ce5cd57d4fe54ae57
096d52e186fcb7f2dce353ec631df8e3c2d3496f473aa55ea84a2e82b0af321d
0ac1d3b952aa008e4df527204581057c5d398e9f4490c2c10859dbed9e1e38b9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9c2ac5e45fc4aaedd79d1e1bcc63943559d44ace188c8f64430b873b59084b
0c52b6608057b18c6a5cfc42279e3abf4886e25d44893aa724d6ac54b8856fe8
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0df31b44fe44c32d9c1bafbccda241f0f415b6341f7754778627f949f838a298
0e74f0e4f1b6a8d6f80d418a9ca68e9db2d8a43270e77cbb2c600bf5b976396c
0eb7a77719035d6d6e69ebe5af07778fd3606e47b587c9d6c02aa7f6efb97708
0f7b7e7dbea86d27cdaf800c118f55d38effd1f010a2613b92040aa9829b59c4
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
11449813770e57069d077ac0ad5beb3f7406204c87d961ba1b53c30dba58b3c9
118a16da8ba112eb440f5e1962512d0b99f1cdc3f7344aff6dc3ba1dd5f36b17
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
161836d0e37f894e494ee909fb7cb3b804243d3ae328650bbef441638244fab3
163774cd5c049aff7b911b53e9978795bb17d5fd99e796498d0fcdbafb07b060
17710bb80b34401a17ebe6c8ae6aea38cacf4837af5c53894968218bb793c139
17f309ca47bb09c5d0f56b864f67856f69f9a21fb59afb1308861a98b821d27d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18281ac5ef4d81ba937478d847216e4df5a604c2dd994182e17054c91bee6eaf
187983a3511961fbeff3b9e571db344f9f8757cebae40dfcdb1fcee4b46d8c89
1885450c0476075437b5f7356ec5dc33fa5179e850cc4dbf59c29f37744818f5
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
196584ddbe825b4430d7fb25a78a856299a55bbf8e95b5838d41730bf81aacd9
19d2568260c39a0441b4600bf901b6537cd54a2f99a44242e81fb912c4d9f8a2
1a17a0a2156f6da84f84417acc4820df47848982483ca3892d83cfac8dc19e75
1a958eca711fbc6dd8dc686bdbc6aa827b38f7e9abed98a76cc41957571289d6
1b27ee5c9041ce0a0f08ba30726a57407f676dbfe4a2eb27d186f23ede581d19
1b903a5f6578f672cf5fab63321e7e76272fa9c659b6c8df4eac821102419308
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
1be8c5a90295c4bb3b882389de29b488ca7ab241e97ddb80dd65351de86a0754
1c35bef7abeed70f2a1eca573aa12c16969b0a0293cc27e463a2dc54da8c118d
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d777b13030d3f464aaffa86cbb483d45a2fb453ed3f1212a0cb9fce90a2d059
2001079198446573a757c1679d6ba62a8676f57a0a8806ac3a88b880c0583f53
2019cc4362b8310992c5ac17bf259b149af0452554e251ecf0232902895ed5c6
214227a16b4ff571023cbfabe1a74a46b33fb30abbcd8d1a722ae12e3afeb794
22ac541f68479287efa047d09b9756665ced87849fcd599bb51f5f95a9aa8903
22ee10595127a65dbac817c1840854f1f495df8146df804f9efdb3e9d0355671
2356de1d2ca4b622f2949c68f0659a08d577e86204c4700c439132c5164d17ba
23642206cae1714f4990861d8bc467f5971ba6c47e4231635c90fe0932a3c7ea
2376cbc29446b1ec714caf4cb5d71118a57db5ac45f91f28dbc93fecaed0903c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269b74637974621bf6bdd5c2f829a8d9ce45e840cba947c92958f0d5798b50ae
26dc9aca8f2ab8bbb58b5e9e5918988475e42f7cffad974698a71b2addc6ec5b
2791dcb76821658dce3165022548a9d1032f4c99efe7acfaafdd6327cbd88129
27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3
27e00c470bbcebfe10096d9536d5aeef284970dcebf540b7ee26a73743e26027
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29a0a1ab78f6b642d13cd03b37042748690fecfb751ced06e1cbd99b63cbeef3
2a8ba436d2051a5d2791e221ea189a58caeebf356b51582a0e4112cbab94d216
2abcc133c83e58ab6e725a04f1887ab7b8262492b7f30ceac62a0ddfe4fe26c2
2afdc1c6bf3c9db905a13f09a4c8788ec8991b0e727ceb4d2ce484a62d3116db
2b18fe43d554f67ed5455e271c1ecd99fdac48fc2de3151085d21ccc0961bd1a
2c817507584e6351b4045cddf092243a9f941838e8b92317c49e69f5de639e5a
2c91bab886959bd7e97837a0c55875b45c86e97ef18a0d02a38b9cddc586e59b
2d07a29bf4c1ac73a9d1761030fd55b7efedd45d6c946b2a5d8a5a2a19d7b1c3
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2d61b65eb279fb91cbdd4d69fbb83171076de2be07d18be7917b5f50b3aff89b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e4d7e4ed5af36c2889f8a65445445aab3d63b0a5994f92067bea8f7a5635c15
2e87f63531f948dd8dcb1926b8842424cd2aa3f37f12adec977d923600c06696
2ee7e702a463ae18f99b0961744c7725eeaf5850ccfe61e8b648ec8a896db548
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d
3224cd51f4161d44547a1f5a57a5566582c3d6a690d2212af8a0a8739d0c8e0e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
334ff4c8e9f20c31bfe49e4f097a08ab9a249180d04b2939832f45eb594eb835
33ac7c2a73fd64b2ea828e6a46e26d79a25439d11db5cf50b532af5697ff85d9
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35cfc63452b952ec276c2bae823642ac3f78da134255d9ed673b610184aa9609
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
3613203cffd833ea970368d0658df22f566dce2cf29f6370a12e5745cc215eb2
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
3732d80437c1d3809e21ed0149bf1f42839cb4cf134f451df7165cb97297fa62
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2
39b74fcc99f4b56758d56aafe6defc0cfa26c325f5d028705ec5e19f4d916909
39e85e330dec10d9a3cea109d17058dd79f1715398afc8b7daa765a9d479788b
3a02a74e293231f10e4afc5001469f7391c7fc6904ee506afe0fb970fd38754b
3b3975709a89da52613458d56c91493f1cc98ea6c73346a40e67665f754e72e7
3b89ab476c5248ed927b94a4ddce315b338347f9d05c0301518f8f6561908d7e
3bb68a613a2fdf1c797553951a6face42bc49e3d479a90d0a66f270f1239ca7f
3bd4eb2ece0fe98f279a14bb2b61ecbbcd501a598b50f1f8b211f76ecd420996
3c914c5ec7768654dc4f35534b46d2da72708c4db16148a833ce1847b893f60a
3c9cbd7fddb22326efb7e646b53dee5a23d95bca1a168928eaf0d5262c5c9b4f
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de3568be598a2fd15b7bda1211ec8f6e6bf998a7ef1f90e381481afaea1c6c2
3e1bd9240c93fe7ee19e2abbedf423059d988a696938ef1b9951f7eec6af9197
3f428ebe6a721f39f9c0377b8045edea6f072fdccc2128391870419168558630
3f76d4c822ea0ebe6b580dea29bf6be186e240ff5dcf7d2e4b4b12289e646ff3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3feac673a0c1d2700195541d9f824c4cf27de3d85cc54d0d88b76c2414cb3bd1
41250b726905a403401c0e1daef047afa977a1fd663f5d88f10c90e1b5ff6dc0
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
431f820dab5119a26ed0098d79e71c0677655219eb2bef7f18e2b6ec5c54ddbd
43f66f847881022ce1da456b672c67fa43707805cd9ee82275d57769ed209b47
45306671a9b3d4d1a3a96aecc974d4df0ad542531ee13be0d5a402f88a154430
4629d0b183da48a1475d36a5c1842c7b39d94affc1522f802472410ee84e3b85
46d9b819d4b7597b29db285f3ca5b466d7a9d4bbb49f4bc19f2d4aa3fbf723a0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
490da1c60ed9a4d3387cafbf69c0d181b93d8d6944270f80e98ddec5d39db6b0
499d7bbaf0cd4c91803138697d2e8c3777556188b6924371ca8418a7b2d1b080
4a041f29313c3d67a6325f7812a881477691c44d76a8b37579fa24d832fd391a
4a88fd34f0104bb7d4e3a171ec38de5f109a149bb07bbabbb6422da76b428b6a
4aafb409b39d2aab767c4ee4096988592f93d1a134b5e1af5500da0c48c202f5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4d841940fc5a291c2b21753932d57b24e9c4f26e6ae9788ad449392a55892c39
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed5574dadbe3709842d2118b941d9caf67cebe2abe361ca8f00e44a5455952b
4ef86eb0982f12c78695d9ffcf9b0de9ca0ddb5ec9dd9bb09ecf999fe965cc4c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f55118c4da1320fd6b311f4c629bbf4266b9b7fba5c3fdd567ad0149fa132c4
4f6ec1bdb37abaf42626c9307d6c5818e6b12206b8ba7ad2946bdba4c7ee09ee
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51c77910c0db796081281f11b066ee3883e2ea581332c7029502c8a054f8412f
51d590d335fcf6c1d3e1b2b69edcf34a033bacc719650378aa840391b8ffcf27
52843d80d9ae9d8b68ec95209a51d1cf09949d770d786ac40a859a4dd92e1188
528c86f58e059ee149839519af2df2b44fec2ddf531fe5912acecc6815fc0d42
53854b6506d89c688204a05e73a410d37e16cbacb5b8eff5d4d41f2720d17cc8
5385860e7ba5b0fd751056a822b052e16377513a57eb0ff2e5772aa5a12db139
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54fe732ff1cb0165f95103cd3c522ad5e92229eafba2b1519d88c9fab6960289
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ca784d80417111156b37461a488cd4c4e210fb2acfe0e1ffbf94bc23fc6364
57c6676f4aae666c5dd775495b931dbcee43f6c3b09f2fb7cf07b108a445d4a8
57c88df4f3d5f20e1fe5cd105ffaebb95a68da0dfb3ee51f7b120deab1bc4cb8
58a6cb7702209f21ae3d0de2fa4adbd78f71bc20103357cf25c382ee6e6a2355
58fe9f4ed6761bee5016013eee193e3d3855bff1b2c16d2d4d4337e7ddebd85d
59b7f3bff218252c356e1b38ae9289a63b4f16a2d8196ea2222e0418b90cfdd6
5a0aefb1f1e7696be57dfeb6ec557db2006201d76175ca0e8c77f768cc04b4ed
5a6e1e4dd2a44369fcff33ac8eccf923249b2fcad984025ebf178ceb76f2d71e
5a8682dda7cab8c6eaba5edff0f3b7131133222b708d4fcc9951f6c39ccc4974
5cf11ee568650a4eed6bd550cf827d01d0d10c0b995af2195509a886c59a1e98
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5e8b9269cce6da2ce82dbd4aa62999550123e87332e0f1a94f364616df827598
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f25af96f95230237d17d4f13d87fd0cbc9e625b5c92efc809c2f105a015e6b9
6017b9355dfd4dfef039e7d7b20957ed2103ec82aecb8fbb1ac727f2676394de
605f6d52fb8dc1615d01dd5c10abc70a79c2fe8eba17bba2602ceeee1bf195cb
606da6e37be82a351581d7dccb480c0769632a86f73d1dcfdaaffc11a38c610b
60f1c85dbbef3e89fedff162c213a848dc9ead94b1dba4f8bfa83c3769a4783e
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6317cb9eae37b490a553e682b2d8fac09e3866a149c0acb3b90b26d2b1a908ed
631f2e753b02b1c33dd30284f0738ce0ca0754e70aad99e79fcd9ec888828a26
63cf1e8f1218642b847e3a78ffe0b9a898f1768de21441884bce0385fca5c4df
640165c8919352c6bd41be2ac1cb97c6efab8a7429d8bcc9b396d08d6e3fe336
642f5fd742a9d4ad971464adee5f82c0292f812d14e337e5448cdb29ce5f2a26
6448c95ad8e9b1f63465c57952afbf8df9df45103e966407d7b0f1588e9e009e
6511f2563b8a0b06466f47a1785af3387b643aa7d45ecb7e3f666e72d2e50927
65b5c7914601a8871c0622cf5a340f4b7506c7c4d189965c22614b6bff67fc4b
65bf758cafde87be0ef27573b34e3faeab6daf69968d9ebdbe39e0747b1ad770
66efdbe018ef48ba544c9cb9a57297662f0a6639e3ab77ab5c832698a231f036
66f378fb92b0dd8e7705ccc269ee8672cd383c31ad0561ecd02f2b9cce1f0ba3
67886b28d90c1245d2cb1b26da3dc8c3c47f56b2bb5c8060fbe8398765281adf
67e1d18963c48d25ac37f5419bb2fa2824b4a59bc888f3c9e37d2b8b1c463494
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6897ef2d2969efa1c826ca2414b560d7206d2d51ffd23cb50244322dceb55813
689a9bbf4b38cb5f7ea0a53aaf789631e6f0818578b41d34dec022b933a00766
691c452272da385f85132d8b6085e7d9b1b440a1a7a0ba89b592a7f84cd37dd7
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
697c159b574b775c919acf3941ce749a606911037b4bbd1f4af2e389286e7891
698501f11b36a327c270eb27836e542a38de7b80217b15f4996bd8d12fd7a198
69abd35fbf034e78279c15a66c542f9d1f3a68065ebc883f9b36e8804216b38c
6a73e7ade0ec11b10b90551b5320261a9da8c13adadd908d933bba04c30821f4
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b543f980c4fe6efb6cdf36e4e739fff61d7b1516f2d9c362aa262b443e8e1fb
6c288ff9874a992ad5021f7197dbcae181ccbc9b1ced648acd5d9efa6ca51f7f
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6dc0dfed8fd2b74f12723b4fe471dac9285d1e1cff5114ee487c7298bdfae0a0
6dc65d5c8104bb309013c0bc958e735d72f97f6a95e5f5f744d1111e65155da7
6f6fb9f81e3df27e8bba0b1570ba7689e09b4043fab0800703b7e413bb09f01f
7024db6f01805ec43e0dcc954529f93d4033860c54149a2bebdb953c04476b13
704343dc14973f226fe748c69977001fe402edf5ceb9bf83923f2310633c16f6
70fb8ca0f2b77baefa1167ec4704b8b4a6aeb5860f6db5c384227e4a6c87e58e
71f7b22f7b615b6a6cb2240ba7516fb2e83d2028607d5983fd64d1b755fd11f5
7285bbcc3dea1f7817ba4834fefded828aa129b21bdc3cf5c9acdb12dd1b4781
731e952d643cd71b3699e9d9b45320f20318c9a8439c059aa296e45b79d5380f
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
735e8910e491da560ea18efe17fcb8b50452f21975692ccf984ccf8fa2223793
73d639f2ac7cce55012cd7abca950334f999d9fb7fb2b90ce4b888f21b6df3e3
74258139e0ebe9343f40170474529e6a412993eae3f1955a119fbd902ded1558
748b83a597290eb19e04a7fb1bcb5a6e18cdabcc73ec349ba538ce208ecb3b43
77b1332c0394c83625516b21a3e9e7ad11aa4f0b942a9a2f1a583dfd58637d69
78598255cbfd5cfde5f88b784bf81c49982b5d04837a5de8d01814b53473bab1
7862c23c84c5d4c677fb2f0729d5cad7562db5635acc2a2cb13925d33159d28e
78a3ab140fcd43ebecfa9d68949017f9c5996352084a555a65a986a9b8a5a5e6
792ebe0442d0f1520de0b4574c3c88b8a8a6f1a286732d6a21d89e67ceb79d28
795284b3d4f1970204f01462488b21a00e6d8647504c4e59a425f9e23b23818a
79d806d9e341273f6ce864db71c80ff54b60068934c6566700463959e69f5f08
7a1769d964c2456ccb6dd0d8482264c844b49febd38b590530adc90e717292b0
7ae6c3764845b284a3335661b87777ba1f46f44799773a61970d9ea52ca11b60
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
7b5db3bb38bd76da9e83a688bdcc8001ea36d2d9721b598c01e8e1c3a5325e6b
7b82db7d9aec1044e330a8434fb8883d126b5fec04f47226dce780a568c952da
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7cbe534ace49cd24ef35cef70460700ef164f65b6fe7c138b2dcbe4c25432a72
7cc872adfa073d6cf71c6001714830d1666cce845f7d94496c36e09c3785827e
7d18b380fbfac58ad5d84b8c3a70d10dbc8ff394a65a00526cb8e6bb2565f9b4
7f5df690427eed33c008ebfd42120023d160238a5e707c2efb31208ae9a8154c
802bd68b7e71f687e6bf1a6d868a046051075a062143518065cb6abdbcf6db39
8066520d4f9a10b94ecaab59ccd265803acf8a1c1d1de3769ab889e95a77dd4f
80a375d6961337f7cd8c7c6d25ed4ebd84aa054ec584c30efbd547f18bbc270a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838016c9bf7f9c45c9dede52ea4a804f754cff8c54f283876ad27fdcfff4141d
83ab5047e820c4c9edf0823374a8a31e0119fae38f345a88caa81b46184dfe5d
84510fffe17fea544ae340bc9373b62106bfccc148f93e8ac4bbed045c64e9a2
84abcde2209d220ce853e89fbfa44d7fefdc8f3e466167c49b0469aeab7da1a8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f34f69f0f6a8caedf71912424a3a1c69670af6a8fc90bc2f7ddbcce263b515
8519055dcefaf716c4836a1fae0376a6772a3235d089877b73ca625c6715f7e8
85cf3d2a2e38756d3cf277286b38835770c7c154a084804d138cd4ff7ca0153e
88354612ef4d59f51561ecdcf321ad9790c787fc52338467a3cf8a995d8c47cc
89267b521cf50ae50c48425074e409de9710c7c970613cfb25a5bb018f03ba8d
898e180e28f0d79507e9383a6f58303043c24013cca819f7451381562f323093
89b55d06853fca416c4f1e282233cfff2fd4c5994a425be58dca7c630d9866f3
89e0c888f3370962831869b407034daafaa6c60858e9f27b95275439c18697c9
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c4ab77364e45b61a4bb76c01b411bb44797a0189c493a6c877460dcd839888e
8cf1e95bbb37fd7bf619b2eef79e9cc55b5e9f5baf25fe8da785e07e121232aa
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e70fbff8c9343803963e06c132a5cfa534043665b75ce85f227edeb2c215d7c
8ea427ff942b091ba6b20681d5af0eed40421da437519824acff3c9d0e1013ef
8ee3c83c278e037e85b1ad63a4df8bd0165b3a80a5bd4d83d855262a0c80f6f0
8eeeec46336317236f133556fbd2a293ba05c1ca821ad93ffd644a47767561e7
8f79f887d772a5870b19fc8feaf5e8f2a311498e7fc9b9ede43faeb65a547440
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
90102a5b0d498a0928a1923216a5e922fa4dd138a5c7ecad85c6f5b6cdd6bdab
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
918e1cfa104cf2ad2942fd66030698b8bd602ded209a4fd35552e210e59b5931
91c00c3119d0351f293a28573346b82b584131d772ae79049b270b6747d8debb
91daca9ccd622b2be13b23a5c2ec4a57c149b23b2c8d27b3f4400558b57cc389
920518b9e3cea200992653dd94fb599ba9eef4a9f2906d5b503f347b8345740e
921030cf95168038fc608d7e7243d72ec0f5443515e9675a23a2f326ccf737f9
925e1d8bf8aee038de4b136a3202986f6e7c7020abeabe9fc8b7b50e6aef9e30
92cfd2cbea08ee212c320cf2f122335c415863cf22c1b86ae04419ab626b6dad
93dd9bdfb4786776e0be67aeb0f1bd07f2c8164d05c859888ea58aa5130afb2b
93ff4f6021555a27a379cfc12d372666a7e1a9c23bcd97f4a90fb73ab7a92852
9438ae7f5b873bcca594875785a94a8632686955a34fd717b5130b86a6511747
95f10b4a2a047bcb651a6d6a81d428980f6e61d13a34f49f74a1991474d4156d
96436740768df916a8e12a0cf5103e614f00c344b9de081fada66723a8b5831d
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9759a0cd7b14cd2620cda94f55ff5933968c00633992e2c58ea8757345a039b7
97cb426b07a50b994eb79c3e0b49d747c69bbdaf5587f55fe6a8f6b5b2e08929
980fcf363a7373fcfd8ea3e545448bfeef574a964cd63de3241ccc92ba6e5143
9815fe31ba2b6c43e2d63695ca42125ca432eb115200487a6a0a9d7e53473765
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6c5e9d1aee2749100732dee8bc08a47ab215c6f6fd99713f40084c99d3c474
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9c15871283392216cf75c6464ad3b2a0a264b6cff331a323e2cec2f431f34959
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9d16e21c8ab66ac2966e091995e1e2af6ed7002ce301ee00880a5753f891f110
9d2ae8c80a6f17e7068957051ed9b2de5217215c2741b2671f3ae1a1e9ea4922
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
9d929d0768d8e1e18f2873c1d0e0ca3419fae7e33b48aa6707d58472e5ca7d3a
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1
9ed325bb4e1bd9f76da8039c87602d63b91e6963d6bf830e62d938a1b90cd133
9ee7bfc0c8fb20807f1e7104a3187a575e171ca46419e9565ff45e0a91c61270
9f83b477ea3eff023415247263f65d54e296bb2d283d2827b6e6de7fe447035a
9fa7e0cfc989fd2aa8d60dcbaf3ad6009e580a6320ebe0531ab0434b0178464f
9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816
9fcf864f0ee0488b12595c20cd8ef1546da1eaa456625a3f49ac974a1e852e00
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e284c728470401d1d5eed56d4eacdd4ca5da82286f6864263b4d5374d68fa0
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a320e816e00916f545ad289f0e27c048f7fc6dba7431d3f6b2c703ce708752ca
a341ce4ddd66e3b9f6514a92774de06512f5f14e24ab1918d264be70ab548148
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4af208d1fb1aa41254b6c92e1de1b9564eaa736a1621bde54a71bc289d5a505
a58c45b495338481a91c73729bf3916ce6c7d8e9f0566c0e731a7a3da7dba81c
a6471be6b02897e0fcc27acc17e01ca5b3243b6a3f917b01987fed922b9751e9
a64a4a3cb7828602e22cfc0893b89259b4799ef012fea7db60a4de1b58291803
a64c34db39e278f7096a37225e8fcef4b05d4a6b9dea0239fd0bbabfcd16a9b7
a6c2fa4216a664c2154e7078becf3a3e79ab7602d1467b3fb61ed0961f6d6812
a734d1139c9e4589f8e120364ed49bbc167570f4975ae217d3a0fdd2b56d6bd8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a871095398159eea02c5fff548f5e1b9f0b132febdeec1ac9fb30ae29134c699
aa75de25118af26c033c154a21bf0156dd7247afea67a941f3210e773fa2e36c
aa850796db9400b694644339634f8708ffd14e3ac9843972954dcb4571dcb939
abc770477b63d0c9eb4792edf64e206474d0de7ca8e2d9183d897bd60f868e2c
abeedc734fed596f9f470593a07a17fc3d5ab327c0b83dfca3b96acec99fd49c
acb21d8377e8190573889c939b98d1366533b9227f49e65ec6b7c2d89aad2697
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad39d1ab0e3f04a56a37b75af426370dff4bd09a1d59f73d3a965563682e4ff5
ae1dc157682ed7fa580e33d29975f7e43ce2aa5575d111180b6f352dc4b57b44
ae20430ebe58ed38304b64f6f01251ca9fe1aeccbb9529f22be6879ea48f1879
ae9f66f1c6a219de27693f60aeac9f7683c14e36327eaf95185a9a37fe1cd672
af6592d435a34ae2cbc384c908b2000e3a33f3c3d7bace1a84ba7880a8a80d9e
b006c68a8961da4424676dc338f9c27c71212096f5c46be686bcfdb5dcdc2753
b0071aee3d5d9dad166a8e2a22b32bd4450f15241ccac1644cdbd5929e6364aa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1976e59bf796af70b58500c38b7c500482f32f282bce8651272542343265e14
b225a72c3c0f0ce054225cf8748508f69d7315568bb5aacb38491e006a4372d5
b35f733585d06975a6242dae18c828949a60fd621a8208e9ac24838a0ffd7dd5
b3d5b2371fb9e642010d707d466c5621daf96247e8132fc2a18a819dbc7f7a29
b3ed9a0579545a5c7766ebf7b1d228499b234b0752b20187bc064a3f68334601
b44c36ce3dd6e68a67458e902c6b8fe3fdeab5b929c6a00ac2c4fe83403854c2
b44eebebc320ee341ccc3f50543909bde3a7082487ad914588c3d91281a38b97
b5157cdc5963c4c9f350c75669e14168190ddef3114048d63d672b29252fc917
b52c063c501c9d73d85ca4a341c5e4868a3ac33199ec7f1277556c9c059fe89b
b607965864024a1d586ffc7f9faad23a2bc2c3768a32769ece058956086a5397
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b75b521dee10fc3bef7e6e39933689b204147c0c5be436e35d9cc894217fd1ee
b7ad51b5a92ebf42399a7c00d4dce62fb61b9a87057af39d2abdf93b8546daea
b809aebd69050e3e11ea1a400e39b593e38419cab8f4f5e7d83fba02e11eed1f
b8bee3d52699f63eb3607c3540c64d3df5948101ea63f939dbdf6b48901c8e1a
b8bf1f8cdb74ad2bca7edc8bedfff3c7cb11c38e84480233dfcd8a6fb4e909bc
b8e6fc57081f56de69a8c4e6e14dbca12ca2e993b9faa5f8a2f7d984db0fab12
bad8a5211e4d7b19ddadfc5d521e57b22d3830b86589195cbc928df83ee47c5c
bb97e95fa67add1fb5ed414b7abb89bc84da30ffc19f478481b6d1cb9dc3134a
bbae0e4a3740782fde23546a7f6969c383e3dcf8ba55841dc6ecbcf808525bdf
bc485c60c1e0395cf0c58a2a9bcc80550b8f289f5be78594484b3eeed36c37d9
bc788950c34406808d0a6d40ee7d7a0a585a3cebcd266cb72b1a4a8a252f1331
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcab73e79e54f5f8b0cf77546f937aaf4aed60947fc1e4a7801813ed34728c4f
be999ddf92c88767a2a06fa99338fb1c7323ceec6b097fd1dfd744b36afec1b0
bf3212c54195d8bea9c51560845d6c77cea19a3049b98f36bbe836e4b6ee0c74
c08da2b86d237245b5fcf518f7ac663b58b6eabd45dd7a9daf3467804fa0586a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1fc120123b6d7a9b02dc60e056b7b0a846a15b6a8829466fb4b02b9c3915c9c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c296545a04e21444147fd04c88f6c3e9e50c767d6b11af2c5b9f22188e1c225f
c33525735a8385af8a1c9f2ac1037e4bb262762bcdd8edbc59736d2c5819fdf7
c345906d088c07a302b0b74810c69df759bcd7a94f4959e22603ebf5d9de688b
c40a00defbc49939b40de73a512c8f04ee33b3947a50b6c20ea1be480c9b75e8
c5cad78844631f748de4f5526652f08ae1504dce421b6e8dcd796af07e639ac5
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c71cdee800e5fdfc16285ba891c0a7f25a71eb638622b74f4b72e3ae92068503
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4
c7a540ea521742fd09d91949ba268eb5b1e5ccab37aa0a147378ded5d550db3c
c7e7c9a58c561d93f29fab3943724cefdd1bb12a6183e2b449a56236f8cc783b
c92ee2460b4063f46ccd0ad0e0a68d212c6b756c4a0ef3a7fdf0afe0989781b1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9de877c3d6eb781c5ef65c638ec4f626fd82b809a5033a2c2c0662386567a67
ca79946a55c334d6081451fa8dd8fede2974585cfab9e225f721ef67612ae18a
cac411579ea950bffc80e9af1e98a4314cf7e27a21999d45ba633eb74a1647e7
cafe2ccc723f38d12406fdcc2b9777f7f89363a39bbd09c91bb75876f24141fe
cbfa1d998eaf460fb85b01dc2e653428a96fcff6e2752d6fb44aa25b4f477015
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399
cd9ff3ad680462db08b726b2ea657886a5702bc03272b6b8c4a9a1888ca80413
ce1105aef61d450aa43ce3ed27f413a164f748a54f89a05be69201758a043513
ceae5b8b4f0e932fb371ea2cb75fe8e26a6d72615359075f050407546c09804b
cee30dd331a6e05778894a97eec4d61fd1b4fd911bbd0fe16fcb457e399123d2
cefac0898ee1d19ff1fc498113e6f7b81a0f5a6e63b3ae72106cde5d0454bc01
cf19c6cddeeea2fcf4b729242f28963765906fb8ae01d5c382e4166ab51481c9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d169a4b4bf7e00787e12931b5c2040d76f6995b3ba3f06050274b28644b47d86
d1bc744b5c493b206728f2e35c601acf00b1da95f69159536284016afc64f899
d257e529cf82beeb2dce7c62b7f7deb6747384677d1f4b5ff6e7c7936278e717
d2637ded6ce007b316a9c5e971a20daab4be2b60d85cde6181ead7d406bfe68d
d2f1e42b846f82e9c210c1dcd3425b138750c63d8f57584eac56e1b9a0e64ca3
d2fbad9636c1fb1ddc3e083984f2b5d3a955a32fdb6247876aabee203958e7dc
d3693edfe12eb6e8fc3c76dcc61e944b4278c792f1534e8cdf343e7998106bf6
d43830072dfc4fab17ed31bb78fd8038650650ac6e454402be94cbeef1ef29b7
d453b0ccc5017073ee44f39fb3b3ecf15d7de92b07ebac0c29763c2168354487
d6014a3890789e14bcd722c35ca248efa9561b27d74dfce61c578b5e967188f4
d70459a4b0caff06c05878f381f67d4492ce515ee071cf84d61085e7accccd69
d82103e020d17c34fa3e22141c5ec1391415c87c3c9a8ad43444a070fd3aa78e
d8ad090d6c79db1e9465ff36423e11c23d5c0f5240dacbbcad0356f0304e6710
d9cbcfeb9b6e64526967c4cd689a6bf25404c437fecff623856da96d292e8e65
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
daa9c1c00563b973df8c5dad719b8670a599a9465ba9bbac4d222c586b538571
daf0e65a3b59652b4ebd99265acb18437a65ab5c5425d9216244fc1dba21df43
db8ee1bbeacf966e2910f1f9a4d81634d60fde526057b28fcb24b4c9155bf3e9
dc61374b834af7f80c2bff31e7f08392cb8033ca8b28b52da66403ecde5fddef
dc909023aef7914468afca2977244147a8575d48f9787332d7672c4f5d2cdd62
dcc5390e35ec3e6782c826477f559b7fef52d44ef555ec1bafef3423f8724ecf
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4fb84ef463207662efa03dbd05515afb3aee6a71fa7c5e56e7b0b13504a7b4
dd89c698f5518b8e74892fd52085772390a4cb078ff04939584650c0d3507c67
ddada8b7d9a90a6c4097248ee6bd8e6262d3f92a4967c3724f3b255d801994b3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de4b9aade6305cb0c241abd1f54bd5f2d2077f3ccee0b283f346a9f2688ae5a6
de4e5164bf9562da35c90965354e0e45917c428a76f9aa2e5954a2b192f43caa
de5808ea932124d6b13e1b1139deebc4827635de9c9b2c0dc47a06002699109b
de84be89f4da1b8452fea7684f5dda865aa5c2aa76c2eb10b796b382a28d1267
de93670e44de33a8ced08749bb05b1ca2588a7561a7e2d5e9e68c1d868d903cf
debc9db868fe231a02b2c684896a796e2dea48c8b056b67227531be2df9c5b58
df650c4f8fe03a470f9019f258d6bea6471f0588eb4217ad791d2bb7ae73ef01
e1bdf6f2f0ae6db22067d27ff6560f2720ea2cddcbe953d4e317d2e7e8b17328
e277b162cdb301be5de38de7ab7eb6c3a15a5d4fc47550815a845f9c519a2d99
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e484b21199c8263bd909daccf9e0c9f8bf7895e99354719a4db5a474b51b3e07
e4959f7061c6736e63f1ffe501bcf2fc3bc9f9dcd7e2d978d5c474e304fd5ed1
e54898b676dc9a776aee142b43797c43c4ae293c087956d81fe7b0a1f91fb56f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e58cb72c1056d2a9345f7cbd4282f32f519cbd2d038145671674d769b7d1d359
e68f4cc1315fb47fdb04803c9b9afff0727b280fc6cb5c1db51d9f945d3e023f
e69670e816dbf86c1f0fce9fe5c0a3d68f59050be7776f019f69848e05380b41
e70792957a2d6b9fe4f3b638d557b304e23215b8031d9e14e2f61be37f008399
e775544809d2f32a316ae8bea00f093c795679fe41b1cb8edd09a3b32bdc3952
e819c4288cd8d5b1ffef8780329882cd3d259ecee0daa0b4e83f5296686a1809
e8a57e45f38422d2e2f4b1bfd86c825cd4fcf9ff6219d09e5e8d9039643c232e
e9b8aa3c3922ebc7b97f7cc6b6260c9ddbc02a9d97fe7114e598670e6125b864
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
ead57b4a59e7d890408606fb6a388db8691e840a538d2b673b6a826ead64455e
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
ec0983858cfaf7d77b7b4468bea63ba78717e29b2ddc7fb4a2099d5b2ad096ff
ec565fb8742570c02f8e7497850bc5c4f9c604cee62709ae335b66ccc6f6402a
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed358df033efc26a5d7f285bfd8cd2741a423fbb05a07d1e14bae729068c3744
eda53a126b9ad636ada21bc74b0e54c5dfa526083e7a876b17eb90061254d275
ee1f428688019b84102f7fa62b46fda91ca96cd30ba8254bb0ca24cadc351557
ee83c984c733b9c55a91f42e6cf39ba90c22bc0789296f4b7a5ec189ef24afbc
eea7f106b063c14dd6c80523446b67d00890181042e95be948f201008706f0e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
f256a316271a085b13428e78d7eeb014343f633be0382bb21b04bcf19b87fcea
f2688cfce6737668af724081900a94bfdcf6437cf8372189005178964e7d1831
f294fcfec44f843f70470dee991faa66d2fb6d92442a5a61df3ad2b0c1755466
f2e41f0911b9ae8747922f22e83e17bc0f7e733d726bf94d2a4b19ff3bcd8edd
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f3f65af6dede63aa23075d7349f48a3ba1de24575bde9b4494757d136c35fa24
f4b807507320aafb90ca23edf6ccf0b9b032e374bce232ff34fee99a75a8ed3d
f50f58a5e3fc8ae871e89c5958bb624c7da2d62402dc2a4e243df1901d4980a8
f55eeda725daaa06df0c6cf60249ce3e0d23b7765d7421bbdbf349e5ed07e5d6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f663f0b96b83e0f3dc34fea3253eef5bed2e88494ed48a3990e7fd136eb5e6a3
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7bc636d569422cdfaaf5d85dd97ef3f45880c803d9e969f5c9aa41b83fe506a
fa638b32cd16ef21015c980eaf4340cf615d2af11319bd54439b4dad47dddb0b
fc7b1e9347cca07849f32c1597c310ca3fc7c417c823327d05937be7d1b12c3f
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fd1348ce3db35de0979f6694dfc7ddd1e1d559cbc951f46d2a9e28abcb242167
ff7ca5dd273fd26d8e0e001f3d5da345e8ba0ded91494a7ec2dead5b8b2c1ee6
ffbfc4fd7443146da8af0ffb6a17df8c9775e427799f67e022e12f519163b44d