www.ejan.co Open in urlscan Pro
2606:4700::6812:5bc6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Submission: On October 06 via api (October 6th 2023, 2:13:13 pm UTC) from US — Scanned from DE

Summary HTTP 443 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 111 IPs in 12 countries across 85 domains to perform 443 HTTP transactions. The main IP is 2606:4700::6812:5bc6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ejan.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2023. Valid for: a year.

This is the only time www.ejan.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2606:4700::68... 2606:4700::6812:5bc6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::ac43:1be8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:e400:11:c3fe:5b00:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
47	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
4	151.101.65.55 151.101.65.55	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:6e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
16	2600:9000:225... 2600:9000:2250:8000:1c:71c5:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
2	203.154.91.181 203.154.91.181	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5 11	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
18	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2 7	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:ce00:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	54.77.82.203 54.77.82.203	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	3.83.71.62 3.83.71.62	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
15	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:10:... 2606:4700:10::6816:30fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
5	2a05:d018:d29... 2a05:d018:d29:3601:bf41:b326:fa86:2937	16509 (AMAZON-02) (AMAZON-02)
3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
3	18.66.110.17 18.66.110.17	16509 (AMAZON-02) (AMAZON-02)
6	52.18.11.220 52.18.11.220	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	18.159.182.232 18.159.182.232	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 10	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
12	185.86.139.58 185.86.139.58	201081 (SMARTADSE...) (SMARTADSERVER)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 24	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2602:803:c003... 2602:803:c003:200::43	26667 (RUBICONPR...) (RUBICONPROJECT)
13	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
1	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
6	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.80.36.187 185.80.36.187	27381 (CASALE-MEDIA) (CASALE-MEDIA)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
12 25	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
8	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2	85.91.45.75 85.91.45.75	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
4	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
1	185.170.62.165 185.170.62.165	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	65.9.66.43 65.9.66.43	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
1 2	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:6646:86d3:d57a:3a46	16509 (AMAZON-02) (AMAZON-02)
4	104.18.24.18 104.18.24.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:9000:211... 2600:9000:211e:4600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
5 5	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2 3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
2 4	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
24	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.21.20.200 2.21.20.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	52.208.23.16 52.208.23.16	16509 (AMAZON-02) (AMAZON-02)
1 1	64.74.236.127 64.74.236.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	173.231.181.122 173.231.181.122	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
3 3	35.157.117.145 35.157.117.145	16509 (AMAZON-02) (AMAZON-02)
2 3	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	18.193.237.199 18.193.237.199	16509 (AMAZON-02) (AMAZON-02)
1	18.239.18.29 18.239.18.29	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.19 143.204.215.19	16509 (AMAZON-02) (AMAZON-02)
1	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2 2	34.77.79.66 34.77.79.66	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:26f0:480... 2a02:26f0:480:588::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	45.83.104.71 45.83.104.71	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
1	89.58.7.59 89.58.7.59	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
1	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1	18.135.175.58 18.135.175.58	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.40 13.32.99.40	16509 (AMAZON-02) (AMAZON-02)
1	35.208.216.174 35.208.216.174	15169 (GOOGLE) (GOOGLE)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	23.218.208.23 23.218.208.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	() ()
1 1	34.96.71.22 34.96.71.22	() ()
1 1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	() ()
2 2	185.184.8.90 185.184.8.90	() ()
1 1	178.250.7.11 178.250.7.11	() ()
9	198.47.127.205 198.47.127.205	() ()
1 2	54.239.33.159 54.239.33.159	() ()
1 1	85.114.159.93 85.114.159.93	() ()
1 1	51.255.68.171 51.255.68.171	() ()
1 1	52.7.13.39 52.7.13.39	() ()
1	99.80.190.120 99.80.190.120	() ()
2 2	34.111.129.221 34.111.129.221	() ()
1	34.111.131.239 34.111.131.239	() ()
3 4	54.152.59.28 54.152.59.28	() ()
1	185.64.190.81 185.64.190.81	() ()
443	111

10 2606:4700::6812:5bc6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.ejan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:1be8 (United States)

ASN13335 (CLOUDFLARENET, US)

fea.assettype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.assettype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:e400:11:c3fe:5b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.gumlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.55 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:2250:8000:1c:71c5:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

gumlet.assettype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.ejan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.154.91.181 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-91-181.inter.net.th

lvs.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:ce00:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.82.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-82-203.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.83.71.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-83-71-62.compute-1.amazonaws.com

prod-analytics.qlitics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adasia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:30fd (United States)

ASN13335 (CLOUDFLARENET, US)

tag.adbro.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a05:d018:d29:3601:bf41:b326:fa86:2937 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.110.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-110-17.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.18.11.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-220.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.182.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-182-232.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.210.46 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

bs.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)

prg-apac.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 104.18.27.193 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.80.36.187 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a237.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.185.194 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.243 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.91.45.75 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a5161.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.170.62.165 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a4393.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-43.fra56.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:6646:86d3:d57a:3a46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.228.174.117 (United Kingdom) 5 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.253 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.20.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-200.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.23.16 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-23-16.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.127 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.181.122 (United States)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.117.145 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-117-145.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.193.237.199 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-237-199.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.18.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-29.ams58.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-19.fra53.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.77.79.66 (Brussels, Belgium) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.79.77.34.bc.googleusercontent.com

jdswhq.helmexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
neso.r.niwepa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:588::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.83.104.71 (Germany) 1 redirects

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: v2202005117212119221.goodsrv.de

www1.belboon.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.58.7.59 (Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: v2202202117212178004.quicksrv.de

webservice.belboon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.175.58 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-175-58.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-40.fra60.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (None, ) 2 redirects

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (None, ) 1 redirects

ASN- ()

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (None, ) 1 redirects

ASN- ()

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (None, ) 2 redirects

ASN- ()

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (None, ) 1 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 198.47.127.205 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.33.159 (None, ) 1 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.255.68.171 (None, ) 1 redirects

ASN- ()

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.13.39 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.190.120 (None, )

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (None, ) 2 redirects

ASN- ()

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (None, )

ASN- ()

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.152.59.28 (None, ) 3 redirects

ASN- ()

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1126 pm-widget.taboola.com — Cisco Umbrella Rank: 3680 trc.taboola.com — Cisco Umbrella Rank: 680 vidstat.taboola.com — Cisco Umbrella Rank: 3058 am-trc-events.taboola.com — Cisco Umbrella Rank: 15139 images.taboola.com — Cisco Umbrella Rank: 1964 imprammp.taboola.com — Cisco Umbrella Rank: 14739 am-match.taboola.com — Cisco Umbrella Rank: 15405 wf.taboola.com — Cisco Umbrella Rank: 3324 am-vid-events.taboola.com — Cisco Umbrella Rank: 13899 vidstatb.taboola.com — Cisco Umbrella Rank: 5791 pips.taboola.com — Cisco Umbrella Rank: 1752 cds.taboola.com — Cisco Umbrella Rank: 2153 am-wf.taboola.com — Cisco Umbrella Rank: 16197	2 MB
55	doubleclick.net 13 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443	349 KB
46	googlesyndication.com 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	244 KB
28	casalemedia.com 5 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 570 a237.casalemedia.com — Cisco Umbrella Rank: 591537 a5161.casalemedia.com — Cisco Umbrella Rank: 545659 a4393.casalemedia.com — Cisco Umbrella Rank: 391552 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513 dsum.casalemedia.com	20 KB
24	ad4m.at ad4m.at — Cisco Umbrella Rank: 12024 as.ad4m.at — Cisco Umbrella Rank: 34439 assets.ad4m.at — Cisco Umbrella Rank: 44524	1014 KB
20	assettype.com fea.assettype.com — Cisco Umbrella Rank: 152559 images.assettype.com — Cisco Umbrella Rank: 242039 gumlet.assettype.com — Cisco Umbrella Rank: 97225	562 KB
18	pubmatic.com 3 redirects ads.pubmatic.com — Cisco Umbrella Rank: 588 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581 image6.pubmatic.com — Cisco Umbrella Rank: 967 simage2.pubmatic.com image2.pubmatic.com simage4.pubmatic.com	93 KB
17	adform.net 3 redirects cm.adform.net — Cisco Umbrella Rank: 1279 track.adform.net — Cisco Umbrella Rank: 4131 s1.adform.net — Cisco Umbrella Rank: 9659 c1.adform.net — Cisco Umbrella Rank: 643 dmp.adform.net	78 KB
13	smartadserver.com prg-apac.smartadserver.com — Cisco Umbrella Rank: 10674 ssbsync.smartadserver.com — Cisco Umbrella Rank: 951	4 KB
12	ejan.co 1 redirects www.ejan.co static.ejan.co	127 KB
11	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 261 secure.adnxs.com — Cisco Umbrella Rank: 542 acdn.adnxs.com — Cisco Umbrella Rank: 663	24 KB
11	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541 bidder.criteo.com — Cisco Umbrella Rank: 895 dis.criteo.com	15 KB
10	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 563 eus.rubiconproject.com — Cisco Umbrella Rank: 662 token.rubiconproject.com — Cisco Umbrella Rank: 504	37 KB
10	unrulymedia.com 2 redirects targeting.unrulymedia.com — Cisco Umbrella Rank: 966 sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343	2 KB
9	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 334 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657 aax.amazon-adsystem.com — Cisco Umbrella Rank: 426 s.amazon-adsystem.com — Cisco Umbrella Rank: 328 aax-eu.amazon-adsystem.com	70 KB
8	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491 ups.analytics.yahoo.com — Cisco Umbrella Rank: 363	3 KB
8	gstatic.com fonts.gstatic.com	103 KB
7	smaato.net prebid.ad.smaato.net — Cisco Umbrella Rank: 5335 s.ad.smaato.net — Cisco Umbrella Rank: 893	3 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 7957	3 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	353 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2714	2 KB
6	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3539 bs.yandex.ru — Cisco Umbrella Rank: 13295	159 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 402	741 B
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1906 google-bidout-d.openx.net — Cisco Umbrella Rank: 1919 rtb.openx.net — Cisco Umbrella Rank: 912 adasia-d.openx.net — Cisco Umbrella Rank: 30705	1 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	415 KB
4	audrte.com 3 redirects a.audrte.com	3 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 387	1 KB
4	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 913	979 B
4	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 753 cdn.indexww.com	2 KB
4	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 659 eb2.3lift.com — Cisco Umbrella Rank: 434	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6147	733 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
4	anymind360.com anymind360.com — Cisco Umbrella Rank: 18222	212 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr idsync.frontend.weborama.fr	897 B
3	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 952	2 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1069	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 649	2 KB
3	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 32271 go.trvdp.com — Cisco Umbrella Rank: 29167 s.trvdp.com — Cisco Umbrella Rank: 27427	137 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 728	75 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1164 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073 sync.crwdcntrl.net	12 KB
2	creativecdn.com 2 redirects creativecdn.com	868 B
2	quantserve.com 2 redirects cms.quantserve.com	1 KB
2	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 847	374 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 624	1 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	29 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1420 contextual.media.net — Cisco Umbrella Rank: 780	10 KB
2	adbro.me tag.adbro.me — Cisco Umbrella Rank: 21329	11 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1156 id5-sync.com — Cisco Umbrella Rank: 470	30 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	87 KB
2	truehits.in.th lvs.truehits.in.th — Cisco Umbrella Rank: 48815	10 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	1 KB
1	nrich.ai 1 redirects dsp.nrich.ai	566 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	524 B
1	dotomi.com 1 redirects casale-match.dotomi.com	182 B
1	company-target.com 1 redirects s.company-target.com	424 B
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 21514	598 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 59583
1	adcell.com t.adcell.com — Cisco Umbrella Rank: 64125	440 B
1	belboon.com webservice.belboon.com	288 B
1	belboon.de 1 redirects www1.belboon.de	273 B
1	niwepa.com 1 redirects neso.r.niwepa.com — Cisco Umbrella Rank: 744689	348 B
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2866	1 KB
1	helmexpress.com 1 redirects jdswhq.helmexpress.com	442 B
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 51750	465 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 18074	702 B
1	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 24937	2 KB
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 1000	759 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1504	283 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 637	317 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 620	696 B
1	adroll.com d.adroll.com — Cisco Umbrella Rank: 1495	181 B
1	ctnsnet.com 1 redirects cm.ctnsnet.com — Cisco Umbrella Rank: 5170	444 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4701	400 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1558	378 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
1	qlitics.com prod-analytics.qlitics.com — Cisco Umbrella Rank: 105981	553 B
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1319	5 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2118	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931	3 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	7 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153	2 KB
1	ocmhood.com cdn.ocmhood.com — Cisco Umbrella Rank: 26748	11 KB
1	gumlet.com cdn.gumlet.com — Cisco Umbrella Rank: 74912	7 KB
443	85

	Domain	Requested by
30	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
26	images.taboola.com	www.ejan.co
25	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
18	securepubads.g.doubleclick.net	fea.assettype.com securepubads.g.doubleclick.net anymind360.com www.ejan.co www.googletagservices.com
16	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
16	gumlet.assettype.com	www.ejan.co
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com googleads.g.doubleclick.net
12	assets.ad4m.at	as.ad4m.at
12	prg-apac.smartadserver.com	anymind360.com
12	cdn.taboola.com	www.ejan.co cdn.taboola.com
10	www.ejan.co	1 redirects fea.assettype.com www.ejan.co
9	am-trc-events.taboola.com	www.ejan.co
8	ad4m.at	s1.adform.net ad4m.at
8	track.adform.net	anymind360.com s1.adform.net
8	ib.adnxs.com	4 redirects anymind360.com googleads.g.doubleclick.net acdn.adnxs.com
8	targeting.unrulymedia.com	anymind360.com
8	fonts.gstatic.com	www.ejan.co
7	mc.yandex.com	3 redirects www.ejan.co
7	gum.criteo.com	2 redirects cdn.taboola.com static.criteo.net anymind360.com
6	simage2.pubmatic.com	ads.pubmatic.com
6	www.googletagservices.com	37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6	eus.rubiconproject.com	imprammp.taboola.com eus.rubiconproject.com am-match.taboola.com anymind360.com
6	prebid.ad.smaato.net	anymind360.com
6	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	ssum-sec.casalemedia.com	2 redirects 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com js-sec.indexww.com
5	pr-bh.ybp.yahoo.com	am-match.taboola.com imprammp.taboola.com ssum-sec.casalemedia.com ads.pubmatic.com
5	match.adsrvr.org	am-match.taboola.com imprammp.taboola.com ssum-sec.casalemedia.com ads.pubmatic.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	www.google.com	1 redirects www.ejan.co tpc.googlesyndication.com 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
5	www.googletagmanager.com	www.ejan.co www.googletagmanager.com www.google-analytics.com
4	a.audrte.com	3 redirects ads.pubmatic.com
4	as.ad4m.at	ad4m.at as.ad4m.at
4	x.bidswitch.net	3 redirects 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
4	onetag-sys.com	2 redirects 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
4	image6.pubmatic.com	3 redirects ads.pubmatic.com
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
4	s1.adform.net	track.adform.net s1.adform.net
4	www.google.de	www.ejan.co
4	mc.yandex.ru	2 redirects www.ejan.co
4	anymind360.com	www.ejan.co anymind360.com securepubads.g.doubleclick.net
3	image2.pubmatic.com	ads.pubmatic.com
3	um.simpli.fi	2 redirects ads.pubmatic.com
3	pm.w55c.net	3 redirects
3	eb2.3lift.com	2 redirects anymind360.com
3	sync.1rx.io	3 redirects
3	js-sec.indexww.com	ssum-sec.casalemedia.com anymind360.com
3	c1.adform.net	2 redirects ssum-sec.casalemedia.com
3	token.rubiconproject.com	eus.rubiconproject.com
3	c.amazon-adsystem.com	anymind360.com c.amazon-adsystem.com
3	ups.analytics.yahoo.com	am-match.taboola.com ssum-sec.casalemedia.com ads.pubmatic.com
3	ads.pubmatic.com	anymind360.com ads.pubmatic.com
3	37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	static.criteo.net	securepubads.g.doubleclick.net anymind360.com static.criteo.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.ejan.co
3	fea.assettype.com	www.ejan.co fea.assettype.com
2	cr.frontend.weborama.fr	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	creativecdn.com	2 redirects
2	dsum.casalemedia.com	ssum-sec.casalemedia.com
2	cms.quantserve.com	2 redirects
2	am-wf.taboola.com	vidstat.taboola.com
2	pixel-sync.sitescout.com	ssum-sec.casalemedia.com ads.pubmatic.com
2	match.prod.bidr.io	2 redirects
2	secure.adnxs.com	1 redirects ssum-sec.casalemedia.com
2	sync.targeting.unrulymedia.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	s0.2mdn.net	37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	a5161.casalemedia.com	anymind360.com
2	bs.yandex.ru	anymind360.com
2	am-vid-events.taboola.com
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	tag.adbro.me	www.ejan.co
2	trc.taboola.com	cdn.taboola.com
2	mug.criteo.com	www.ejan.co
2	oajs.openx.net	1 redirects www.ejan.co
2	cdn.jsdelivr.net	securepubads.g.doubleclick.net anymind360.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.ejan.co connect.facebook.net
2	lvs.truehits.in.th	www.ejan.co
2	static.ejan.co	www.googletagmanager.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	dsp.nrich.ai	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	1 redirects
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	s.company-target.com	1 redirects
1	adasia-d.openx.net	anymind360.com
1	contextual.media.net	anymind360.com
1	acdn.adnxs.com	anymind360.com
1	rt.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	track.webgains.com	as.ad4m.at
1	t.adcell.com	as.ad4m.at
1	webservice.belboon.com	as.ad4m.at
1	www1.belboon.de	1 redirects
1	neso.r.niwepa.com	1 redirects
1	res.cloudinary.com	as.ad4m.at
1	jdswhq.helmexpress.com	1 redirects
1	pv.medialead.de	as.ad4m.at
1	www.awin1.com	as.ad4m.at
1	stg.truvidplayer.com	go.trvdp.com
1	go.trvdp.com	cnt.trvdp.com
1	p.rfihub.com	1 redirects
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	b1sync.zemanta.com	1 redirects
1	ads.stickyadstv.com	ssum-sec.casalemedia.com
1	ssbsync.smartadserver.com	37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
1	s.ad.smaato.net	37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
1	d.adroll.com	ssum-sec.casalemedia.com
1	cm.ctnsnet.com	1 redirects
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	a4393.casalemedia.com	37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	cm.adform.net	googleads.g.doubleclick.net
1	ad.yieldlab.net	googleads.g.doubleclick.net
1	a237.casalemedia.com	37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
1	vidstatb.taboola.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	fastlane.rubiconproject.com	anymind360.com
1	htlb.casalemedia.com	anymind360.com
1	prebid.media.net	anymind360.com
1	a.teads.tv	anymind360.com
1	hbopenbid.pubmatic.com	anymind360.com
1	tlx.3lift.com	anymind360.com
1	rtb.openx.net	anymind360.com
1	bidder.criteo.com	anymind360.com
1	imprammp.taboola.com	vidstat.taboola.com
1	fonts.googleapis.com	cdn.taboola.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	prod-analytics.qlitics.com	www.ejan.co
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	www.facebook.com	www.ejan.co
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.ocmhood.com	cdn.taboola.com
1	images.assettype.com	www.ejan.co
1	cdn.gumlet.com	www.ejan.co
443	154

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.youtube.com
www.instagram.com
twitter.com
www.linkedin.com
api.whatsapp.com
shefence-citional.com
popup.taboola.com
trc.taboola.com
www.enpal.de
pro-verbraucher.info
annelscomerior.com
maximparerurehab.com
app.goldentree.de
bredings-person.com
www.all4newz.com
go.top20gadgetdeals.net
das-solar-portal.de
truehits.net

Subject Issuer	Validity	Valid
www.ejan.co Cloudflare Inc ECC CA-3	`2023-06-11` - `2024-06-09`	a year	crt.sh
assettype.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
*.gumlet.com Amazon ECDSA 256 M02	`2023-02-16` - `2024-03-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
anymind360.com R3	`2023-08-26` - `2023-11-24`	3 months	crt.sh
ocmhood.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.assettype.com Amazon ECDSA 256 M01	`2023-02-16` - `2024-03-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
ejan.co GTS CA 1P5	`2023-09-04` - `2023-12-03`	3 months	crt.sh
lvs.truehits.in.th Sectigo RSA Domain Validation Secure Server CA	`2023-09-15` - `2024-10-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-15` - `2023-10-13`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.qlitics.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
adbro.me GTS CA 1P5	`2023-08-14` - `2023-11-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
smaato.net Sectigo ECC Domain Validation Secure Server CA	`2023-08-25` - `2024-08-24`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
teads.tv R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-09-24` - `2024-03-24`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-08-31` - `2023-11-29`	3 months	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
pv.medialead.de R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2023-07-28` - `2024-07-27`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh

This page contains 45 frames:

Primary Page: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Frame ID: 1E4EFA36EECB44151DE760F6A8006E22
Requests: 216 HTTP requests in this frame

Frame: https://www.ejan.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 56E4F7C4AC903335A0157C6480F9ACAB
Requests: 2 HTTP requests in this frame

Frame: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 30BF475803FCA5451FF648586A63EE9B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ejan.co
Frame ID: 44C0E4428D0A51DD525C83E5AD32E25C
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: C911A15F3D531FE1C70E13E11C08E547
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&cmcv=&pix=undefined&cb=1696601584382&uv=3345&tms=1696601584382&abt=eidc_vB!expl_vE!nonrv_vA!ufm_vD!uftchrwf_vC!unf_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4d97dcb0-d7ee-4a5f-aba0-c4076d840e8e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 630BCF8815E65D586197CD4031EC6049
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 68C087D153E0AE6574C34490462FCD7B
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 1DCFF19E02DF782EA3ADB0C1EC5514DB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 717CDAD57D0100ECA87917414D02603D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 98C87F2A49B95278B38FC7C889A647C3
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 2E8FD9E5EB4FA4415D0215A18F729A30
Requests: 3 HTTP requests in this frame

Frame: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AC88F3BABB92636B3D728D601D0CA560
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 1B09F17ED97C4AFCE1A61FEFE61BE286
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKP727ECEM_MoZYDGJ-js_gBMAE&v=APEucNUle7Bm6kzGDAO1ouA6HvX5PqPJh95rifYZjbs5uXZTsjHa9Mkjxz33algFXGaHGFweX5PYCa9FpGrqXRDptEom7jN_VH71mpOSbHamY2C7fO9daVYYgOwgtnotoztqU6hi5KP8ow5LPOk9fLXlnYAWLXp-onfK7_Xn2iTJebRTuomu9e0
Frame ID: 4F1B9346C098B1902C32517889FF9F05
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-wqM8DAFab5DZworqllThWZaRacVzR2QfB7G4pAYJxHvdZI5xki3YS06xEaajR6lb7jOMLvwrIeG9-xf62eLRlGmWOFwNPcV93wVB-Njj4Nqnw-sPMUJYSA7l9c2KwcOcAhzcIinJoaQr_yyDyfLBvtO2VW1WOr9AlZjel_iQ_nX6PGAru_WeebnPeKSJpo8Xbqh1DIODZ90_wfKR_j5Mr2js3xqR1WUJ7RUXNXnn_XzXad929gsCQ648WrZ2fq-yk4ls5uu8XNMyEfTKjpHdTtJBLBRhJS75EeJIv0hi6V7GJl3RTVu27Y1Vlxsddzquv7CRcTOxAWCbEcuZS--TfdFKw06zfF0YNo_32wodK-pxGuQ5jM9zZSXHEL-NWpiJBwbRQlulMmnXGdYIPrJar4Y&sai=AMfl-YTlUYxfPiVsXCnprRxQSW6Nf7bvJoi7I9lqiuGp9WvldN3n0gvlwXBzll0erKOtMtiiw4zpe25tTANk_az5Gp2Vzb_tdAZMj2L-aRxN_KJakAKeXY4OrFZ0Um0MDg&sig=Cg0ArKJSzJ1SNXI5NPkgEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 541853EDC48F33A151616874DDB9F718
Requests: 16 HTTP requests in this frame

Frame: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 004DB6A9C23B430623695D882859A35E
Requests: 24 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-P5ytXtfZkqMRo5xXA0XG5vq6mMPRrOJ8HR2gcOJshJVXiWmpV4kPygaf9WYPBnnJaMtI1b_KGLpGBxianby90Yxoop8Y3p8e3f6X51suea3epS2mNxaW3N9NDgAEbMfSS3-_zbvgoKm-JjeflHCTrCICGF2_g7Zo24wi246Bvdxk001Qzqukmk1ifyA68etzcV6gBYMu_YBmot06hT_J51nGUgB96gAtSetNhyK0QgNfwcB48ZYPH9sl6hPC6z2tYPALWHd3KJhv4c9M2P0jWiS4YPKo-V2Mk0LeDkOwOHKx2u-adubeH6nkpbHHyJR_amWIjnEHiR0_HkiqPWjo2GGV7OJLn1crdXNSYdJp_NXxpOmb0Q&sai=AMfl-YSZilpa-n0ZRmMX1UhaOhQUGWqJYPBND1BUJ3I9rig1yoaytCRfaKYfRY4QdfVIPhvsJvxzU4vViOqxMxqMMSEU5w6BuFts-0ZHa_AjSCtZxg3-um4tPncDnnCHPQ&sig=Cg0ArKJSzIanaLD-XWJTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 033C1088260B2BACDF0C41169AB19875
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKP727ECEM_MoZYDGJ-js_gBMAE&v=APEucNWbEwUDSIPSP_hO_zz-kk2XUuMLWQ4d_rIfQuUMnfLGWs6NBE-QOuOgWxGa7lSI2RunxUodw-Ug4bO_IxZ_Erb5HXN4WAhgD1yRWp28FjYNcss1D-iHpNUo7sh3H7phlkr3Kww_l3AYEA02X9FsFvj7wsLnH37oUlq4Z76XwB95xGed-I8
Frame ID: B966731130D26B534C6A85B65A3A08A3
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMagZCR2WChpUGhZkTE8PjXqyjQihbLn4RLiMNkb0WG0h_iY3Q84Z0sr8fynuvx5Dut1Xe6uZJpbSiTmlEHI6gEvXuXOmpsAp-LGqUcv4NQ5G3MvPvg-nf9wddJa-SxRx8yNAqNlxrLlXFLy6j0W4ndjAMxQSQUBtEtkWIRgC_p8iKgj_CAaHqGhDaE3EW0hZbNPUnvvnR9C7W8gjkmz_m7w8Y29JIZfpje3EkDODsSRiVbVh6wE2wnYfAEDE1UiUhrav6dieY8xHKYydR6qFcO0M-EdFxmqYPR8yg9Pep8wCHeLCUiI7XVPDB7bBoZGYhLXSek-h1aYm213HmRwRfiZ1RwDM&sai=AMfl-YRfogOG6maK5Zl7BT-NMaiZKhdeWKxBZjIP8NNDOAP7_ygotWgEGjjh1GBTjZ41q9kTHwoabJwCa0wH7wPfWmGCLhm95fcuxddLQ2QndEAvxoq9KbhttvKL3O9OCA&sig=Cg0ArKJSzJZH3yjo5Iw4EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9B0B8525E53DD75DB9B4E596CCECE3CB
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Frame ID: 199C5EA48348D8C8019E1CE67352052C
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB335E298C29FDA5C22326C5123D7F39
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1BBD184E4257E4CBA38728BFFC47195A
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.ejan.co
Frame ID: 645F30F41022CC3805B29C24D935FA98
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Frame ID: 3A6EB4A88E0074212FF7320A652983AB
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D4A9C953FD46A165113C80D4CD253E98
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D16BE18A36F976228E2072C5AA1E3040
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: BCE8558203D4179B2C1C7FE0172F9F1C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 575163C5053D3403174F2C6D6B0E1047
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=531119%2C531118%2C515544&b=AD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9%2CgVZH8frfJVddhPHbH8t5t587fmSQT9pUe%2CDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFV&f=MxRUzfrf56m7CWHEHGtQCmmMecBS4TxrF3%2CBj4agfPfEReesxH6H3tgCQDVTjSeT89cM%2CdEbUEfkf4MVwtEHjHwtqCj2prfeS4T59aj&c=300&d=250&e=&g=638f008e69e2de5b9431c6389db578f2%2F12700250455736666309&i=113889%2C29489%2C191774&j=52%2C52%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1696601587685&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3DZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg%3Bcrtbdata%3DZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D-J7TBH6pvzeMeYq4YmaKe_uOUYkRf-NXh-qIgsPGY91WTRGIEMtyFyvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVEM0xGsnPmvbEYgsOR5U9tINLztYcD8OqwYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 707A94B47E65D24947366178CAB8F904
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19769%2C24723%2C15573&b=zg8ZtRfYfRY9hpHBHMtqtzG2FVSwTQ7KCG1A%2Czg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1A%2Cr58YaQf9fD1RFAH7HjtqtrqKfYS8Tg9MceGQ&f=8WkDFDf8f2qZfgHJHEtqCkZEhGSwTpDBCbGM%2C8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGM%2CP2djaBfbfDEQF9HjHbtgCK7xCJS9TDjJh6zG&c=970&d=250&e=&g=e704cf4b6d030e3461d24c82c65fd478%2F15022844559704838568&i=21630%2C22473%2C26474&j=16%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach01_03&r=1696601587738&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59377243%3Bcrtbwp%3DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%3Bcrtbdata%3D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 4DEE752F5B33324A7ADE664230F21326
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CF5CDF880C5A100A34AD803EA74499CB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: 0B1ABC67206BB7180ECAE684A9203F71
Requests: 15 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C2099%2C3020%2C173%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C345%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 0C85AE1EE6527E949BC56A8CA181807D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B7882A63E0F14EE179EE5BE34789AB1C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 93E73788CA2A55B0FDC9BC4CA124423A
Requests: 3 HTTP requests in this frame

Frame: https://adasia-d.openx.net/w/1.0/pd
Frame ID: 121641B03420D8B2CFB78C17D7192B9E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 012B0274B4AA0A482BF22C589A2BA1A8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ejan.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7EC54BD9EC62642FB4FD771AB5839230
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 35093DB0892BDCC1B736D1AB4A94E8C7
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D91E9B06-5502-4251-8820-766BA79C1A70&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: D52359BF06C15064996591851AD76C5C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6232296708868768635&gdpr=0&gdpr_consent=
Frame ID: 65C8EAA1E7F009FD02292CE502DF9B27
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ki-cLy0vyCgxLMp8fiuDJyh8yisxKJsoLS1eTx4e
Frame ID: A85538979FE8807FF9CDEDE5153FABBD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7286848347700918416&gdpr=0&gdpr_consent=
Frame ID: 222E3D0FA5647CF8092BE8C4CB695D5C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8dd73b8f-cc37-4ab0-9e65-3d0137c1eb85&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: F0852E77CC24FA44AF3AC6E7BE182253
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zsGBOlCEXwlScAw6TiDIQbnVm6E&gdpr=0&gdpr_consent=
Frame ID: 60440B0FE9AC33362AF74F02440AD333
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

จากเด็กอัจฉริยะ สู่คนว่างงาน เผย ชีวิตที่ดี คือ นั่งเฉยๆ ขอเงินพ่อแม่Group 3Group 3Group 3Group 3

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

443
Requests

89 %
HTTPS

32 %
IPv6

85
Domains

154
Subdomains

111
IPs

12
Countries

5932 kB
Transfer

15283 kB
Size

106
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ejan2016

Search URL Search Domain Scan URL

URL: https://www.twitter.com/ejannews

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCMtFuOVbM_T43hYLnRA4MEA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ejan2016/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl&text=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20%E0%B9%80%E0%B8%9C%E0%B8%A2%20%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%20%E0%B8%84%E0%B8%B7%E0%B8%AD%20%E0%B8%99%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B9%80%E0%B8%89%E0%B8%A2%E0%B9%86%20%E0%B8%82%E0%B8%AD%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B8%9E%E0%B9%88%E0%B8%AD%E0%B9%81%E0%B8%A1%E0%B9%88&hashtags=

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl&title=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20%E0%B9%80%E0%B8%9C%E0%B8%A2%20%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%20%E0%B8%84%E0%B8%B7%E0%B8%AD%20%E0%B8%99%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B9%80%E0%B8%89%E0%B8%A2%E0%B9%86%20%E0%B8%82%E0%B8%AD%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B8%9E%E0%B9%88%E0%B8%AD%E0%B9%81%E0%B8%A1%E0%B9%88

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/c351a234-e6d9-4bf6-800c-f99fb09a6b14
Title: Prostata Gesundheit

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/th/?template=colorbox&utm_source=ejan-ejanco&utm_medium=referral&utm_content=thumbs-feed-01-b-delta:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ejan-ejanco/log/3/click?pi=%2Fworld%2Fec3to6d7sl&ri=49f9d86e8ecc21731f15719c84a00162&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&it=text&ii=~~V1~~1551311814212032230~~ngDgnAWhlA8QMZR9863bLkWkmmqUuB9ujkYsEYwW6HVw6cLzOYgYTH58zK8cIqqSwmDSJmJ4ln_eqPbeF2D1EaEUazAKLfbi7JSIxhuHptjeHMEV3NW6diDujIb6hT-kRdbgwlJdnqyroTPEQNNEn_J8vvvuIvvO3IjIVEGeBzc&pt=text&li=rbox-t2v&sig=e7f37de143a6140a3168ff80b25641d32afa60cae870&redir=https%3A%2F%2Fshefence-citional.com%2Fc351a234-e6d9-4bf6-800c-f99fb09a6b14%3Futm_source%3Dtb%26utm_campaign%3DDACH_dk1909%26utm_term%3Dejan-ejanco%26utm_content%3D3790815135%26t%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDHwlgoyMOi5aSa5_mQAQ%26dt%3Dtb%26tblci%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDHwlgoyMOi5aSa5_mQAQ%23tblciGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDHwlgoyMOi5aSa5_mQAQ&vi=1696601583328&p=2mmedia-prosta-sc&r=13&tvi48=10638&tvi50=9864&lti=deflated&ppb=COcF&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5MDiAttbOC0Cb4wlIgYoQUMX_3wNY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMInAUQv2QYCWRjCLtKEKRiGAtkYwikJxCDNRgvZGMI0DcQjlMYMGRjCKo1EIhNGDJkYwjt__________8BEO3__________wEYE2RjCLJJEPZgGBRkYwjcChCgEBgWZGMIlhQQlxwYGGRjCP9GEItmGB1kYwj0FBCeHRgfZHgBgAECiAHZj66BApABHJgB_N3WqrAx&cta=true
Title: Angebot einholen

Search URL Search Domain Scan URL

URL: https://www.enpal.de/artikel2/mehr-als-das-sollten-solaranlagen-in-2023-nicht-kosten
Title: Enpal

Search URL Search Domain Scan URL

URL: https://pro-verbraucher.info/kostenlose-beerdigung-tb-l2t/
Title: Pro Verbraucher

Search URL Search Domain Scan URL

URL: https://annelscomerior.com/9fc22464-522b-48cc-8e5a-5317832310bc
Title: Gesundheitskompass

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/th/?template=colorbox&utm_source=ejan-ejanco&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ejan-ejanco/log/3/click?pi=%2Fworld%2Fec3to6d7sl&ri=8c4a52b4632314debf4de09649859f8a&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&it=text&ii=~~V1~~-2853316589803003751~~N3ivjaMcacv5N_tEWtUln41NOrLjFsjjQXtgG7rCJ8rnoZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwU01ECAkpe_PWH3IB7GVZtjd7Sf0oFpJysZaZlUOCH3hDoXbNEBghTWxyBtNjtwOLY8XwLbI--WZuj80gUuMjcmfdqTukrgevIst5i0c4UmX0o8HUYz7pKhuTnvJXvMOdg&pt=text&li=rbox-t2v&sig=3e1d817ddec127caa1a9f76c608bc9df2520d8142c91&redir=https%3A%2F%2Fannelscomerior.com%2F9fc22464-522b-48cc-8e5a-5317832310bc%3Fsite%3Dejan-ejanco%26site_id%3D1466665%26title%3DNeuartige%2BKompressionsstr%25C3%25BCmpfe%2Beroberten%2BGermany%2Bim%2BSturm%26platform%3DDesktop%26campaign_id%3D27355624%26campaign_item_id%3D3733415228%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F010265c674156b11c5a7f0548effca2a.png%26click_id%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDM318o-ezV9rrPnvEu%26site%3Dejan-ejanco%26site_id%3D1466665%26title%3DNeuartige%2BKompressionsstr%25C3%25BCmpfe%2Beroberten%2BGermany%2Bim%2BSturm%26platform%3DDesktop%26campaign_id%3D27355624%26campaign_item_id%3D3733415228%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F010265c674156b11c5a7f0548effca2a.png%26click_id%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDM318o-ezV9rrPnvEu%26utm_source%3Dtaboola%26utm_medium%3Dnative%26utm_campaign%3D27355624%26utm_term%3D1466665%26utm_content%3D3733415228%0A%26tblci%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDM318o-ezV9rrPnvEu%23tblciGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDM318o-ezV9rrPnvEu&vi=1696601583328&p=taboolaaccount-ecom6xgmailcom&r=73&tvi48=10638&tvi50=9864&lti=deflated&ppb=CFY&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5MDiAttbOC0Cb4wlIgYoQUMX_3wNY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMInAUQv2QYCWRjCLtKEKRiGAtkYwikJxCDNRgvZGMI0DcQjlMYMGRjCKo1EIhNGDJkYwjt__________8BEO3__________wEYE2RjCLJJEPZgGBRkYwjcChCgEBgWZGMIlhQQlxwYGGRjCP9GEItmGB1kYwj0FBCeHRgfZHgBgAECiAHZj66BApABHJgB_N3WqrAx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://maximparerurehab.com/fe859dd9-9391-4d09-a945-1a40d281bf76
Title: PV Angebote

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ejan-ejanco/log/3/click?pi=%2Fworld%2Fec3to6d7sl&ri=8c4a52b4632314debf4de09649859f8a&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&it=text&ii=~~V1~~4675981397104081811~~0SrRKJ3C-MHRoBKON_C_cItZHnwlDTVk5j86193RgBHnoZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwTrW5A9BmwqImQ_wUP3JSKYyZ9ZyDB0iywNEwSH7kXY9pKjHueOTTsljhbYPpD40r48XwLbI--WZuj80gUuMjcmfdqTukrgevIst5i0c4UmX0o8HUYz7pKhuTnvJXvMOdg&pt=text&li=rbox-t2v&sig=0919b89b724f0365aadc0d28cd24a51e5e1e5b350f5d&redir=https%3A%2F%2Fmaximparerurehab.com%2Ffe859dd9-9391-4d09-a945-1a40d281bf76%3Fsite%3Dejan-ejanco%26title%3DExperte%2Bverr%25C3%25A4t%253A%2BSolar%2Blohnt%2Bsich%2Bnur%2Bf%25C3%25BCr%2BHausbesitzer%252C%2Bwenn%25E2%2580%25A6%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F5f6039a2106dbbcf34bbdca862f39792.jpg%26campaign%3DDE_Solar2_Windows_Desktop1%26utm_content%3D3832388690%26conversionname%3DXO_Lead%26click_id%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDjil4ooczGlfu80MjEAQ%26utm_medium%3Ddis_nat%26utm_source%3Dtaboola%26tblci%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDjil4ooczGlfu80MjEAQ%23tblciGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDjil4ooczGlfu80MjEAQ&vi=1696601583328&p=wattfoxgmbh-new-solar2-sc&r=50&tvi48=10638&tvi50=9864&lti=deflated&ppb=CFY&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5MDiAttbOC0Cb4wlIgYoQUMX_3wNY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMInAUQv2QYCWRjCLtKEKRiGAtkYwikJxCDNRgvZGMI0DcQjlMYMGRjCKo1EIhNGDJkYwjt__________8BEO3__________wEYE2RjCLJJEPZgGBRkYwjcChCgEBgWZGMIlhQQlxwYGGRjCP9GEItmGB1kYwj0FBCeHRgfZHgBgAECiAHZj66BApABHJgB_N3WqrAx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://app.goldentree.de/abt/move-k16-ob
Title: goldentree.de

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ejan-ejanco/log/3/click?pi=%2Fworld%2Fec3to6d7sl&ri=4bfa0ecb0a61446c8cbf51ac6d9b01a7&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&it=text&ii=~~V1~~8814707439581517607~~nyxaB7BQRlXDU7dUGFefyZm7Zn2204gt6SNxb1AYJWxw6cLzOYgYTH58zK8cIqqSuUXk-bhV2Vyq4983cpQ6ymXIWpPDU316JMgWfYQgyz-Vj3cXfZKD-Hw28DnzTf5jRdbgwlJdnqyroTPEQNNEn-ZjJ_akNztDyaOSNr7hF5Y&pt=text&li=rbox-t2v&sig=216253dbfc2859bdf2fda2a362b9b4778d618f270cba&redir=https%3A%2F%2Fapp.goldentree.de%2Fabt%2Fmove-k16-ob%3Futm_source%3Dtaboola%26utm_medium%3D%7B%7Bpublisher_id%7D%7D%26utm_campaign%3D%7B27204146%7D%26utm_content%3D%7B%7Bad_id%7D%7D%26utm_term%3D%7B%7Bsection_id%7D%7D%26native_campaign%3DCountry%3ADE%7CProduct%3AMOVE%7CNote%3AWHL%7CDate%3A30.08.2023%7CCampaignID%3A4887%7CAgent%3AJan%7CDevice%3Adesktop%7CAbTestSlug%3Amove-k16-ob%26native_term%3DProduct%3AMOVE%7CAd_Type%3Aad%7CAd_Note%3Aad_note%7CCreativeID%3A0%7CMasterCreativeID%3A0%7CAbTestSlug%3Amove-k16-ob%26refferalid%3D001%26tblci%3D%7BGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDVtV8oot-Qt-Hy69SeAQ%7D%26tblci%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDVtV8oot-Qt-Hy69SeAQ%23tblciGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDVtV8oot-Qt-Hy69SeAQ&vi=1696601583328&p=tdg-popolnapostavadoo1732de-move&r=58&tvi48=10638&tvi50=9864&lti=deflated&ppb=COwC&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5MDiAttbOC0Cb4wlIgYoQUMX_3wNY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMInAUQv2QYCWRjCLtKEKRiGAtkYwikJxCDNRgvZGMI0DcQjlMYMGRjCKo1EIhNGDJkYwjt__________8BEO3__________wEYE2RjCLJJEPZgGBRkYwjcChCgEBgWZGMIlhQQlxwYGGRjCP9GEItmGB1kYwj0FBCeHRgfZHgBgAECiAHZj66BApABHJgB_N3WqrAx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://bredings-person.com/7a9920f4-d67c-4782-9847-08ce4b0b707e
Title: Deutsche Neuro

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ejan-ejanco/log/3/click?pi=%2Fworld%2Fec3to6d7sl&ri=4bfa0ecb0a61446c8cbf51ac6d9b01a7&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&it=text&ii=~~V1~~2599310124198787648~~9EdLORecn85nT87brtQZHzvVCLwY25QhSddu2BXXvcDnoZueAsnM0UTkqRiz-o8uuKa2_rupL9I0kvx1XVufut2qKIJrSNJ_InWKPTfYcgzaXzWc0vY2-B5N-kofkML8BiGcX-mF0q3HsHWHvdyOkXD9_nLvUUv928nhJ3HJ-Ucix4M0X7-aML_JPboafG8oTS8Maux2jWC1gRU3nx5A7nRJBzuLkRVqsAjZ09nyU1DoYD60qVYzKB_9uZqcHlwH&pt=text&li=rbox-t2v&sig=8e5bd74ee48d1c2fbb36d492eed030175c049a13147b&redir=https%3A%2F%2Fbredings-person.com%2F7a9920f4-d67c-4782-9847-08ce4b0b707e%3Futm_source%3Dtb%26utm_campaign%3Dtb_dk1023tCPA%26utm_term%3Dejan-ejanco%26utm_content%3D3831282601%26t%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyC_sFwove-z0J_IjYeHAQ%26a%3Dtb%26tblci%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyC_sFwove-z0J_IjYeHAQ%23tblciGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyC_sFwove-z0J_IjYeHAQ&vi=1696601583328&p=2mmedia-neuro-sc&r=13&tvi48=10638&tvi50=9864&lti=deflated&ppb=COwC&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5MDiAttbOC0Cb4wlIgYoQUMX_3wNY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMInAUQv2QYCWRjCLtKEKRiGAtkYwikJxCDNRgvZGMI0DcQjlMYMGRjCKo1EIhNGDJkYwjt__________8BEO3__________wEYE2RjCLJJEPZgGBRkYwjcChCgEBgWZGMIlhQQlxwYGGRjCP9GEItmGB1kYwj0FBCeHRgfZHgBgAECiAHZj66BApABHJgB_N3WqrAx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://www.all4newz.com/de/redirect
Title: Chooslee

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ejan-ejanco/log/3/click?pi=%2Fworld%2Fec3to6d7sl&ri=4bfa0ecb0a61446c8cbf51ac6d9b01a7&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&it=photo&ii=~~V1~~-6916824273344696236~~mf5dMJu7Sxqf7crFBnrBQ65eAdo24c3CAkjNsOwTP0AbfRWIKvzVUgA6KwquTzlv8AgHQSK_NZ0VrDmEJzYV04V999PzkJY2Fp5rNcDjH6OPF8C2yPvlmbo_NIFLjI3JoCz99O8VTmk2iixePHAvqg&pt=text&li=rbox-t2v&sig=66d887e923a03b855edeb5552292572338ce8d5ed5be&redir=https%3A%2F%2Fwww.all4newz.com%2Fde%2Fredirect%3Fslug%3Ddie-10-schnellsten-autos-der-welt%26utm_source%3D6764%26cl%3Dtrue%26wgm%3Dtrue%26arid%3D20240720%26tblci%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyCJiGEotqC4tcbU4u5x%23tblciGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyCJiGEotqC4tcbU4u5x&vi=1696601583328&p=v-blackpr-travel-sc&r=27&tvi48=10638&tvi50=9864&lti=deflated&ppb=COwC&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5MDiAttbOC0Cb4wlIgYoQUMX_3wNY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMInAUQv2QYCWRjCLtKEKRiGAtkYwikJxCDNRgvZGMI0DcQjlMYMGRjCKo1EIhNGDJkYwjt__________8BEO3__________wEYE2RjCLJJEPZgGBRkYwjcChCgEBgWZGMIlhQQlxwYGGRjCP9GEItmGB1kYwj0FBCeHRgfZHgBgAECiAHZj66BApABHJgB_N3WqrAx&cta=true
Title: Jetzt Anschauen

Search URL Search Domain Scan URL

URL: https://go.top20gadgetdeals.net/3c562e20-4746-415f-a886-d3ad882bb98b
Title: Top Gadgets

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ejan-ejanco/log/3/click?pi=%2Fworld%2Fec3to6d7sl&ri=da12d8fec9570a1062e493ec59da766c&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&it=text&ii=~~V1~~842769884665623021~~gaVWfOQj9Pjyz2rmkbmVgw2ZKD4Zn1R6gWZ3BLnaCyMaslpXktycoP2VDqeVyYl5GmgG36SS6tCGHjgE4dNvxApK0NfQZq8DdQ1qu3BhApgxrVqMpuOo7Wp2A_MmngWz1whtA0xO-bV1rS7nA2KznLKmYoia2-6c4gImdnW3dVegHKHxLYYfU2C75bfRb6ciGuCwtd3qyiW5Cm1OV2qqAo6zhr_uog6GC70OqLAd6RE&pt=text&li=rbox-t2v&sig=740889e61c4f73dc73ca1497e3d3b86a5eb6cb6bb485&redir=https%3A%2F%2Fgo.top20gadgetdeals.net%2F3c562e20-4746-415f-a886-d3ad882bb98b%3Fsite%3Dejan-ejanco%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F6f57a6327d9ce4f69fbbcfbf9c5ae48b.jpg%26title%3DHier%2Bsind%2Bdie%2B29%2Bangesagtesten%2BGeschenke%2Bf%25C3%25BCr%2B2023%26timestamp%3D2023-10-06%2B14%253A13%253A03%26platform%3DDesktop%26campaign_id%3D26885198%26campaign_item_id%3D3723062815%26campaign_name%3DList%2B%257C%2BDE%2B%257C%2BtCPA%2B%257C%2BDT%26tabclickid%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyCv2Vso0oyPus7zmtJK%26tblci%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyCv2Vso0oyPus7zmtJK%23tblciGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyCv2Vso0oyPus7zmtJK&vi=1696601583328&p=tecdohk-yfr-adx-de-sc&r=32&tvi48=10638&tvi50=9864&lti=deflated&ppb=CIUC&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5MDiAttbOC0Cb4wlIgYoQUMX_3wNY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMInAUQv2QYCWRjCLtKEKRiGAtkYwikJxCDNRgvZGMI0DcQjlMYMGRjCKo1EIhNGDJkYwjt__________8BEO3__________wEYE2RjCLJJEPZgGBRkYwjcChCgEBgWZGMIlhQQlxwYGGRjCP9GEItmGB1kYwj0FBCeHRgfZHgBgAECiAHZj66BApABHJgB_N3WqrAx&cta=true
Title: Jetzt kaufen

Search URL Search Domain Scan URL

URL: https://das-solar-portal.de/staat-aendert-solar-vorgabenkosten/
Title: Das Solar Portal

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ejan-ejanco/log/3/click?pi=%2Fworld%2Fec3to6d7sl&ri=da12d8fec9570a1062e493ec59da766c&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&it=text&ii=~~V1~~-5069556382154389329~~TUc1gzmStMY1H2VqgM6C9RxgPbh_IGnerSIx225h_VbnoZueAsnM0UTkqRiz-o8uuKa2_rupL9I0kvx1XVufut2qKIJrSNJ_InWKPTfYcgzaXzWc0vY2-B5N-kofkML8iPjaXcSt64bq2qdjjAnM-1-c6a2CzP2AB86S4fF6OYZzUB66-C8zCcKQYmuEahebTS8Maux2jWC1gRU3nx5A7nRJBzuLkRVqsAjZ09nyU1DoYD60qVYzKB_9uZqcHlwH&pt=text&li=rbox-t2v&sig=213f46c48e7a1d0c3926fb8b104d3d2eee09b457ec12&redir=https%3A%2F%2Fdas-solar-portal.de%2Fstaat-aendert-solar-vorgabenkosten%2F%3Fs2%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDxmFwo2Kbv8vDnn7Av%26tblci%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDxmFwo2Kbv8vDnn7Av%23tblciGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDxmFwo2Kbv8vDnn7Av&vi=1696601583328&p=cooperadvertisinggmbh-leadgen-solarpanels-sc&r=34&tvi48=10638&tvi50=9864&lti=deflated&ppb=CIUC&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5MDiAttbOC0Cb4wlIgYoQUMX_3wNY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMInAUQv2QYCWRjCLtKEKRiGAtkYwikJxCDNRgvZGMI0DcQjlMYMGRjCKo1EIhNGDJkYwjt__________8BEO3__________wEYE2RjCLJJEPZgGBRkYwjcChCgEBgWZGMIlhQQlxwYGGRjCP9GEItmGB1kYwj0FBCeHRgfZHgBgAECiAHZj66BApABHJgB_N3WqrAx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://truehits.net/stat.php?login=ejan.co

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/th/?template=colorbox&utm_source=ejan-ejanco&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ejan-ejanco/log/3/click?pi=%2Fworld%2Fec3to6d7sl&ri=7ae13dccc636b85847dca5538d6453dd&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&it=text&ii=~~V1~~1551311814212032230~~ngDgnAWhlA8QMZR9863bLkWkmmqUuB9ujkYsEYwW6HVw6cLzOYgYTH58zK8cIqqSMimiSNEhmdNXWfo7jHlSEaEUazAKLfbi7JSIxhuHptjeHMEV3NW6diDujIb6hT-kRdbgwlJdnqyroTPEQNNEn_J8vvvuIvvO3IjIVEGeBzc&pt=text&li=rbox-t2v&sig=454a946ef616366e5e5dc157a3e4ea4b8587c5e2035c&redir=https%3A%2F%2Fshefence-citional.com%2Fc351a234-e6d9-4bf6-800c-f99fb09a6b14%3Futm_source%3Dtb%26utm_campaign%3DDACH_dk1909%26utm_term%3Dejan-ejanco%26utm_content%3D3790815135%26t%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDHwlgotOORmYO_7dEO%26dt%3Dtb%26tblci%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDHwlgotOORmYO_7dEO%23tblciGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDHwlgotOORmYO_7dEO&vi=1696601583328&p=2mmedia-prosta-sc&r=37&tvi48=10638&tvi50=9864&lti=deflated&ppb=COAB&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5MDiAttbOC0Cb4wlIgYoQUMX_3wNY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMInAUQv2QYCWRjCLtKEKRiGAtkYwikJxCDNRgvZGMI0DcQjlMYMGRjCKo1EIhNGDJkYwjt__________8BEO3__________wEYE2RjCLJJEPZgGBRkYwjcChCgEBgWZGMIlhQQlxwYGGRjCP9GEItmGB1kYwj0FBCeHRgfZHgBgAECiAHZj66BApABHJgB_N3WqrAx&cta=true
Title: Angebot einholen

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/th/?template=colorbox&utm_source=ejan-ejanco&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ejan-ejanco/log/3/click?pi=%2Fworld%2Fec3to6d7sl&ri=7c88eb25e2cc47ceaefdbdfc76e83782&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&it=text&ii=~~V1~~-2853316589803003751~~MQB1p2HuV5WtHnTLDRS5XI1NOrLjFsjjQXtgG7rCJ8rnoZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwTigu41zGuNgzhjLo1uYUXrd7Sf0oFpJysZaZlUOCH3hDoXbNEBghTWxyBtNjtwOLY8XwLbI--WZuj80gUuMjcmfdqTukrgevIst5i0c4UmX0o8HUYz7pKhuTnvJXvMOdg&pt=text&li=rbox-t2v&sig=530eb34ef4a62ed492cefe05aa9d6781dc80802f0ca6&redir=https%3A%2F%2Fannelscomerior.com%2F9fc22464-522b-48cc-8e5a-5317832310bc%3Fsite%3Dejan-ejanco%26site_id%3D1466665%26title%3DNeuartige%2BKompressionsstr%25C3%25BCmpfe%2Beroberten%2BGermany%2Bim%2BSturm%26platform%3DDesktop%26campaign_id%3D27355624%26campaign_item_id%3D3733415228%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F010265c674156b11c5a7f0548effca2a.png%26click_id%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDM318ozIGhgfaQ7KVU%26site%3Dejan-ejanco%26site_id%3D1466665%26title%3DNeuartige%2BKompressionsstr%25C3%25BCmpfe%2Beroberten%2BGermany%2Bim%2BSturm%26platform%3DDesktop%26campaign_id%3D27355624%26campaign_item_id%3D3733415228%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F010265c674156b11c5a7f0548effca2a.png%26click_id%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDM318ozIGhgfaQ7KVU%26utm_source%3Dtaboola%26utm_medium%3Dnative%26utm_campaign%3D27355624%26utm_term%3D1466665%26utm_content%3D3733415228%0A%26tblci%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDM318ozIGhgfaQ7KVU%23tblciGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDM318ozIGhgfaQ7KVU&vi=1696601583328&p=taboolaaccount-ecom6xgmailcom&r=39&tvi48=10638&tvi50=9864&lti=deflated&ppb=CJ4D&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5MDiAttbOC0Cb4wlIgYoQUMX_3wNY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMInAUQv2QYCWRjCLtKEKRiGAtkYwikJxCDNRgvZGMI0DcQjlMYMGRjCKo1EIhNGDJkYwjt__________8BEO3__________wEYE2RjCLJJEPZgGBRkYwjcChCgEBgWZGMIlhQQlxwYGGRjCP9GEItmGB1kYwj0FBCeHRgfZHgBgAECiAHZj66BApABHJgB_N3WqrAx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ejan-ejanco/log/3/click?pi=%2Fworld%2Fec3to6d7sl&ri=7c88eb25e2cc47ceaefdbdfc76e83782&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&it=text&ii=~~V1~~8814707439581517607~~nyxaB7BQRlXDU7dUGFefyZm7Zn2204gt6SNxb1AYJWxyNpbgedRdYuhjTdtdbeHkn1OV0paklJAyh655pQ0hZ2XIWpPDU316JMgWfYQgyz-Vj3cXfZKD-Hw28DnzTf5jRdbgwlJdnqyroTPEQNNEn-ZjJ_akNztDyaOSNr7hF5Y&pt=text&li=rbox-t2v&sig=a80d963d052411023ec45b29558c9b2697a35fb322b7&redir=https%3A%2F%2Fapp.goldentree.de%2Fabt%2Fmove-k16-ob%3Futm_source%3Dtaboola%26utm_medium%3D%7B%7Bpublisher_id%7D%7D%26utm_campaign%3D%7B27204146%7D%26utm_content%3D%7B%7Bad_id%7D%7D%26utm_term%3D%7B%7Bsection_id%7D%7D%26native_campaign%3DCountry%3ADE%7CProduct%3AMOVE%7CNote%3AWHL%7CDate%3A30.08.2023%7CCampaignID%3A4887%7CAgent%3AJan%7CDevice%3Adesktop%7CAbTestSlug%3Amove-k16-ob%26native_term%3DProduct%3AMOVE%7CAd_Type%3Aad%7CAd_Note%3Aad_note%7CCreativeID%3A0%7CMasterCreativeID%3A0%7CAbTestSlug%3Amove-k16-ob%26refferalid%3D001%26tblci%3D%7BGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDVtV8o5a2FycLagI8o%7D%26tblci%3DGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDVtV8o5a2FycLagI8o%23tblciGiBcDEUqCSAIbzS0LlhScynAL6yjmEg1o_4nPtHYmuv1VyDVtV8o5a2FycLagI8o&vi=1696601583328&p=tdg-popolnapostavadoo1732de-move&r=98&tvi48=10638&tvi50=9864&lti=deflated&ppb=CJ4D&cpb=EhIyMDIzMTAwNS01LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE5MDiAttbOC0Cb4wlIgYoQUMX_3wNY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMInAUQv2QYCWRjCLtKEKRiGAtkYwikJxCDNRgvZGMI0DcQjlMYMGRjCKo1EIhNGDJkYwjt__________8BEO3__________wEYE2RjCLJJEPZgGBRkYwjcChCgEBgWZGMIlhQQlxwYGGRjCP9GEItmGB1kYwj0FBCeHRgfZHgBgAECiAHZj66BApABHJgB_N3WqrAx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.ejan.co/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.ejan.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 51

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10148.3y-azUDD3bHlWck3teJv84DTKVzbOgbdeL9G3dHtUN_6ORH4KCkNSh3vMf3maeaK.C0sq7jqWLveke14mrLHE5OLhyOw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10148.eGKzqhKBCrMoEOrQK8HFjmS9JY3gGeLmS25lnmtYcv80D3DHI9VzXlPVKJL6xBuZRzdME2F8aQPq-0_ZuMG-WUf9hph_10rVSNTNlOCAoXQ%2C.Yks-e3_ui_cKEaVe0hrljXFG7Us%2C

Request Chain 52

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11020464565/?random=20042957&cv=11&fst=1696601582242&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&label=WubnCMrPlpcYELXj-4Yp&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20&gtm_ee=1&auid=83484479.1696601582&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7hUgZfzHFZ2O7_UPl5ybyA4&sscte=1&crd=&pscrd=EktDaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVFBdE1TZko3bEx6YzNCbERacmh1cDhrcll6SVRFaDdUejc3ZTJfUjhsdm9McHRjR3MaV0NoRUk4T0QtcUFZUW1vWDJsZGJ4cFpfN0FSSXNBTmxNaHZBRkwyLTUtWEpFNVNXUWRzV0toakxxWW5vQnRxS1gwSDVudzJHS3JIYmMwM3hpVVBjUzdiUSITCPz2kLXN4YEDFR3HuwgdF84G6Q HTTP 302
https://www.google.com/pagead/1p-conversion/11020464565/?random=20042957&cv=11&fst=1696601582242&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&label=WubnCMrPlpcYELXj-4Yp&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20&gtm_ee=1&auid=83484479.1696601582&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVFBdE1TZko3bEx6YzNCbERacmh1cDhrcll6SVRFaDdUejc3ZTJfUjhsdm9McHRjR3MaV0NoRUk4T0QtcUFZUW1vWDJsZGJ4cFpfN0FSSXNBTmxNaHZBRkwyLTUtWEpFNVNXUWRzV0toakxxWW5vQnRxS1gwSDVudzJHS3JIYmMwM3hpVVBjUzdiUSITCPz2kLXN4YEDFR3HuwgdF84G6Q&is_vtc=1&ocp_id=7hUgZfzHFZ2O7_UPl5ybyA4&cid=CAQSKQDICaaNBzO0IZf7SQ-1jhRuiaL8DZ_y6eD6qaJBvHnSAiKhKV-0Hiq6&random=1988088532 HTTP 302
https://www.google.de/pagead/1p-conversion/11020464565/?random=20042957&cv=11&fst=1696601582242&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&label=WubnCMrPlpcYELXj-4Yp&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20&gtm_ee=1&auid=83484479.1696601582&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVFBdE1TZko3bEx6YzNCbERacmh1cDhrcll6SVRFaDdUejc3ZTJfUjhsdm9McHRjR3MaV0NoRUk4T0QtcUFZUW1vWDJsZGJ4cFpfN0FSSXNBTmxNaHZBRkwyLTUtWEpFNVNXUWRzV0toakxxWW5vQnRxS1gwSDVudzJHS3JIYmMwM3hpVVBjUzdiUSITCPz2kLXN4YEDFR3HuwgdF84G6Q&is_vtc=1&ocp_id=7hUgZfzHFZ2O7_UPl5ybyA4&cid=CAQSKQDICaaNBzO0IZf7SQ-1jhRuiaL8DZ_y6eD6qaJBvHnSAiKhKV-0Hiq6&random=1988088532&ipr=y

Request Chain 85

https://mc.yandex.com/watch/74349289?wmode=7&page-url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A288%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1120%3Acn%3A1%3Adp%3A0%3Als%3A1183670612111%3Ahid%3A500304390%3Az%3A120%3Ai%3A20231006161302%3Aet%3A1696601583%3Ac%3A1%3Arn%3A855798827%3Arqn%3A1%3Au%3A1696601583783280194%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A52%2C20%2C41%2C8%2C0%2C0%2C%2C168%2C19%2C%2C%2C%2C591%3Aco%3A0%3Acpf%3A1%3Ans%3A1696601581496%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1696601583%3At%3A%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20%E0%B9%80%E0%B8%9C%E0%B8%A2%20%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%20%E0%B8%84%E0%B8%B7%E0%B8%AD%20%E0%B8%99%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B9%80%E0%B8%89%E0%B8%A2%E0%B9%86%20%E0%B8%82%E0%B8%AD%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B8%9E%E0%B9%88%E0%B8%AD%E0%B9%81%E0%B8%A1%E0%B9%88&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/74349289/1?wmode=7&page-url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A288%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1120%3Acn%3A1%3Adp%3A0%3Als%3A1183670612111%3Ahid%3A500304390%3Az%3A120%3Ai%3A20231006161302%3Aet%3A1696601583%3Ac%3A1%3Arn%3A855798827%3Arqn%3A1%3Au%3A1696601583783280194%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A52%2C20%2C41%2C8%2C0%2C0%2C%2C168%2C19%2C%2C%2C%2C591%3Aco%3A0%3Acpf%3A1%3Ans%3A1696601581496%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1696601583%3At%3A%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20%E0%B9%80%E0%B8%9C%E0%B8%A2%20%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%20%E0%B8%84%E0%B8%B7%E0%B8%AD%20%E0%B8%99%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B9%80%E0%B8%89%E0%B8%A2%E0%B9%86%20%E0%B8%82%E0%B8%AD%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B8%9E%E0%B9%88%E0%B8%AD%E0%B9%81%E0%B8%A1%E0%B9%88&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Request Chain 89

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&rid=esp&cc=1

Request Chain 95

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ejan.co&sn=ChromeSyncframe&so=0&topUrl=www.ejan.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=p9npQHwyNUlhUUQzUUhhVklqT2tDU3BMenphRXozOHZSMTBxQ05CVk1OM0dhczUzaENyQkNSbkg0NmNxNmFYUk1SZDRlbmozOGMycVNsbi9LMWVKVVNCeEF6RVpMN21WRUd3K1R1bU5BL051NEMyL1hFV2JuZFFUcFoxZ3pFTVB4czNoRUowZXo0NVR5T0dyRWhCcXhjTytDcTQrWGNraERING1mVWtDbGo4YWNKWDY5OGdudHVMdkFFRWJYQTBKK05RZDNhbXNFNitodW9kRW1RQmFlb0hiOHhxaUo4ejRTZ2wvRUVETUYvdmI4bDNYZ2thWVVidzNWbi9nemxHaWxkd0tCSlkwTmN4QkpPV0ZUYjdka1o2Y1c0QT09fA&cppv=2

Request Chain 96

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10148.P5SwchUzEObNqkTZwQxM4ZIUhSE3r87biKwfVAeUmImgUoGnhwLSVVxrxSA_Prgz.tpI3afG1dEPhijSNIugKZBOHF9Q%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10148.BUyClT4Ny03Cc0ZPdsQjQp1nVjT_W35IrKE0T3inr1DP114FpC89_y1zj5EWA-2Bqk8keJ6rTTUlIulZswHEzB3eSYtPG5Vj5R64wSK6Fd8%2C.yHaqCApT4GdMJZ9CUcCY5-C9eo8%2C

Request Chain 244

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEN2PyIS2vi1LXS4neOVHqkE&google_cver=1

Request Chain 245

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEAABd6DxkB1o0mOd5l8jPA8&google_cver=1&adform_v=1

Request Chain 274

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcOpVudz3WHTXrMqsi504Q&google_cver=1

Request Chain 275

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSAV8gZmdfs.1VHdiARoMQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcOpVudz3WHTXrMqsi504Q&google_cver=1&google_hm=2

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFlXPlvxOW3xsyB_RuN8Qgc&google_cver=1

Request Chain 277

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMjI5NjcwODg2ODc2ODYzNQ%3D%3D

Request Chain 292

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZSAV8gZmdfs.1VHdiARoMQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENcOpVudz3WHTXrMqsi504Q&google_cver=1&gdpr=1&google_hm=2

Request Chain 295

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 296

https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e9ab459a0f2d4339ad6df3fb484d8db1&expiration=1699193586

Request Chain 308

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF7Wn82tkbQ4dE6wA1gwuVs&google_cver=1&google_push=AXcoOmTHvLmsXt4r3wmoN7zvyWWcYK03A7Fw4QBD6N2Dv2ZLFsgwMckC4p1AePSosZmf5gLyJoDGlAZsMbJC-0c88FzFpDyhpSLPlA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF7Wn82tkbQ4dE6wA1gwuVs&google_cver=1&google_push=AXcoOmTHvLmsXt4r3wmoN7zvyWWcYK03A7Fw4QBD6N2Dv2ZLFsgwMckC4p1AePSosZmf5gLyJoDGlAZsMbJC-0c88FzFpDyhpSLPlA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2R6bBlUCQlGIIHZrp5wacA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTHvLmsXt4r3wmoN7zvyWWcYK03A7Fw4QBD6N2Dv2ZLFsgwMckC4p1AePSosZmf5gLyJoDGlAZsMbJC-0c88FzFpDyhpSLPlA

Request Chain 309

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOEYB61HY_qKeCWLwku1PyU&google_cver=1&google_push=AXcoOmQHnG_qnD_Jg22O4J3qiTzrmBdCT4w153XsRb6iW9p6fVPTJxFVU62aW-YGaulfyM_XB2ZTwQzuNutKncZBLbXaS_x9EZaONA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOEYB61HY_qKeCWLwku1PyU&google_hm=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&google_nid=index&google_push=AXcoOmQHnG_qnD_Jg22O4J3qiTzrmBdCT4w153XsRb6iW9p6fVPTJxFVU62aW-YGaulfyM_XB2ZTwQzuNutKncZBLbXaS_x9EZaONA

Request Chain 311

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJU1OzCWKOQX4YcPZ7y48Yc&google_cver=1&google_push=AXcoOmQ_vD43KY2Jr6BOphx9Ft_VTmGCuibmO4_BaPCZqN9A0f2uD4GqFDho0odc_nwiQvYnTNJF14RMC93fs8ofNZMocYUMzk4e3g HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQ_vD43KY2Jr6BOphx9Ft_VTmGCuibmO4_BaPCZqN9A0f2uD4GqFDho0odc_nwiQvYnTNJF14RMC93fs8ofNZMocYUMzk4e3g&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1696601586903 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-a1cb47af-b083-4c22-a2cd-bfc48821f446-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQ_vD43KY2Jr6BOphx9Ft_VTmGCuibmO4_BaPCZqN9A0f2uD4GqFDho0odc_nwiQvYnTNJF14RMC93fs8ofNZMocYUMzk4e3g%26google_hm%3DA6HLR6-wg0wios2_xIgh9EY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ_vD43KY2Jr6BOphx9Ft_VTmGCuibmO4_BaPCZqN9A0f2uD4GqFDho0odc_nwiQvYnTNJF14RMC93fs8ofNZMocYUMzk4e3g&google_hm=A6HLR6-wg0wios2_xIgh9EY

Request Chain 312

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHM2Iez5-Tqy8tM2o4My-Dw&google_cver=1&google_push=AXcoOmQSNVkotoJRXY6uWKSZatncwWzTGTzG9GdRdiSr0iq14Jje9OLeBZYZBUhmm1d2571sjTK3OA3OZGOE_8yAg0hhVV90Re-uuw HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQSNVkotoJRXY6uWKSZatncwWzTGTzG9GdRdiSr0iq14Jje9OLeBZYZBUhmm1d2571sjTK3OA3OZGOE_8yAg0hhVV90Re-uuw&google_gid=CAESEHM2Iez5-Tqy8tM2o4My-Dw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUyNzUyOTk3MTkyMjc1NjQ1NTUzOA%3D%3D&google_push=AXcoOmQSNVkotoJRXY6uWKSZatncwWzTGTzG9GdRdiSr0iq14Jje9OLeBZYZBUhmm1d2571sjTK3OA3OZGOE_8yAg0hhVV90Re-uuw

Request Chain 314

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJDv6M41TCWc1ufPYM7xW4E&google_cver=1&google_push=AXcoOmSYFCesDKhEJS3n6T2Idve_q_146_zUSdC93sExgb85ImjeA354TPeGojg8ycj29tTqQlzNAQa3ao3ecQX6sa0vmlUvHQgQ-MU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSYFCesDKhEJS3n6T2Idve_q_146_zUSdC93sExgb85ImjeA354TPeGojg8ycj29tTqQlzNAQa3ao3ecQX6sa0vmlUvHQgQ-MU HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 333

https://gum.criteo.com/sid/json?origin=publishertag&domain=ejan.co&sn=ChromeSyncframe&so=3&topUrl=www.ejan.co&bundle=bX8G8F9KeW9tQ2duRGd3TWZOZnVIbzBBRzJiZ2VhWWlVSjY4JTJGRVpRSDZhM1I5a0dHRFRHVlgwJTJGVkZyV05vaCUyQndGSWg0aWJ1clBxODhPSjB0eDBvMlN6YkpHYTRVYlpuZ1BsVmxIb3NPaDI2aGo4Q0Frc1dyZTBzSGhLazY4Q2FkdTJQVnh5ZVdFTDU4dmF6Z0tZV3pzUWdOQkElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=UTLKpHxoTEpUcUp5VTdFM2o1aS9ZcmdmZGo1RHVNMktoOXFSSnkxOGRzc3Qvclh6QncyRGNSQUc5N3c3eE1zZVJGc3pSTEtzWldNV0RqcWk5UkpxeGxZTzFJMW5oKzhyYzJOQnRkcFkxMmV2WUE4NlJBTzBEcE1NcHJTajc1Q2JtWjFnQjRseC9jSGlZZVdaVS9aQVk4a2tYZ2t3ckc1OEhmWmVpTzduR1BaVkZRTFhOSGtzSlRVM1gyZU1GR2RyeHd4OU9rdkpEYjVKRzVpZWU1S2c5dDhRTGw5U3lRbzl6cE5sRjhmcDc5UElGb0s2SGRtQWI1c08vWWNhTHd5L1FWZEtrMUErWTNaS05JOUVSd0drbllsajBUdz09fA&cppv=2

Request Chain 339

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADP_k7KQCwAABhx4-TyRQ&expiration=1697811187&gdpr=1

Request Chain 340

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

Request Chain 343

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336725610154321

Request Chain 350

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKAEF9aOURreek5xnnEU5vE&google_cver=1&google_push=AXcoOmQEz2Vkw3RLPvh8zM0t59389hSKUyF6XDH6Adi-Qq5ydIiDdmx4mrZkXZCafDlMd6BdBmquRvQdgZ23FHiieMANlDpcVSflJw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKAEF9aOURreek5xnnEU5vE&google_cver=1&google_push=AXcoOmQEz2Vkw3RLPvh8zM0t59389hSKUyF6XDH6Adi-Qq5ydIiDdmx4mrZkXZCafDlMd6BdBmquRvQdgZ23FHiieMANlDpcVSflJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UUpLZFVlZEExUU9Meko1&google_gid=CAESEKAEF9aOURreek5xnnEU5vE&google_cver=1&google_push=AXcoOmQEz2Vkw3RLPvh8zM0t59389hSKUyF6XDH6Adi-Qq5ydIiDdmx4mrZkXZCafDlMd6BdBmquRvQdgZ23FHiieMANlDpcVSflJw

Request Chain 351

https://um.simpli.fi/gp_match?google_gid=CAESEDtbR7iu6EhBevcsIlVsF8s&google_cver=1&google_push=AXcoOmQ2In_oWR6j0u5L-f5bC-vPlPX2QYYxa6ZjTjz7_wUOeKGpTLygE7m3jOACbrGHOQSG89dDBWsMUeDYBgddGMiHlBCtZZiUQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=10101D4331404DA5BD5B392E2E87E2D2&google_push=AXcoOmQ2In_oWR6j0u5L-f5bC-vPlPX2QYYxa6ZjTjz7_wUOeKGpTLygE7m3jOACbrGHOQSG89dDBWsMUeDYBgddGMiHlBCtZZiUQQ

Request Chain 352

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOEYB61HY_qKeCWLwku1PyU&google_cver=1&google_push=AXcoOmSgzjLlRU-0IJ_JLscA4xWmNcV4m0zFq8WAlQaGN9883ncTum2N06cCtsuRxt3qEJHSgtWUrQZK1JX38OAQcGZq7keHppnzvA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOEYB61HY_qKeCWLwku1PyU&google_hm=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&google_nid=index&google_push=AXcoOmSgzjLlRU-0IJ_JLscA4xWmNcV4m0zFq8WAlQaGN9883ncTum2N06cCtsuRxt3qEJHSgtWUrQZK1JX38OAQcGZq7keHppnzvA

Request Chain 353

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJU1OzCWKOQX4YcPZ7y48Yc&google_cver=1&google_push=AXcoOmT9rScFdCVQOZslLMPAyiJSuDbHVDxcEIxxHx9A356a9UN_jV86-UEanGFoLbEwF0KXAqLWocnID4t7i3ELgLSq4zYcjTXP HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-a1cb47af-b083-4c22-a2cd-bfc48821f446-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmT9rScFdCVQOZslLMPAyiJSuDbHVDxcEIxxHx9A356a9UN_jV86-UEanGFoLbEwF0KXAqLWocnID4t7i3ELgLSq4zYcjTXP%26google_hm%3DA6HLR6-wg0wios2_xIgh9EY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmT9rScFdCVQOZslLMPAyiJSuDbHVDxcEIxxHx9A356a9UN_jV86-UEanGFoLbEwF0KXAqLWocnID4t7i3ELgLSq4zYcjTXP&google_hm=A6HLR6-wg0wios2_xIgh9EY

Request Chain 354

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJDv6M41TCWc1ufPYM7xW4E&google_cver=1&google_push=AXcoOmSCd0bonY-BTbqPHxsT_hyd35EVmuhYV6iZwDlmgzFA6w5AU5eGfywqiVdjhAFQ6F8NSIQXnjLxQmEvI7AjxHTrKkvUxqo4vQo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSCd0bonY-BTbqPHxsT_hyd35EVmuhYV6iZwDlmgzFA6w5AU5eGfywqiVdjhAFQ6F8NSIQXnjLxQmEvI7AjxHTrKkvUxqo4vQo HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 355

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAEyiJKRuSZUw4f5Du9F_7g&google_cver=1&google_push=AXcoOmQ1BpRN9dNnbivfMSYWwbZP7OpeSpndhwjCqi3U4oXaAbCcUV6IguLBVjN-FXCAqLEnZRwxgp_AqogvUP59DzgV8BPRLKPW3C4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjIzMjI5NjcwODg2ODc2ODYzNQ%3D%3D&google_gid=CAESEAEyiJKRuSZUw4f5Du9F_7g&google_cver=1&google_push=AXcoOmQ1BpRN9dNnbivfMSYWwbZP7OpeSpndhwjCqi3U4oXaAbCcUV6IguLBVjN-FXCAqLEnZRwxgp_AqogvUP59DzgV8BPRLKPW3C4

Request Chain 385

https://jdswhq.helmexpress.com/ts/i5047736/tsv?amc=dis.blbn.455799.471580.CRTw5ZW3v7L&smc1=oneidAD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9oneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1667899543/prod_creatives/net_253/adv_93696/cr_fe9b659b-1228-40f7-96d2-f24be3eb62d5

Request Chain 388

https://neso.r.niwepa.com/ts/i5034370/tsv?amc=dis.blbn.455799.471580.CRTdjlTVF8-&smc1=oneidgVZH8frfJVddhPHbH8t5t587fmSQT9pUeoneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www1.belboon.de/media/pixel.gif HTTP 301
https://webservice.belboon.com/www1/media/pixel.gif

Request Chain 417

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=omlKSaVpHk65ahwco2xVSfVvG0G5akpJpD9pgzf9

Request Chain 418

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1712412791&external_user_id=7d0ab8b3-79ec-4ebe-8de1-030d177ab3e9

Request Chain 419

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1696687991

Request Chain 420

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=10101D4331404DA5BD5B392E2E87E2D2

Request Chain 421

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4077027165501584801&expiration=1697811191

Request Chain 422

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSAV8gZmdfs.1VHdiARoMQAA%262185 HTTP 302
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSAV8gZmdfs.1VHdiARoMQAA%262185&tc=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Dd8TvBbMNF00IGZDMcjR&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSAV8gZmdfs.1VHdiARoMQAA%262185&tc=1

Request Chain 423

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QJKdUedA1QOLzJ5

Request Chain 424

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6232296708868768635

Request Chain 426

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 427

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D91E9B06-5502-4251-8820-766BA79C1A70&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D91E9B06-5502-4251-8820-766BA79C1A70&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 428

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6232296708868768635&gdpr=0&gdpr_consent=

Request Chain 429

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ki-cLy0vyCgxLMp8fiuDJyh8yisxKJsoLS1eTx4e

Request Chain 430

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7286848347700918416&gdpr=0&gdpr_consent=

Request Chain 431

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8dd73b8f-cc37-4ab0-9e65-3d0137c1eb85&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=4dfa486b-bfb1-4415-a571-ada863ff2749&expires=1&user_group=2&ssp=pubmatic&bsw_param=8dd73b8f-cc37-4ab0-9e65-3d0137c1eb85&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8dd73b8f-cc37-4ab0-9e65-3d0137c1eb85&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 432

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zsGBOlCEXwlScAw6TiDIQbnVm6E&gdpr=0&gdpr_consent=

Request Chain 433

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2R6bBlUCQlGIIHZrp5wacA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 435

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3733892751 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D91E9B06-5502-4251-8820-766BA79C1A70

Request Chain 436

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=D91E9B06-5502-4251-8820-766BA79C1A70 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmNnRUp6eS02cExUbW1SbVV2eWowQ3BlUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=4077027165501584801&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 437

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDkxRTlCMDYtNTUwMi00MjUxLTg4MjAtNzY2QkE3OUMxQTcw&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 438

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE0Ogfh0je4YzV50uSRgkfE&google_cver=1

Request Chain 440

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4077027165501584801

443 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ec3to6d7sl Show response
www.ejan.co/world/ 450 KB
71 KB 114ms
42ms Document
text/html 2606:4700::6812:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

61e24cfb1db42a4fc82c8c6016616ea06f8fc5430af9e4291e2d44468aa6bef3

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'unsafe-inline' 'unsafe-eval' https: http:;script-src data: 'unsafe-inline' 'unsafe-eval' https: http: blob:;style-src data: 'unsafe-inline' https: http: blob:;img-src data: https: http: blob:;font-src data: https: http:;connect-src https: wss: ws: http: blob:;media-src https: blob: http:;object-src https: http:;child-src https: data: blob: http:;form-action https: http:;frame-ancestors 'self' https://*.quintype.com https://www.ejan.co;block-all-mixed-content; report-to gumlet-nel

Strict-Transport-Security

max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5599
alt-svc: h3=":443"; ma=86400
cache-control: public,max-age=15,s-maxage=10800,stale-while-revalidate=1000,stale-if-error=14400
cf-cache-status: HIT
cf-ray: 811e80acdec718ff-FRA
content-encoding: br
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https: http:;script-src data: 'unsafe-inline' 'unsafe-eval' https: http: blob:;style-src data: 'unsafe-inline' https: http: blob:;img-src data: https: http: blob:;font-src data: https: http:;connect-src https: wss: ws: http: blob:;media-src https: blob: http:;object-src https: http:;child-src https: data: blob: http:;form-action https: http:;frame-ancestors 'self' https://*.quintype.com https://www.ejan.co;block-all-mixed-content; report-to gumlet-nel
content-type: text/html; charset=utf-8
date: Fri, 06 Oct 2023 14:13:01 GMT
link: <https://fea.assettype.com/quintype-ace/assets/app-c4376e8f63ff4a1db579.js>; rel=preload; as=script;
server: cloudflare
strict-transport-security: max-age=86400
surrogate-key: s/1887/600e8138 a/1887/1771468 s/1887/e518851e s/1887/f8ccbd4c s/1887/60e0de9d s/1887/c244d025 pb/1887/story pb/1887/all page/1887/story-page
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 app-c4376e8f63ff4a1db579.js Show response
fea.assettype.com/quintype-ace/assets/ 1 MB
286 KB 57ms
19ms Script
application/javascript 2606:4700:10::ac43:1be8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fea.assettype.com/quintype-ace/assets/app-c4376e8f63ff4a1db579.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1be8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a18ca00dbf796e7887014bb2b6b4e0d659019ebc014eba46e539e43235c473

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:01 GMT
x-amz-version-id: k6RJIdKu8aG_8voeSd9yvSgsZtZdPy4X
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 111316
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 05 Oct 2023 07:16:10 GMT
server: cloudflare
etag: W/"78d8a4bedc98923a467efaf6721b6538"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31104000
cf-ray: 811e80ad5bfd9150-FRA
x-amz-cf-id: 3rPh_ebRFLIoR8DrrCGGKfcHoH5Zlqm3_a2bMm5UdXqA-CbekacD0g==

GET
H2 200 gumlet.min.js Show response
cdn.gumlet.com/gumlet.js/2.0/ 19 KB
7 KB 99ms
8ms Script
application/javascript 2600:9000:225e:e400:11:c3fe:5b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gumlet.com/gumlet.js/2.0/gumlet.min.js
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e400:11:c3fe:5b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13df2bb7aaa7526f48a0135ce43c27dcedd42b1c10bd4f8da2d7965b62b50102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 12:01:31 GMT
content-encoding: br
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
last-modified: Mon, 21 Nov 2022 09:03:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 1822291
etag: W/"083a141b447aa53bbb9073a45592d18d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, s-maxage=31536000, max-age=172800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: mYcIAxP4ruvuRcm4Mze2lnCZySKjpxPJRyJCo5Zm8XBxXcFvZ8JhhQ==

GET
H2 200 text-story-template-chunk-c4376e8f63ff4a1db579.js Show response
fea.assettype.com/quintype-ace/assets/ 2 KB
1 KB 62ms
26ms Script
application/javascript 2606:4700:10::ac43:1be8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fea.assettype.com/quintype-ace/assets/text-story-template-chunk-c4376e8f63ff4a1db579.js
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1be8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10c335b61ae6e19fce7663076580ea6c9cab1a03164d3b9632891c214fa0255e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:01 GMT
x-amz-version-id: 88q.KMySwWjLmN0__tIP2CYkzi6nLhNv
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 111312
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 05 Oct 2023 06:16:58 GMT
server: cloudflare
etag: W/"65b243d93036eea06dfbf0347e01380d"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31104000
cf-ray: 811e80ad5c009150-FRA
x-amz-cf-id: at94hQNOc_2vuitaF9TPR0QeocefrAzrbJl1mJs6LxGvwdJLHA7xVw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
91 KB 205ms
106ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0LPCX7QHXD

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e84039aeb7551b1972450604774da18b771f360c1de3709951c4bbc85d730794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92666
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 14:13:01 GMT

GET
H2 200 push.js Show response
cdn.taboola.com/webpush/ 2 KB
1 KB 28ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/webpush/push.js
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6aafc687db99b5f3a12bc91ca14ea365d38770d307f4fa8b3bf7952367cde286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 0XGlCL08oIVFP.mZZulN9HT9R5PgQi9I
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:13:01 GMT
x-amz-request-id: B87E9GJQFWBEP4K6
age: 18284
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 748
x-amz-id-2: GBJwnC5w037m4e98bjloVzjFHj3VbRN4MqBz+iQWjbAvXNDkEimT5iSBfAaVwc7HbLFViEkc7Go=
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Tue, 09 May 2023 14:05:09 GMT
server: AmazonS3
x-timer: S1696601582.645902,VS0,VE0
etag: "5085256fe4b4dcc1d4994ea570134e40"
vary: Accept-Encoding
content-type: application/javascript
abp: 3
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 66

GET
H2 200 ats.js Show response
anymind360.com/js/359/ 212 KB
44 KB 269ms
7ms Script
application/javascript 151.101.65.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/359/ats.js

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a1ee0c79db25c137a3693b98a703ae543161776cebc6e7cc19321aab31c24eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Thu, 05 Oct 2023 15:54:54 GMT
date: Fri, 06 Oct 2023 14:13:01 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 80288
x-guploader-uploadid: ADPycduQki4_V8ofDrWNqZXhwMrK-D-E0bWT2aHsE4t4elMjGD2dvhndOqG_lpzPEC2YyzMOysQc3j7_nA
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 44755
x-served-by: cache-tyo11963-TYO, cache-fra-eddf8230085-FRA
last-modified: Fri, 15 Sep 2023 10:34:48 GMT
server: UploadServer
x-timer: S1696601582.933825,VS0,VE1
etag: "ecf2f4e2feee3657bd4da644c4891563"
vary: Accept-Encoding
x-goog-generation: 1694774088741757
x-goog-hash: crc32c=aX94QA==, md5=7PL04v7uNle9TaZExIkVYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 44755
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-cache-hits: 18, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
71 KB 151ms
53ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11020464565

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

886b115f1ef6d3bc03b906ed909d6b20300f54cfb52297eba451c0ac11e4ad72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72015
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Oct 2023 14:13:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
74 KB 244ms
146ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5W27ZQ4

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6480fac0a8635b0d043ee642d391b018d91d598c7294132c8579f622ee497dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75934
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Oct 2023 14:13:01 GMT

GET
H2 200 521.png
images.assettype.com/ejan/2021-01/d7355e3c-02e9-4d74-b229-eb105ebc8634/ 3 KB
3 KB 34ms
23ms Image
image/png 2606:4700:10::ac43:1be8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.assettype.com/ejan/2021-01/d7355e3c-02e9-4d74-b229-eb105ebc8634/521.png?w=50&fm=png
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1be8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28dcdc76e8bd86d238f0a19f7292cb3305909339d7b584d018e57c8299221c5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:01 GMT
cf-cache-status: HIT
server: cloudflare
age: 7502
etag: "d5776cb3e148f9e9a4e717f162ccfd2ed544acf4"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 811e80ad8c2c9150-FRA
content-length: 2749
expires: Sat, 07 Oct 2023 12:07:59 GMT

GET
H2 200 hood.js Show response
cdn.ocmhood.com/sdk/ 26 KB
11 KB 56ms
27ms Script
application/javascript 2606:4700:20::681a:6e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ocmhood.com/sdk/hood.js?hf=Hood
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/webpush/push.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2e83e51075604c1fade85f589f18d050e711d5626ac02ae040e2cb4762b97b2

Request headers

Referer: https://www.ejan.co/
Origin: https://www.ejan.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6569
alt-svc: h3=":443"; ma=86400
service-worker-allowed: /
last-modified: Fri, 21 Jul 2023 09:35:24 GMT
server: cloudflare
etag: W/"64ba515c-2a43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIeMblzv8vC37Pgb3YtvwEBfIBSlBfHM9sPN9Mzsu5Iv0UC1OsNIje6MHfvIiFjhKtDxXdZKdKSSh6Y0sRMwoGcRaiUUPoOhU5B6sTUV53tdiklL9rW4e9%2F%2BGRytNB08HBZ3goAIdfVImRwQZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 811e80ada876904c-FRA

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/ejan-ejanco/ 524 KB
53 KB 9ms
2ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/ejan-ejanco/loader.js
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd117ed0147f012bb7bb746136ed360739d69d896335755d7675d0a1b8544ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: oZcNQQRPbX5Z5ms2UEjZ2G6_bmcRBO2e
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:13:01 GMT
x-amz-request-id: VTD2R1KGC1MAN2F6
age: 22
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 54101
x-amz-id-2: SsL9JR7jGgS8GuaCHwU3XN5MEtariv+hl9DViyvHTW9DcCBIpECItnsO1gYLV2PXo12P168icQPXOLKvmMM6mw==
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Thu, 05 Oct 2023 12:19:31 GMT
server: AmazonS3
x-timer: S1696601582.673183,VS0,VE2
etag: "caa79a3dc588fb43752a0c21cc8cbb74"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 80
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 -W__XJnvUD7dzB2KYNod.woff2
fonts.gstatic.com/s/prompt/v10/ 17 KB
18 KB 133ms
41ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W__XJnvUD7dzB2KYNod.woff2

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
Origin: https://www.ejan.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 10:23:42 GMT
x-content-type-options: nosniff
age: 532159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17640
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:46:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 10:23:42 GMT

GET
H2 200 -W_8XJnvUD7dzB2C2_8IaWMu.woff2
fonts.gstatic.com/s/prompt/v10/ 18 KB
18 KB 142ms
50ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2C2_8IaWMu.woff2

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4208432ab62e4e5a5e5901bbc6db5ca3119001facc45108f137e9c5b5370352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
Origin: https://www.ejan.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:20:37 GMT
x-content-type-options: nosniff
age: 71544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17960
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:20:37 GMT

GET
H2 200 DtVjJx26TKEr37c9aBVJnw.woff2
fonts.gstatic.com/s/sarabun/v15/ 11 KB
11 KB 175ms
83ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarabun/v15/DtVjJx26TKEr37c9aBVJnw.woff2

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c18a7096d8615e2b30d7fbaccb64fe00b6cffccf671c3c4ca53244640722202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
Origin: https://www.ejan.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 18:01:55 GMT
x-content-type-options: nosniff
age: 591066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11452
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 18:01:55 GMT

GET
H2 200 DtVmJx26TKEr37c9YK5silss6w.woff2
fonts.gstatic.com/s/sarabun/v15/ 11 KB
11 KB 184ms
92ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarabun/v15/DtVmJx26TKEr37c9YK5silss6w.woff2

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad4e2d51cf7f8cad0b33fcae853656fa79fa2da3e9828bdf50895a88d9463259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
Origin: https://www.ejan.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 18:02:43 GMT
x-content-type-options: nosniff
age: 591018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11632
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:36:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 18:02:43 GMT

GET
H2 200 logo_Ejan_png.png
gumlet.assettype.com/ejan/2021-01/7206fce9-b376-44e6-88e4-995058a3f013/ 6 KB
7 KB 92ms
9ms Image
image/webp 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan/2021-01/7206fce9-b376-44e6-88e4-995058a3f013/logo_Ejan_png.png?w=200

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0589eb7b6da262f6588f368af3fcf1acbbfbbeb7e89665e329990a9a824da44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Jun 2023 22:01:33 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 649f50bc93066996bd4e893a
x-amz-cf-pop: FRA60-P2
age: 8439088
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.299
alt-svc: h3=":443"; ma=86400
content-length: 6274
surrogate-key: gumlet.assettype.com 2023-05-10
etag: "4wn3ifmj6yxk"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: fp61nHQsQ8MwXOjjk_7sO1sGjd1ifoxp2mem2csy9mHXG1XdiJAPJQ==

GET
DATA 200
OK truncated
/ 58 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 logo_Ejan_png.png
gumlet.assettype.com/ejan/2021-01/7206fce9-b376-44e6-88e4-995058a3f013/ 6 KB
7 KB 36ms
10ms Image
image/webp 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan/2021-01/7206fce9-b376-44e6-88e4-995058a3f013/logo_Ejan_png.png?w=200&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0589eb7b6da262f6588f368af3fcf1acbbfbbeb7e89665e329990a9a824da44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 07:25:18 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 64c36d5ecfcf029926c309b3
x-amz-cf-pop: FRA60-P2
age: 6072463
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.29
alt-svc: h3=":443"; ma=86400
content-length: 6274
surrogate-key: gumlet.assettype.com 2023-06-30
etag: "4wn3ifmj6yxk"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: Y4hrAb2p8_5PX3xZJSjXNslTWz4u5Ry-0k-9nOwNeXIjt58QqcampQ==

GET
H2 200 ejan%2F2023-10%2Fbcf07a52-3f82-4440-86f7-0a4dbb0e2b68%2F450.jpg
gumlet.assettype.com/ 41 KB
42 KB 176ms
150ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-10%2Fbcf07a52-3f82-4440-86f7-0a4dbb0e2b68%2F450.jpg?auto=format%2Ccompress&fit=max&w=768&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a2c21334654c980aa9ef139dd302c732bb43c0476daf6f21aab18b7cd8ba904c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 06 Oct 2023 11:44:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-oc: HIT
x-gumlet-reqid: ZR/zGYtG2i1Qfmhr
x-amz-cf-pop: FRA60-P2
age: 8916
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.108
alt-svc: h3=":443"; ma=86400
content-length: 41664
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: gumlet.assettype.com 2023-10-06
etag: "19jagtdwrkmbn"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: gUZBeHtHZSRLqvDaDRYhhPHksjW8Lv690TiELO-8Q5zaxSesJt0miQ==

GET
H2 200 ejan%2F2023-10%2F34f0f647-6e78-49aa-9cb0-ab32745ae8ed%2FqnS58N8Sqh8u3QgNlAiorhDeqTS1svCJqmkBC6ppAQs.jpg
gumlet.assettype.com/ 34 KB
35 KB 169ms
143ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-10%2F34f0f647-6e78-49aa-9cb0-ab32745ae8ed%2FqnS58N8Sqh8u3QgNlAiorhDeqTS1svCJqmkBC6ppAQs.jpg?auto=format%2Ccompress&w=768&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f11966cdba6f15433c7f2b44182120f34ca2992a38f8115dffa54d1fc1c65b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 06 Oct 2023 11:44:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-oc: HIT
x-gumlet-reqid: ZR/zGfH65CzarjYQ
x-amz-cf-pop: FRA60-P2
age: 8916
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.222
alt-svc: h3=":443"; ma=86400
content-length: 34470
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: gumlet.assettype.com 2023-10-06
etag: "1lomqqhskeca4"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: AmHIP03z1PMlm2UgAOw6tbtYdDCiKgbhUbx1g1YB7zGvdXl-GNJyoA==

GET
H2 200 ejan%2F2023-10%2Fe1670f92-eabf-408a-b881-b383552dc090%2FaXDW66dZq_KDMTxzhO70os_d_u7F5FjT_i028PotNvA.jpg
gumlet.assettype.com/ 23 KB
23 KB 171ms
146ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-10%2Fe1670f92-eabf-408a-b881-b383552dc090%2FaXDW66dZq_KDMTxzhO70os_d_u7F5FjT_i028PotNvA.jpg?auto=format%2Ccompress&w=768&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

df091271ed69f3fbccf5ede90de760579dba3a8d93cadf8dd1b31c29d2060486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 06 Oct 2023 11:44:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-oc: HIT
x-gumlet-reqid: ZR/zGfPaPZ0Y7gxj
x-amz-cf-pop: FRA60-P2
age: 8916
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.316
alt-svc: h3=":443"; ma=86400
content-length: 23082
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: gumlet.assettype.com 2023-10-06
etag: "3jos30ilriisl"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: dAH4U4aFACB8e43QHTJkABZHsxsQt6ub9UWQeFcxfQ4BDBMBcnn2GA==

GET
H2 200 svg-sprite-ef78f60979ae5731dcbbb0aa5aa86923.svg
www.ejan.co/quintype-ace/assets/ 52 KB
15 KB 36ms
35ms Other
image/svg+xml 2606:4700::6812:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ejan.co/quintype-ace/assets/svg-sprite-ef78f60979ae5731dcbbb0aa5aa86923.svg

Requested by

Host: fea.assettype.com
URL: https://fea.assettype.com/quintype-ace/assets/app-c4376e8f63ff4a1db579.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

267a73528e91abce7c69204ea5f8b3598d1d03bba8a3e65b62b16be385239be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:01 GMT
strict-transport-security: max-age=86400
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 07:11:49 GMT
server: cloudflare
age: 110808
x-powered-by: Express
etag: W/"ce20-18afeadab08"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=31104000,s-maxage=31104000
cf-ray: 811e80af09f918ff-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 breaking-news Show response
www.ejan.co/api/v1/ 8 KB
2 KB 88ms
88ms Fetch
application/json 2606:4700::6812:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ejan.co/api/v1/breaking-news

Requested by

Host: fea.assettype.com
URL: https://fea.assettype.com/quintype-ace/assets/app-c4376e8f63ff4a1db579.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7123bf381b698da33cfdbdf02dc3a6f51d92e942434b3f2225984595bb5aee95

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
via: 1.1 varnish (Varnish/6.3)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400
age: 53
x-powered-by: Express
edge-cache-tag: q/1887//home,s/1887/3e7e24c9,s/1887/fc711dc8,s/1887/72c9c4ba,s/1887/9102972e,s/1887/80fde6f2,s/1887/91ce3dd9,s/1887/unknowns,s/1887/unknowns,s/1887/unknowns,s/1887/unknowns,s/1887/unknowns,s/1887/unknowns,c/1887/49588
x-cache: HIT
edge-control: public,max-age=240
qt-trace-id: 8474468e-960a-4da1-a1b5-134b1f40c270
alt-svc: h3=":443"; ma=86400
surrogate-key: q/1887//home s/1887/3e7e24c9 s/1887/fc711dc8 s/1887/72c9c4ba s/1887/9102972e s/1887/80fde6f2 s/1887/91ce3dd9 s/1887/unknowns s/1887/unknowns s/1887/unknowns s/1887/unknowns s/1887/unknowns s/1887/unknowns c/1887/49588
last-modified: Fri, 06 Oct 2023 14:11:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
x-varnish: 626979203 672070521
cache-control: public,max-age=15,s-maxage=240,stale-while-revalidate=300,stale-if-error=7200
cf-ray: 811e80af2a1e18ff-FRA
x-hitcount: 2

GET
H2 200 story-c4376e8f63ff4a1db579.js Show response
fea.assettype.com/quintype-ace/assets/ 15 KB
5 KB 16ms
16ms Script
application/javascript 2606:4700:10::ac43:1be8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fea.assettype.com/quintype-ace/assets/story-c4376e8f63ff4a1db579.js
Requested by: Host: fea.assettype.com
URL: https://fea.assettype.com/quintype-ace/assets/app-c4376e8f63ff4a1db579.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1be8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c3e7eecb70ea923cc59daebe6fa7c4300e46064df42f0eb089540270cd96a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:01 GMT
x-amz-version-id: iXIWPBhEtrmFU.AEZbK14m70U1FRjWlP
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 111312
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 05 Oct 2023 06:16:55 GMT
server: cloudflare
etag: W/"2d1e6407bb891dba48bef063962c6fbe"
vary: Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31104000
cf-ray: 811e80af3e5e9150-FRA
x-amz-cf-id: miWYrWIiJa-pCDF325IbHhzGavsQtqVIBZqq263BZRB5X_qtTr3VvQ==

GET
H2 200 load.js Show response
pm-widget.taboola.com/ejan-ejanco/ 3 KB
1 KB 19ms
17ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/ejan-ejanco/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ejan-ejanco/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f977ebdb963f24af72b97b9a0289aff65c52f56e294ca2a1205bfe4edb2bfd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: APQhbdfZv_nWTTCXhF8uFqcCOpSFvaLZ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:13:02 GMT
x-amz-request-id: AB1B5SGX1RBYSBYV
age: 247
x-cache: HIT
content-length: 1213
x-amz-id-2: x/MesJmdKmiRfl2kW16WaeY5lkwFMrsYI9uWsG/ptNZF+5x4fVeqBaywp7sKnRhOf3Ofs+r7kB0=
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Tue, 03 Oct 2023 03:48:03 GMT
server: AmazonS3
x-timer: S1696601582.063707,VS0,VE1
etag: "779b51ad62cccda4f8e3c1daec21e504"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 impl.20231005-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 811 KB
168 KB 10ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ejan-ejanco/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 56bb634245b7b25ecb78ab1639e9d916c097684096acffb4b8d02e3fcd99557d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: UDckBi_dYgkvA6KfwnPPY8Hiski8Fxy8
content-encoding: br
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:13:02 GMT
x-amz-request-id: 5DS0P35PRK31YRYP
age: 18607
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 171845
x-amz-id-2: pdOOI7I78If90eJVeHkToTJ1E7mWCnto5gAHRBAbpdfQTVXYI1bnrRM6fhq5L1hFCtmFwDFrPwA=
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Thu, 05 Oct 2023 08:55:01 GMT
server: AmazonS3-br
x-timer: S1696601582.063713,VS0,VE0
etag: "dff646170ee7a85f3bc08642c9709075"
vary: Accept-Encoding
content-type: application/javascript
abp: 33
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 66442

GET
H3

200

main.js Show response
www.ejan.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 56E4
Redirect Chain

https://www.ejan.co/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.ejan.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
3 KB

28ms
28ms

Script
application/javascript

2606:4700::6812:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ejan.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Server

2606:4700::6812:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e56fdcd617a7ea8cb87a178ba63b8a9674eb811ee4c1940f1fa24c835e5aae99

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 811e80b0cfd930ed-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 06 Oct 2023 14:13:02 GMT
strict-transport-security: max-age=86400
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
cache-control: max-age=300, public
cf-ray: 811e80b02f0c30ed-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 -W__XJnvUD7dzB2KdNodVkI.woff2
fonts.gstatic.com/s/prompt/v10/ 13 KB
13 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W__XJnvUD7dzB2KdNodVkI.woff2

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a0b2a8b1ee977665c6deaac4be3b91b2f9fd6610221ca1ae31e6cb44199f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
Origin: https://www.ejan.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:08:33 GMT
x-content-type-options: nosniff
age: 353069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13024
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:55:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Oct 2024 12:08:33 GMT

GET
H2 200 -W_8XJnvUD7dzB2C2_8IfWMuQ5Q.woff2
fonts.gstatic.com/s/prompt/v10/ 13 KB
13 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2C2_8IfWMuQ5Q.woff2

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9ea25116dc893d7aa59abe5ac6e9035ff1e3172746c8e86e996e123d4321b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
Origin: https://www.ejan.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:07:50 GMT
x-content-type-options: nosniff
age: 11112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 11:07:50 GMT

GET
H2 200 DtVjJx26TKEr37c9aAFJn2QN.woff2
fonts.gstatic.com/s/sarabun/v15/ 9 KB
10 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarabun/v15/DtVjJx26TKEr37c9aAFJn2QN.woff2

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7255a0ff175fc2330ee58fb2e55efc5edbc54d2f4546220b7b639c1fe601b443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
Origin: https://www.ejan.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 18:09:24 GMT
x-content-type-options: nosniff
age: 590618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9676
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 18:09:24 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11020464565/ 3 KB
2 KB 178ms
81ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11020464565/?random=1696601582216&cv=11&fst=1696601582216&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20&auid=83484479.1696601582&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11020464565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1d416ffb20b1dfb9121f4af859dbb64c228f66580192c6352c55cbd82fbbc4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11020464565/ 3 KB
2 KB 152ms
59ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11020464565/?random=1696601582242&cv=11&fst=1696601582242&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&label=WubnCMrPlpcYELXj-4Yp&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20&gtm_ee=1&auid=83484479.1696601582&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11020464565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0a3478d9e6ef73503c4ece3ee4938a10baf831283999b23d558e5c38949d92bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1699
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookieconsent.css
static.ejan.co/ 18 KB
5 KB 66ms
16ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ejan.co/cookieconsent.css?v4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W27ZQ4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 991eaacdca85b1d9273437c6601aa63e2cfd026573f33767a46d00431037bc06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4663
cf-polished: origSize=23077
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Oct 2022 05:49:06 GMT
server: cloudflare
etag: W/"63562752-5a25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h74spiT3Y9tfZ%2BfQiEpOCGwQRKnqmPvheBTK2LmQ8yThV6d5NUxhH5skPOK0VcFzZ%2BcXEtOipOAuWtzbyRVGnePMHg2Y0hXWu%2B%2FX9OZuO1r%2BrH6FFA6WUIJBEzXp5EeHIkcL7uOjHvhiUay7%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 811e80b16dfc8fe8-FRA

GET
H2 200 cookieconsent.js Show response
static.ejan.co/ 19 KB
7 KB 243ms
194ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ejan.co/cookieconsent.js?v2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W27ZQ4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db99ae5a9f5a65d36dd75855a654598f78bb5f15887ebcf1ef3a758d84ad652c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 31 May 2022 15:56:14 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=19234
etag: W/"62963a9e-4b22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygd8UqB%2Bv1N8EN7JWRnrVkXC5B9NW7tzLIuFsO5dbNrozoTnod1toFUnwQhsFl%2FHBolsccQ8SpsiHw1RN0q%2F3WfhRKGGTTuT3qduVnIiRL0yNSXEzsTlY%2B2FSRVZ5c51XYpN%2Fi9R6BJsQDYqaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 811e80b16dfa8fe8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 48ms
14ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W27ZQ4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 12:43:55 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5347
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 06 Oct 2023 14:43:55 GMT

GET
H2 200 t0032112.js Show response
lvs.truehits.in.th/dataa/ 9 KB
10 KB 1423ms
220ms Script
application/x-javascript 203.154.91.181
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://lvs.truehits.in.th/dataa/t0032112.js
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.91.181 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-91-181.inter.net.th
Software: nginx/1.23.3 /
Resource Hash: 8668afd73945e6a30161612643f31d840797d6226a1ffaffdec6cd3ecae791f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:03 GMT
last-modified: Fri, 6 Oct 2023 14:11:00 GMT
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type: application/x-javascript
cache-control: max-age=180
content-length: 9599
expires: Fri, 6 Oct 2023 14:16:03 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 06 Oct 2023 14:13:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: CCqnGBshrebBOL8aYTzfjn02eEdY6nwpbnWjpUzXiTMtQ0OO6oG2teHo3jGVV7+hDB0JN10eNvKr2IQ8FzEHIA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 185ms
85ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2bbdea1641907d8624ed5fff410ac82a57e6328332422a0118067115a0c92af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Oct 2023 10:34:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651d1575-114b6"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70838
expires: Fri, 06 Oct 2023 15:13:02 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 20 KB
7 KB 99ms
66ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W27ZQ4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 811e80b15f845c98-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
89 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NC32QW73J2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W27ZQ4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

401b5d6e2c79408dc653ac852ce0463a60e90777708b017ccd0ebf3032cc3b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91087
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 14:13:02 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
242 B 64ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0LPCX7QHXD&gtm=45je3a40&_p=1661371357&cid=156981466.1696601582&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1696601582&sct=1&seg=0&dl=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&dt=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20%E0%B9%80%E0%B8%9C%E0%B8%A2%20%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%20%E0%B8%84%E0%B8%B7%E0%B8%AD%20%E0%B8%99%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B9%80%E0%B8%89%E0%B8%A2%E0%B9%86%20%E0%B8%82%E0%B8%AD%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B8%9E%E0%B9%88%E0%B8%AD%E0%B9%81%E0%B8%A1%E0%B9%88&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0LPCX7QHXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DtVmJx26TKEr37c9YK5sik8s6zDX.woff2
fonts.gstatic.com/s/sarabun/v15/ 9 KB
9 KB 45ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarabun/v15/DtVmJx26TKEr37c9YK5sik8s6zDX.woff2

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08e53442748a876d664005ea82f14fe894211f54adab26f33e9eb4e332c68b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
Origin: https://www.ejan.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 18:11:09 GMT
x-content-type-options: nosniff
age: 590513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:36:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 18:11:09 GMT

GET
H2 200 pmk-20220605.7.js Show response
pm-widget.taboola.com/ejan-ejanco/ 102 KB
29 KB 24ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/ejan-ejanco/pmk-20220605.7.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/ejan-ejanco/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd4102d7206a9d7f98696da9fce360a2851ca7fb710a4bdc2a6d47c5d4402edf

Request headers

Referer: https://www.ejan.co/
Origin: https://www.ejan.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: BqboAu.cByFB_MtG9WwpT..MWp1U_RnJ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:13:02 GMT
x-amz-request-id: JJ58C6D7J4K1HAPY
age: 296646
x-cache: HIT
content-length: 28792
x-amz-id-2: +gC6TGOl60oXKlOO/CqrQByUviLHgUiMtwjfSWzLPS0v8eK3RcY3NzOipBNCyUvbPIclj/JARdY=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Tue, 03 Oct 2023 03:48:02 GMT
server: AmazonS3
x-timer: S1696601582.449556,VS0,VE1
etag: "225561aca117797103e65330b3cbdc57"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
30 KB 224ms
123ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fea.assettype.com
URL: https://fea.assettype.com/quintype-ace/assets/app-c4376e8f63ff4a1db579.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80f540ebbdbf3adf72102ca48f8351143a6f8ac7c1de87450a879169f8c053c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30143
x-xss-protection: 0
server: cafe
etag: 807 / 19636 / m202310020101 / config-hash: 12631718780053314049
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 14:13:02 GMT

GET
H3 200 attributes Show response
www.ejan.co/api/v1/stories/600e8138-7276-4eb1-9dd3-3015eae23b64/ 18 B
428 B 150ms
150ms Fetch
application/json 2606:4700::6812:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ejan.co/api/v1/stories/600e8138-7276-4eb1-9dd3-3015eae23b64/attributes

Requested by

Host: fea.assettype.com
URL: https://fea.assettype.com/quintype-ace/assets/app-c4376e8f63ff4a1db579.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

24cc8864e7c0821b962d3e578a391602e9cff9107ccbd750fe294a74226a931b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
via: 1.1 varnish (Varnish/6.3)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400
x-powered-by: Express
edge-cache-tag: s/1887/600e8138
x-cache: MISS
edge-control: public,max-age=240
qt-trace-id: 5c7a8fa4-b118-4f9e-8239-a6a80f31b13f
alt-svc: h3=":443"; ma=86400
surrogate-key: s/1887/600e8138
last-modified: Fri, 06 Oct 2023 11:39:16 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
content-type: application/json
x-varnish: 668710187
cache-control: public,max-age=60,s-maxage=10800,stale-while-revalidate=7200,stale-if-error=7200
cf-ray: 811e80b269f430ed-FRA

GET
H3 200 top-trend Show response
www.ejan.co/api/v1/collections/ 97 KB
16 KB 43ms
42ms Fetch
application/json 2606:4700::6812:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ejan.co/api/v1/collections/top-trend?item-type=story&limit=6

Requested by

Host: fea.assettype.com
URL: https://fea.assettype.com/quintype-ace/assets/app-c4376e8f63ff4a1db579.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

949583012bfeece683594da39182edcad915015fcbc568e722a522eda2b39be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
via: 1.1 varnish (Varnish/6.3)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400
age: 7209
x-powered-by: Express
x-cache: HIT
qt-trace-id: 4ecc9c9a-1e1a-4cfc-8ce1-90bb55fbf5b9
alt-svc: h3=":443"; ma=86400
surrogate-key: c/1887/95747 s/1887/64fc48a9 s/1887/e9a36e0f s/1887/90bd7fdd s/1887/ca6e211e s/1887/600e8138 s/1887/ee62387d
last-modified: Fri, 06 Oct 2023 11:49:27 GMT
server: cloudflare
vary: Accept-Encoding
x-varnish: 669581827 668972701
content-type: application/json
cache-control: public,max-age=60,s-maxage=10800,stale-while-revalidate=7200,stale-if-error=7200
cf-ray: 811e80b269fa30ed-FRA
x-hitcount: 1

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 49ms
17ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 258967
expires: 60

POST
H3 200 811e80acdec718ff Show response
www.ejan.co/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 56E4 0
282 B 49ms
46ms XHR
text/plain 2606:4700::6812:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ejan.co/cdn-cgi/challenge-platform/h/g/jsd/r/811e80acdec718ff

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
strict-transport-security: max-age=86400
content-encoding: br
server: cloudflare
cf-ray: 811e80b3cbdb30ed-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 /
www.google.com/pagead/1p-user-list/11020464565/ 42 B
455 B 159ms
70ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11020464565/?random=1696601582216&cv=11&fst=1696600800000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&frm=0&tiba=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3832442296&rmt_tld=0&ipr=y

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11020464565/ 42 B
455 B 139ms
51ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11020464565/?random=1696601582216&cv=11&fst=1696600800000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&frm=0&tiba=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3832442296&rmt_tld=1&ipr=y

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10148.3y-azUDD3bHlWck3teJv84DTKVzbOgbdeL9G3dHtUN_6ORH4KCkNSh3vMf3maeaK.C0sq7jqWLveke14mrLHE5OLhyOw%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10148.eGKzqhKBCrMoEOrQK8HFjmS9JY3gGeLmS25lnmtYcv80D3DHI9VzXlPVKJL6xBuZRzdME2F8aQPq-0_ZuMG-WUf9hph_10rVSNTNlOCAoXQ%2C.Yks-e3_ui_cKEaVe0hrljXFG7Us%2C

43 B
67 B

52ms
52ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10148.eGKzqhKBCrMoEOrQK8HFjmS9JY3gGeLmS25lnmtYcv80D3DHI9VzXlPVKJL6xBuZRzdME2F8aQPq-0_ZuMG-WUf9hph_10rVSNTNlOCAoXQ%2C.Yks-e3_ui_cKEaVe0hrljXFG7Us%2C

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10148.eGKzqhKBCrMoEOrQK8HFjmS9JY3gGeLmS25lnmtYcv80D3DHI9VzXlPVKJL6xBuZRzdME2F8aQPq-0_ZuMG-WUf9hph_10rVSNTNlOCAoXQ%2C.Yks-e3_ui_cKEaVe0hrljXFG7Us%2C
date: Fri, 06 Oct 2023 14:13:02 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3

200

/
www.google.de/pagead/1p-conversion/11020464565/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11020464565/?random=20042957&cv=11&fst=1696601582242&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/11020464565/?random=20042957&cv=11&fst=1696601582242&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3...
https://www.google.de/pagead/1p-conversion/11020464565/?random=20042957&cv=11&fst=1696601582242&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3t...

42 B
64 B

54ms
53ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11020464565/?random=20042957&cv=11&fst=1696601582242&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&label=WubnCMrPlpcYELXj-4Yp&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20&gtm_ee=1&auid=83484479.1696601582&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVFBdE1TZko3bEx6YzNCbERacmh1cDhrcll6SVRFaDdUejc3ZTJfUjhsdm9McHRjR3MaV0NoRUk4T0QtcUFZUW1vWDJsZGJ4cFpfN0FSSXNBTmxNaHZBRkwyLTUtWEpFNVNXUWRzV0toakxxWW5vQnRxS1gwSDVudzJHS3JIYmMwM3hpVVBjUzdiUSITCPz2kLXN4YEDFR3HuwgdF84G6Q&is_vtc=1&ocp_id=7hUgZfzHFZ2O7_UPl5ybyA4&cid=CAQSKQDICaaNBzO0IZf7SQ-1jhRuiaL8DZ_y6eD6qaJBvHnSAiKhKV-0Hiq6&random=1988088532&ipr=y

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11020464565/?random=20042957&cv=11&fst=1696601582242&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&label=WubnCMrPlpcYELXj-4Yp&hn=www.googleadservices.com&frm=0&tiba=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20&gtm_ee=1&auid=83484479.1696601582&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJOE9ELXFBWVE3TUNNOTh6anVPRkFFaVFBdE1TZko3bEx6YzNCbERacmh1cDhrcll6SVRFaDdUejc3ZTJfUjhsdm9McHRjR3MaV0NoRUk4T0QtcUFZUW1vWDJsZGJ4cFpfN0FSSXNBTmxNaHZBRkwyLTUtWEpFNVNXUWRzV0toakxxWW5vQnRxS1gwSDVudzJHS3JIYmMwM3hpVVBjUzdiUSITCPz2kLXN4YEDFR3HuwgdF84G6Q&is_vtc=1&ocp_id=7hUgZfzHFZ2O7_UPl5ybyA4&cid=CAQSKQDICaaNBzO0IZf7SQ-1jhRuiaL8DZ_y6eD6qaJBvHnSAiKhKV-0Hiq6&random=1988088532&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
138 B 45ms
44ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Oct 2023 10:32:45 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651d151d-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 06 Oct 2023 15:13:02 GMT

GET
H3 200 related-stories Show response
www.ejan.co/api/v1/stories/600e8138-7276-4eb1-9dd3-3015eae23b64/ 6 KB
2 KB 138ms
138ms Fetch
application/json 2606:4700::6812:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ejan.co/api/v1/stories/600e8138-7276-4eb1-9dd3-3015eae23b64/related-stories?section-id=26104&fields=id,metadata,story-template,headline,slug,hero-image-s3-key,hero-image-metadata,author-name,author-id,authors,url,alternative,last-published-at,first-published-at,hero-image-caption

Requested by

Host: fea.assettype.com
URL: https://fea.assettype.com/quintype-ace/assets/app-c4376e8f63ff4a1db579.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

704a5f2b4f32eb60f9477464cb4fb81b57b0ea9c92c208781911ac08a45af496

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
via: 1.1 varnish (Varnish/6.3)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400
x-powered-by: Express
edge-cache-tag: none
x-cache: MISS
edge-control: public,max-age=240
qt-trace-id: 211d481c-2a97-40e6-97ff-cea8125b0bcc
alt-svc: h3=":443"; ma=86400
surrogate-key: none
last-modified: Fri, 06 Oct 2023 11:39:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
x-varnish: 668457943
cache-control: public,max-age=60,s-maxage=10800,stale-while-revalidate=7200,stale-if-error=7200
cf-ray: 811e80b44c8730ed-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
219 B 20ms
19ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1661371357&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&ul=en-us&de=UTF-8&dt=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20%E0%B9%80%E0%B8%9C%E0%B8%A2%20%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%20%E0%B8%84%E0%B8%B7%E0%B8%AD%20%E0%B8%99%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B9%80%E0%B8%89%E0%B8%A2%E0%B9%86%20%E0%B8%82%E0%B8%AD%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B8%9E%E0%B9%88%E0%B8%AD%E0%B9%81%E0%B8%A1%E0%B9%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=162119484&gjid=412470582&cid=156981466.1696601582&tid=UA-106597280-1&_gid=968438074.1696601583&_r=1&_slc=1&gtm=45He3a40n815W27ZQ4&z=1563304512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

902c8c28436e30bc5f2315c28ad0b380fbf0de2c49efa0f1fcf02d7e98b2e64d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 16ms
16ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1661371357&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&ul=en-us&de=UTF-8&dt=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20%E0%B9%80%E0%B8%9C%E0%B8%A2%20%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%20%E0%B8%84%E0%B8%B7%E0%B8%AD%20%E0%B8%99%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B9%80%E0%B8%89%E0%B8%A2%E0%B9%86%20%E0%B8%82%E0%B8%AD%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B8%9E%E0%B9%88%E0%B8%AD%E0%B9%81%E0%B8%A1%E0%B9%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NTG%20article%20milestone&ea=25%25&el=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20%E0%B9%80%E0%B8%9C%E0%B8%A2%20%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%20%E0%B8%84%E0%B8%B7%E0%B8%AD%20%E0%B8%99%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B9%80%E0%B8%89%E0%B8%A2%E0%B9%86%20%E0%B8%82%E0%B8%AD%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B8%9E%E0%B9%88%E0%B8%AD%E0%B9%81%E0%B8%A1%E0%B9%88&ev=0&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=156981466.1696601582&tid=UA-106597280-1&_gid=968438074.1696601583&gtm=45He3a40n815W27ZQ4&z=301873074

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 03:50:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37373
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 659196694732963 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 65ms
65ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/659196694732963?v=2.9.132&r=stable&domain=www.ejan.co

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9b982da4eef4d216a5664812c9b324727558ea9e0bed1b2e00a838f05817628

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 06 Oct 2023 14:13:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: myz/LiEZedA/f9OAFQyV0uUnzUaL6uG/fygEPYZ9hAfeyyD01lQg3tZeZDJxlPBpyVko2Ibvv+FOSRp03wuTOw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 21ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NC32QW73J2&gtm=45je3a40&_p=1661371357&_gaz=1&cid=156981466.1696601582&ul=en-us&ir=1&_eu=EA&_geo=1&_rdi=1&_s=1&sid=1696601582&sct=1&seg=0&dl=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&dt=%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20%E0%B9%80%E0%B8%9C%E0%B8%A2%20%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%20%E0%B8%84%E0%B8%B7%E0%B8%AD%20%E0%B8%99%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B9%80%E0%B8%89%E0%B8%A2%E0%B9%86%20%E0%B8%82%E0%B8%AD%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B8%9E%E0%B9%88%E0%B8%AD%E0%B9%81%E0%B8%A1%E0%B9%88&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NC32QW73J2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 57ms
19ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NC32QW73J2&cid=156981466.1696601582&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NC32QW73J2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 64ms
63ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NC32QW73J2&cid=156981466.1696601582&gtm=45je3a40&aip=1&z=758497235

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/ 421 KB
132 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e13b990ba95d19746bb5ba999bb22823ecaa39f5964725795eb589985d4d496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10866
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135332
x-xss-protection: 0
server: cafe
etag: 13275702515393991500
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 05 Oct 2024 11:11:56 GMT

GET
H2 200 ejan%2F2023-10%2Fbcf07a52-3f82-4440-86f7-0a4dbb0e2b68%2F450.jpg
gumlet.assettype.com/ 41 KB
42 KB 150ms
147ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-10%2Fbcf07a52-3f82-4440-86f7-0a4dbb0e2b68%2F450.jpg?auto=format%2Ccompress&fit=max&format=webp&w=768&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a2c21334654c980aa9ef139dd302c732bb43c0476daf6f21aab18b7cd8ba904c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 06 Oct 2023 11:44:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-oc: HIT
x-gumlet-reqid: ZR/zGnsbfL425Nck
x-amz-cf-pop: FRA60-P2
age: 8916
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.061
alt-svc: h3=":443"; ma=86400
content-length: 41664
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: gumlet.assettype.com 2023-10-06
etag: "19jagtdwrkmbn"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 80LrTcR5bpKSXFBMqTzWQjharrQcztx7fbnFNATmQ2m4rH4uab0U5g==

GET
H2 200 ejan%2F2023-10%2F34f0f647-6e78-49aa-9cb0-ab32745ae8ed%2FqnS58N8Sqh8u3QgNlAiorhDeqTS1svCJqmkBC6ppAQs.jpg
gumlet.assettype.com/ 34 KB
35 KB 148ms
145ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-10%2F34f0f647-6e78-49aa-9cb0-ab32745ae8ed%2FqnS58N8Sqh8u3QgNlAiorhDeqTS1svCJqmkBC6ppAQs.jpg?auto=format%2Ccompress&format=webp&w=768&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f11966cdba6f15433c7f2b44182120f34ca2992a38f8115dffa54d1fc1c65b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 06 Oct 2023 11:44:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-oc: HIT
x-gumlet-reqid: ZR/zGvH65CzarjY1
x-amz-cf-pop: FRA60-P2
age: 8916
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.149
alt-svc: h3=":443"; ma=86400
content-length: 34470
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: gumlet.assettype.com 2023-10-06
etag: "1lomqqhskeca4"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: okFAEAiKqrWftbd3VUee9ADl_0ZLJiDpYD-ha7h_j-H6o6UhZsFHrw==

GET
H2 200 ejan%2F2023-10%2Fe1670f92-eabf-408a-b881-b383552dc090%2FaXDW66dZq_KDMTxzhO70os_d_u7F5FjT_i028PotNvA.jpg
gumlet.assettype.com/ 23 KB
23 KB 146ms
144ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-10%2Fe1670f92-eabf-408a-b881-b383552dc090%2FaXDW66dZq_KDMTxzhO70os_d_u7F5FjT_i028PotNvA.jpg?auto=format%2Ccompress&format=webp&w=768&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

df091271ed69f3fbccf5ede90de760579dba3a8d93cadf8dd1b31c29d2060486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 06 Oct 2023 11:44:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-oc: HIT
x-gumlet-reqid: ZR/zGnsbfL425Ncm
x-amz-cf-pop: FRA60-P2
age: 8916
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.121
alt-svc: h3=":443"; ma=86400
content-length: 23082
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: gumlet.assettype.com 2023-10-06
etag: "3jos30ilriisl"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: HHd1B1ga44ZUD57g9OE9scNzyjtdypbTsP9oB0z25hzbwGeWCphqAw==

GET
H2 200 ejan%2F2023-01%2F804728af-4c8f-4d2f-917b-45193cc684ae%2Fa6b24f0a-2db5-41c1-8e83-c5b0dd9ce7f6.jpg
gumlet.assettype.com/ 4 KB
5 KB 12ms
10ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-01%2F804728af-4c8f-4d2f-917b-45193cc684ae%2Fa6b24f0a-2db5-41c1-8e83-c5b0dd9ce7f6.jpg?auto=format%2Ccompress&fit=max&format=webp&w=160&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

30577f62fe67e604326b95b6b6faa9f4ff9833c382d63c9bdbc1d0ba19f0252e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Jun 2023 22:02:36 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 649f50fcc5309082a9b12dcc
x-amz-cf-pop: FRA60-P2
age: 8439026
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.108
alt-svc: h3=":443"; ma=86400
content-length: 4416
surrogate-key: gumlet.assettype.com 2023-04-27
etag: "2wbdysl1kcenn"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: eWdUWwXvtz6CwWe0eKzQiPMwaLkLz_-Xf5s13bklVrmhfi0GCTlAug==

GET
H2 200 ejan%2F2023-10%2Fc6987ace-783f-46ba-b8e6-03a70a228376%2Fbc5b44b4-0971-4070-ba88-eb9ca1e91ea8.jpg
gumlet.assettype.com/ 5 KB
6 KB 11ms
9ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-10%2Fc6987ace-783f-46ba-b8e6-03a70a228376%2Fbc5b44b4-0971-4070-ba88-eb9ca1e91ea8.jpg?auto=format%2Ccompress&fit=max&format=webp&w=160&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7e3311831d7557cf7f32febf9d39f51312007b0df2e34ddcfe0164b701806107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 06 Oct 2023 11:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-oc: HIT
x-gumlet-reqid: ZR/0tItG2i1Qfobq
x-amz-cf-pop: FRA60-P2
age: 8506
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.063
alt-svc: h3=":443"; ma=86400
content-length: 5343
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: gumlet.assettype.com 2023-10-06
etag: "1r371d0jhqgoy"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: Wl4yn4a3_Wz8OMlcb0AszpHXReb0cqS_40Om6W3oD05_OfM9C-wG7w==

GET
H2 200 ejan%2F2023-10%2F5c9b56d5-36ad-4f9d-ae81-3b3652e2671b%2F7e71e224-214b-4fbb-abea-f0d70fd68d51.jpg
gumlet.assettype.com/ 6 KB
7 KB 13ms
11ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-10%2F5c9b56d5-36ad-4f9d-ae81-3b3652e2671b%2F7e71e224-214b-4fbb-abea-f0d70fd68d51.jpg?auto=format%2Ccompress&fit=max&format=webp&w=160&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fd1599ae8205fe15abfe4f0d1df05f2660f0523dd2bc9a88957340072c991945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 06 Oct 2023 11:51:17 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 651ff4b4105411f74d259cc5
x-amz-cf-pop: FRA60-P2
age: 8505
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.59
alt-svc: h3=":443"; ma=86400
content-length: 6419
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: gumlet.assettype.com 2023-10-06
etag: "xxty5z8rm1hd"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: w_Nejhabq-CI8lGyRr0pBMdbja6sV6HDWXsDTtUHrYqQn9w1WQN0KA==

GET
H2 200 ejan%2F2023-10%2Fd169e855-82ce-4450-be23-a001851ef93d%2F1f3c56b9-085f-4221-8179-53f91d37e2a1.jpg
gumlet.assettype.com/ 5 KB
6 KB 12ms
10ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-10%2Fd169e855-82ce-4450-be23-a001851ef93d%2F1f3c56b9-085f-4221-8179-53f91d37e2a1.jpg?auto=format%2Ccompress&fit=max&format=webp&w=160&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

48c9863c2c63fe93ac666e7be3b7f101807014da5b04de1fcd19976a7e041bb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 06 Oct 2023 11:51:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-oc: HIT
x-gumlet-reqid: ZR/0tI7G9tggrFRX
x-amz-cf-pop: FRA60-P2
age: 8506
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.025
alt-svc: h3=":443"; ma=86400
content-length: 5575
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: gumlet.assettype.com 2023-10-06
etag: "5h5j5wb1j0m6"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 3fYnPMetvgZTAJeY0shnytsBxSpm8KXhMHh6zA5bug08XK1NEVeltw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-106597280-1&cid=156981466.1696601582&jid=162119484&gjid=412470582&_gid=968438074.1696601583&_u=YADAAAAAAAAAAC~&z=993754394

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 06 Oct 2023 14:13:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
91 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NC32QW73J2&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e35d8452970a4282fd8474243ff33e59b7c1f4b24fd9c0843d868b08efe1a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92875
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 14:13:02 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 67ms
66ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-106597280-1&cid=156981466.1696601582&jid=162119484&_u=YADAAAAAAAAAAC~&z=380841578

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 65ms
65ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-106597280-1&cid=156981466.1696601582&jid=162119484&_u=YADAAAAAAAAAAC~&z=380841578

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 27ms
10ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=659196694732963&ev=PageView&dl=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&rl=&if=false&ts=1696601582959&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbc=fb.1.1696601582957.iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&fbp=fb.1.1696601582958.2125418184&ler=empty&it=1696601582793&coo=false&exp=a1&rqm=GET

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 06 Oct 2023 14:13:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 49ms
12ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:10:11 GMT
content-encoding: gzip
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 68573
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: TI-l-ahCTttE3O3UPyTNVBk8DfT1KG-O0B9B5S1Y8zt0CEz26DsmwQ==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 54ms
33ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22253
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrtaDoqd6pMObyQWZIFdZjxpDhpMGEJybcxuUtdYfIXimQjmlLCahtCO0mZcw%2F%2FT7ZUtODWybFZ9hsk8jwxhic%2FyuQ%2FxDeB4x04y%2FOPxp%2FAkH0uHMnZChrCueqa0S2GwhjqaXijtXVpJRdFlEhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 811e80b6988c049f-FRA

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 64ms
7ms Script
text/javascript 2600:9000:2250:ce00:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ce00:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Fri, 06 Oct 2023 05:16:05 GMT
Via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 32219
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: j9Smn_gb0JIyJjrmRifElXTAKWhAJtdiOd0Vo0doBs2IeJaOR1qT2Q==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 137 KB
30 KB 49ms
24ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f97878909c2763c2d7c1219472c3d3130a8007a6ea852049e388ea752fb697

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 10:57:30 GMT
server: cloudflare
x-amz-request-id: 85753XS463EA1579
age: 1095
etag: W/"cc596ad33b7bfdd4553b44192a81e29f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 811e80b6aa803a7c-FRA
x-amz-id-2: wPkylvzmBsPFsmMk70pvNw9B1B6emnoQtSKFx5AfCs3bm1q+xfKWvXrsZn+LusZ1CCl+BkV5Ge8=

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 74ms
15ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 06:02:39 GMT
content-encoding: gzip
age: 979824
x-guploader-uploadid: ADPycdvnsa5qbNLXsslls5qkTaqxJ4Nht9KMRHLRjRzbFD074JHCcvzk-Zeu2g0tC_p5iBT9lBlfO9eApuQ3noHIDW_v3EnPZijy
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 24 Sep 2024 06:02:39 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 14 KB
5 KB 80ms
24ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 17:20:48 GMT
server: cloudflare
age: 332305
etag: W/"650886f0-39ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 811e80b6de631da8-FRA
expires: Mon, 09 Oct 2023 14:13:03 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 68ms
30ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 14:13:03 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 845 B
501 B 334ms
334ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1984550382996053&correlator=3582298833319805&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=21622890900%3A21614983423%2CTH_ejan.co_res_article_mid2_300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280%7C640x360%7C728x90%7C1x1&ifi=1&didk=2218564032&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696601583092&lmt=1696594383&adxs=456&adys=2165&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&vis=1&psz=752x21&msz=300x21&fws=4&ohw=752&ga_vid=156981466.1696601582&ga_sid=1696601583&ga_hid=1661371357&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7NvWqrAxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjv29aqsDFIAFICCGQSGQoKcHViY2lkLm9yZxju29aqsDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y79vWqrAxSABSAghkEhkKCnVpZGFwaS5jb20Y7tvWqrAxSABSAghkEhQKBW9wZW54GO7b1qqwMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y7tvWqrAxSABSAghk&dlt=1696601581616&idt=1396&adks=335918148&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfe460529f92c891a61aa7e73d3c57a9825425abfe2c76342ff98ad4766d5534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 471
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 691 B
355 B 301ms
301ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1984550382996053&correlator=1637131654634885&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=21622890900%3A21614983423%2CTH_ejan.co_res_article_mid1_728x90%2C640x360%2C336x280%2C300x250%2C320x100%2C320x50&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4%2F%2F5%2F%2F6&prev_iu_szs=300x250%7C336x280%7C640x360%7C728x90&ifi=2&didk=3319902685&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696601583108&lmt=1696594383&adxs=456&adys=3469&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&vis=1&psz=752x21&msz=300x21&fws=4&ohw=752&ga_vid=156981466.1696601582&ga_sid=1696601583&ga_hid=1661371357&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7NvWqrAxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjv29aqsDFIAFICCGQSGQoKcHViY2lkLm9yZxju29aqsDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y79vWqrAxSABSAghkEhkKCnVpZGFwaS5jb20Y7tvWqrAxSABSAghkEhQKBW9wZW54GO7b1qqwMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y7tvWqrAxSABSAghk&dlt=1696601581616&idt=1396&adks=1622501688&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d69ba931bbefdb8e8bf212a49fbf3c1b636b0461ebdc8bd8051a3ea37e1f3a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 325
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 30BF 6 KB
3 KB 155ms
46ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:13:03 GMT
expires: Sat, 05 Oct 2024 14:13:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qlitics.js Show response
www.ejan.co/ 12 KB
5 KB 49ms
48ms Script
application/javascript 2606:4700::6812:5bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ejan.co/qlitics.js

Requested by

Host: fea.assettype.com
URL: https://fea.assettype.com/quintype-ace/assets/app-c4376e8f63ff4a1db579.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5bc6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

991531fbdbfe7549cf09e365d6b3f61cc5fcf47df1c021b975d5678ea3f81b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:03 GMT
via: 1.1 varnish (Varnish/6.3)
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400
age: 249
x-powered-by: Express
x-cache: MISS
qt-trace-id: 11d59fd0-2be7-4e46-8d4f-ba0a28178872
alt-svc: h3=":443"; ma=86400
surrogate-key: p/qlitics.js
last-modified: Fri, 06 Oct 2023 13:59:58 GMT
server: cloudflare
vary: Accept-Encoding
x-varnish: 276026377
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=60,s-maxage=600,stale-while-revalidate=7200,stale-if-error=7200
cf-ray: 811e80b69fb230ed-FRA

GET
H2

200

1 Show response
mc.yandex.com/watch/74349289/
Redirect Chain

https://mc.yandex.com/watch/74349289?wmode=7&page-url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&charset=utf-8&uah=chm%0...
https://mc.yandex.com/watch/74349289/1?wmode=7&page-url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&charset=utf-8&uah=chm...

470 B
577 B

47ms
46ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/74349289/1?wmode=7&page-url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A288%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1120%3Acn%3A1%3Adp%3A0%3Als%3A1183670612111%3Ahid%3A500304390%3Az%3A120%3Ai%3A20231006161302%3Aet%3A1696601583%3Ac%3A1%3Arn%3A855798827%3Arqn%3A1%3Au%3A1696601583783280194%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A52%2C20%2C41%2C8%2C0%2C0%2C%2C168%2C19%2C%2C%2C%2C591%3Aco%3A0%3Acpf%3A1%3Ans%3A1696601581496%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1696601583%3At%3A%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20%E0%B9%80%E0%B8%9C%E0%B8%A2%20%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%20%E0%B8%84%E0%B8%B7%E0%B8%AD%20%E0%B8%99%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B9%80%E0%B8%89%E0%B8%A2%E0%B9%86%20%E0%B8%82%E0%B8%AD%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B8%9E%E0%B9%88%E0%B8%AD%E0%B9%81%E0%B8%A1%E0%B9%88&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

49f3da2a329101c3cf4cc54429360ab860a918faa9e8c7761b70a3416bc34503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 06-Oct-2023 14:13:03 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ejan.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 470
x-xss-protection: 1; mode=block
expires: Fri, 06-Oct-2023 14:13:03 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:03 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 06-Oct-2023 14:13:03 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/74349289/1?wmode=7&page-url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A288%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1120%3Acn%3A1%3Adp%3A0%3Als%3A1183670612111%3Ahid%3A500304390%3Az%3A120%3Ai%3A20231006161302%3Aet%3A1696601583%3Ac%3A1%3Arn%3A855798827%3Arqn%3A1%3Au%3A1696601583783280194%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A52%2C20%2C41%2C8%2C0%2C0%2C%2C168%2C19%2C%2C%2C%2C591%3Aco%3A0%3Acpf%3A1%3Ans%3A1696601581496%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1696601583%3At%3A%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20%E0%B9%80%E0%B8%9C%E0%B8%A2%20%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%20%E0%B8%84%E0%B8%B7%E0%B8%AD%20%E0%B8%99%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B9%80%E0%B8%89%E0%B8%A2%E0%B9%86%20%E0%B8%82%E0%B8%AD%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B8%9E%E0%B9%88%E0%B8%AD%E0%B9%81%E0%B8%A1%E0%B9%88&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin: https://www.ejan.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 06-Oct-2023 14:13:03 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 123ms
30ms XHR
application/json 54.77.82.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.82.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-82-203.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 804e0ec8c5c264ab21ce96fdd7b96dabcaa9e292d25a8b871aa9c563951c9a02

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:03 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache
x-server: 10.45.10.187
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
227 B 46ms
14ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ejan.co
date: Fri, 06 Oct 2023 14:13:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 device-tracker-id Show response
prod-analytics.qlitics.com/api/ 60 B
553 B 364ms
102ms XHR
application/json 3.83.71.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-analytics.qlitics.com/api/device-tracker-id
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/qlitics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.83.71.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-71-62.compute-1.amazonaws.com
Software: /
Resource Hash: 25b4942d314ab273d50fb197a90e4b37c9faa2c3f8b27f8da575cedba4395310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:03 GMT
access-control-allow-option: POST, PUT, GET
access-control-max-age: 30
content-type: application/json
access-control-allow-origin: https://www.ejan.co
cache-control: private, no-cache
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with, content-type, origin, accept

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&rid=esp&cc=1

85 B
204 B

118ms
118ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&rid=esp&cc=1
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 1afdfc6363556a7d73b664670e526edfff5d96b7cb780f5da3f9456f834fa1bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:03 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-gj8kz+OPsIIn4pXkBryaBY+MbxM"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ejan.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 06 Oct 2023 14:13:03 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.ejan.co
location: /esp?url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 44C0 15 KB
6 KB 17ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ejan.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:13:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 240649
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 ejan%2F2023-10%2Fd94c0752-9106-4dbd-8cf5-a0185f664bb0%2F__INS________.jpg
gumlet.assettype.com/ 5 KB
5 KB 13ms
11ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-10%2Fd94c0752-9106-4dbd-8cf5-a0185f664bb0%2F__INS________.jpg?auto=format%2Ccompress&fit=max&format=webp&w=160&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a7812bca8bf0d9df5b2199769913c443bb1949ed9344fab1e832e5269564ea82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 07:11:44 GMT
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 651e61b037440682a0da93ca
age: 111679
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.519
alt-svc: h3=":443"; ma=86400
content-length: 4790
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: gumlet.assettype.com 2023-10-05
etag: "2rpedvq2rk7el"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 4emndFWIF69KxM1Q9i-42MnZ0lshSsxNdycr5yDEyaiml5gEdZIyMg==

GET
H3 200 ejan%2F2023-09%2F4cc7dab2-500d-4013-ba31-b01b23c4d1d5%2F_____________YOUTUBE_____0.jpg
gumlet.assettype.com/ 8 KB
8 KB 17ms
14ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-09%2F4cc7dab2-500d-4013-ba31-b01b23c4d1d5%2F_____________YOUTUBE_____0.jpg?auto=format%2Ccompress&fit=max&format=webp&w=160&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d035d0f6310f07013d1df230958dcbaba0f2cf280423b78218a4f4501405743e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Fri, 29 Sep 2023 06:24:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-oc: MISS
age: 632885
x-amz-cf-pop: FRA60-P2
x-gumlet-reqid: ZRZtuikYnzdA30Eu
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.278
alt-svc: h3=":443"; ma=86400
content-length: 7742
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: gumlet.assettype.com 2023-09-29
etag: "9w2qxmxu6b2j"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: udw17igda2wIt4jxNC395fyeVLsDrg4cKKmAqwLSjd3-3LNtk-Qp_w==

GET
H3 200 ejan%2F2023-08%2F1bb7fe06-e5f9-4836-9fce-29dd01d2cfe5%2F_____________YOUTUBE_______.jpg
gumlet.assettype.com/ 7 KB
8 KB 18ms
15ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-08%2F1bb7fe06-e5f9-4836-9fce-29dd01d2cfe5%2F_____________YOUTUBE_______.jpg?auto=format%2Ccompress&fit=max&format=webp&w=160&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

550403ec5b85233f3d21f4755f6ad1fc4934e698d3274c352574e81d88d529fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 01 Oct 2023 11:00:06 GMT
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 65195135364ac25c76b09eb6
age: 443577
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
x-gumlet-runtime: 1.428
alt-svc: h3=":443"; ma=86400
content-length: 7327
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: gumlet.assettype.com 2023-08-29
etag: "228h7x784xwtw"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: WdiNm7hekQc25bnZ74iSIFGHE7UsfNfFNJxOQYRcsQNCuNJdqQLPyQ==

GET
H3 200 ejan%2F2023-08%2Fe13f1779-b97d-4d36-a63b-bfccdbcd92a4%2F__INS___4___________________________.jpg
gumlet.assettype.com/ 6 KB
7 KB 19ms
15ms Image
image/avif 2600:9000:2250:8000:1c:71c5:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/ejan%2F2023-08%2Fe13f1779-b97d-4d36-a63b-bfccdbcd92a4%2F__INS___4___________________________.jpg?auto=format%2Ccompress&fit=max&format=webp&w=160&dpr=1.0

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2250:8000:1c:71c5:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

05c8f92be3dfe29b4cbe1ec304117f7161c5ab7bcc8127abde16b56851d148e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Sep 2023 22:35:12 GMT
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.005, "include_subdomains":true, "failure_fraction":1.0 }
x-gumlet-reqid: 64fcf31f5033e577cb8479d5
age: 2302671
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
x-gumlet-runtime: 0.301
alt-svc: h3=":443"; ma=86400
content-length: 5998
reporting-endpoints: gumlet-nel="https://nel.gumlytics.com/report", default="https://nel.gumlytics.com/report"
surrogate-key: gumlet.assettype.com 2023-08-28
etag: "3erg6q6f6p98g"
access-control-max-age: 3600
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: yIYpd7W5agvpVi1ITI2YwdsRatF4vfI14wHX6NgJDKfDBsFtICIvpQ==

GET
H2

200

sid Show response
mug.criteo.com/ Frame 44C0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ejan.co&sn=ChromeSyncframe&so=0&topUrl=www.ejan.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=p9npQHwyNUlhUUQzUUhhVklqT2tDU3BMenphRXozOHZSMTBxQ05CVk1OM0dhczUzaENyQkNSbkg0NmNxNmFYUk1SZDRlbmozOGMycVNsbi9LMWVKVVNCeEF6RVpMN21WRUd3K1R1bU5BL051NEMyL1hFV2JuZFFUcFoxZ3...

433 B
651 B

194ms
19ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=p9npQHwyNUlhUUQzUUhhVklqT2tDU3BMenphRXozOHZSMTBxQ05CVk1OM0dhczUzaENyQkNSbkg0NmNxNmFYUk1SZDRlbmozOGMycVNsbi9LMWVKVVNCeEF6RVpMN21WRUd3K1R1bU5BL051NEMyL1hFV2JuZFFUcFoxZ3pFTVB4czNoRUowZXo0NVR5T0dyRWhCcXhjTytDcTQrWGNraERING1mVWtDbGo4YWNKWDY5OGdudHVMdkFFRWJYQTBKK05RZDNhbXNFNitodW9kRW1RQmFlb0hiOHhxaUo4ejRTZ2wvRUVETUYvdmI4bDNYZ2thWVVidzNWbi9nemxHaWxkd0tCSlkwTmN4QkpPV0ZUYjdka1o2Y1c0QT09fA&cppv=2

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

80f3723c75c4f0f70ebb6439d14a9a6dfae6e4efd831c86e515c7eddc9cfa033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1252146
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=p9npQHwyNUlhUUQzUUhhVklqT2tDU3BMenphRXozOHZSMTBxQ05CVk1OM0dhczUzaENyQkNSbkg0NmNxNmFYUk1SZDRlbmozOGMycVNsbi9LMWVKVVNCeEF6RVpMN21WRUd3K1R1bU5BL051NEMyL1hFV2JuZFFUcFoxZ3pFTVB4czNoRUowZXo0NVR5T0dyRWhCcXhjTytDcTQrWGNraERING1mVWtDbGo4YWNKWDY5OGdudHVMdkFFRWJYQTBKK05RZDNhbXNFNitodW9kRW1RQmFlb0hiOHhxaUo4ejRTZ2wvRUVETUYvdmI4bDNYZ2thWVVidzNWbi9nemxHaWxkd0tCSlkwTmN4QkpPV0ZUYjdka1o2Y1c0QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 256820
content-length: 0
expires: 0

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10148.P5SwchUzEObNqkTZwQxM4ZIUhSE3r87biKwfVAeUmImgUoGnhwLSVVxrxSA_Prgz.tpI3afG1dEPhijSNIugKZBOHF9Q%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10148.BUyClT4Ny03Cc0ZPdsQjQp1nVjT_W35IrKE0T3inr1DP114FpC89_y1zj5EWA-2Bqk8keJ6rTTUlIulZswHEzB3eSYtPG5Vj5R64wSK6Fd8%2C.yHaqCApT4GdMJZ9CU...

43 B
79 B

45ms
44ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10148.BUyClT4Ny03Cc0ZPdsQjQp1nVjT_W35IrKE0T3inr1DP114FpC89_y1zj5EWA-2Bqk8keJ6rTTUlIulZswHEzB3eSYtPG5Vj5R64wSK6Fd8%2C.yHaqCApT4GdMJZ9CUcCY5-C9eo8%2C

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:03 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10148.BUyClT4Ny03Cc0ZPdsQjQp1nVjT_W35IrKE0T3inr1DP114FpC89_y1zj5EWA-2Bqk8keJ6rTTUlIulZswHEzB3eSYtPG5Vj5R64wSK6Fd8%2C.yHaqCApT4GdMJZ9CUcCY5-C9eo8%2C
date: Fri, 06 Oct 2023 14:13:03 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 json Show response
trc.taboola.com/ejan-ejanco/trc/3/ 90 KB
22 KB 462ms
449ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ejan-ejanco/trc/3/json?tim=16%3A13%3A03.331&lti=deflated&data=%7B%22id%22%3A939%2C%22ii%22%3A%22%2Fworld%2Fec3to6d7sl%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1696508365327%2C%22vi%22%3A1696601583328%2C%22cv%22%3A%2220231005-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%22%2C%22vpi%22%3A%22%2Fworld%2Fec3to6d7sl%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3598%2C%22qs%22%3A%22%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A3420.1875%2C%22mw%22%3A0%2C%22amw%22%3A894%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fworld%2Fec3to6d7sl%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e2e7a7c2a152864f33589e50c187a322bfe85e4e43cf120f5d4a15cb598b75a3

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 443
date: Fri, 06 Oct 2023 14:13:03 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.92125
x-fastly-to-nlb-rtt: 7425
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230128-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1696601583.348941,VS0,VE443
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.ejan.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame C911 0
167 B 62ms
20ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 06 Oct 2023 14:13:03 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 goggen.php
lvs.truehits.in.th/ 91 B
292 B 505ms
504ms Image
image/jpeg 203.154.91.181
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lvs.truehits.in.th/goggen.php?hc=t0032112&rand=279995&bv=0&rf=bookmark&web=DiJXtnoZrit75MRfFwzHIQ%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=E52BDF75.1&fp=d&fv=-&truehitspage=pagename&truehitsurl=https%3a//www.ejan.co/world/ec3to6d7sl?fbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.91.181 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-91-181.inter.net.th
Software: nginx/1.23.3 /
Resource Hash: 44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/jpeg
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.4.1/ 125 KB
34 KB 9ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06dbd194f8dd1ea2dada8e73f5c7ad05157e3821ca00ce6a4cd65845014763c3

Request headers

Referer: https://www.ejan.co/
Origin: https://www.ejan.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:03 GMT
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: VIE50-C2
age: 110884
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 34291
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Thu, 05 Oct 2023 07:24:55 GMT
server: AmazonS3
x-timer: S1696601584.817928,VS0,VE0
etag: "06281ced7888ead68c46169c4976ecd6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: oIkfuCKz0TMqMP1B9szi-8pAw8wAHO5AB7CiWIPmtDEJSU6eRYFhrg==
x-cache-hits: 21493

GET
H2 200 feed-card-placeholder.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 29ms
29ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ejan-ejanco/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 122bbb82786de45f899024e30ba46be0ffe396c5db6d68060671ffd83ab6c76f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: x3LUvMOi.ErsvLi0WZLoUEWSc6EFDRqn
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:13:03 GMT
x-amz-request-id: 654BQYPSSJNKW16M
age: 85098
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: zqtnvcew37b9MR68V3ObCAkN67mik7NkMNOvfoUlkfWzccChuzi+q5pA9b6pwbTa7xK0/tRssYw=
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Thu, 05 Oct 2023 14:34:46 GMT
server: AmazonS3
x-timer: S1696601584.828916,VS0,VE0
etag: "85cba1ea192707579f92c3cb4e1e588d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 7
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 158376

GET
H2 200 userx.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 9ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ejan-ejanco/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2260074041e8fd0d66221a864f90c5e6946fd01f8043bdd96fed3587ccebce86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: YWbsZDzlKwxeakVdEW4iecKrSPOQLf8z
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:13:03 GMT
x-amz-request-id: Y1WAMWEJF42G8KXJ
age: 85014
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: UzzwzNIj3KLAdqyqKXfDVZ5TvUyvQGcBDu3vL7ZXdTrLHx9UaRBSAXmrPp2OnvRLun4XnVOE510=
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Thu, 05 Oct 2023 14:36:10 GMT
server: AmazonS3
x-timer: S1696601584.849682,VS0,VE0
etag: "4738353038981e781d2ef7a3930ffbf5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 68
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 36724

GET
H2 200 distance-from-article.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 10ms
9ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ejan-ejanco/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef1dcaf299e01d8c9274e7640eaba287bbb24be138d81d59a4377883f9c1512c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 0eHZAkXRalpmt8X0UB0UI4pFWBbpfHCn
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:13:03 GMT
x-amz-request-id: HRFT3T59T9ENVG0Z
age: 85117
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1131
x-amz-id-2: hRq+s+DKDSaHa/PPQmFar/LqA4aFoc2VPgyWoG67NWChiwji1SfvogM9B8rFU8JOdfZT0CorCKI=
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Thu, 05 Oct 2023 14:34:26 GMT
server: AmazonS3
x-timer: S1696601584.849998,VS0,VE0
etag: "7b19a6b6aab01474d6430893f66cf7d9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 11
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 173278

GET
H2 200 article-detection.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 10ms
9ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ejan-ejanco/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8256a3552d7b5718e1893c202df5514114c7f824a817a566bd90341e1329585d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: cV9mHHhZtc5TvN6Df8K2LcdEVn4lrYsn
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:13:03 GMT
x-amz-request-id: JKZNC6YFCNZE9M9N
age: 85148
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: ct4gB0V0I/D1ZYveHeIMd5WAaLI28VrdkE0xwdS4QMyNZyhO5VF2GMSNr5hvY3par/A3yDRBbbo=
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Thu, 05 Oct 2023 14:33:56 GMT
server: AmazonS3
x-timer: S1696601584.849946,VS0,VE0
etag: "4f9543a2a53bc9619f111dff09bce430"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 22
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 173234

GET
H2 200 explore-more.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 8ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ejan-ejanco/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfbf1436bf452e5623d63496ca8ec4fecd68b518f2b8f461f4a62d3c8f1cd55c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: nzLq9ONcfE_htyhLXO9NsXqaHJwe93dv
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:13:03 GMT
x-amz-request-id: 1FQVM9AHBSD1C0WW
age: 85104
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7705
x-amz-id-2: UyTBp1aud+6A241hiHqJF0TYu/3OxJhnx+QaFWR5qvuIzIuurNk0RC2amUh5PGVUZu06SiFU4AYulEAwRNE5pg==
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Thu, 05 Oct 2023 14:34:40 GMT
server: AmazonS3
x-timer: S1696601584.874389,VS0,VE0
etag: "b01b35aca56f500625fb346048afd931"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 91
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 82623

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 7ms
7ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:13:03 GMT
x-amz-request-id: 0R9XQHAA5Q1ZDC2Q
age: 61
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: MkI6vMFxHgM3ZVV9S+UeT9PE5jyReG3BVKLcXsx3HwZ8PMgvnFA1z8I5XykG/Hk432UfiS+ju9w=
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1696601584.891753,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 50
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 87

GET
H2 204 abtests
am-trc-events.taboola.com/ejan-ejanco/log/3/ 0
230 B 63ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ejan-ejanco/log/3/abtests?route=AM:AM:V&tvi48=10638&tvi50=9864&lti=deflated&ri=49f9d86e8ecc21731f15719c84a00162&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&pi=/world/ec3to6d7sl&wi=6912960585753951466&pt=text&vi=1696601583328&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1696601583824%7D&tim=16%3A13%3A03.824&id=6174&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/ejan-ejanco/log/3/ 0
231 B 63ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ejan-ejanco/log/3/supply-feature?route=AM:AM:V&tvi48=10638&tvi50=9864&lti=deflated&ri=49f9d86e8ecc21731f15719c84a00162&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&pi=/world/ec3to6d7sl&wi=6912960585753951466&pt=text&vi=1696601583328&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A13%3A03.870&id=3653&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 social
am-trc-events.taboola.com/ejan-ejanco/log/3/ 0
230 B 39ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ejan-ejanco/log/3/social?route=AM:AM:V&tvi48=10638&tvi50=9864&lti=deflated&ri=49f9d86e8ecc21731f15719c84a00162&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&pi=/world/ec3to6d7sl&wi=6912960585753951466&pt=text&vi=1696601583328&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%E0%B8%88%E0%B8%B2%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%20%E0%B8%AA%E0%B8%B9%E0%B9%88%E0%B8%84%E0%B8%99%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%87%E0%B8%B2%E0%B8%99%20%E0%B9%80%E0%B8%9C%E0%B8%A2%20%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%20%E0%B8%84%E0%B8%B7%E0%B8%AD%20%E0%B8%99%E0%B8%B1%E0%B9%88%E0%B8%87%E0%B9%80%E0%B8%89%E0%B8%A2%E0%B9%86%20%E0%B8%82%E0%B8%AD%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B8%9E%E0%B9%88%E0%B8%AD%E0%B9%81%E0%B8%A1%E0%B9%88%22%2C%22sec%22%3A%22%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%95%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%22%2C%22aut%22%3A%5B%22%E0%B9%81%E0%B8%9E%E0%B8%97%E0%B8%95%E0%B8%B5%E0%B9%89%20%E0%B8%AD%E0%B8%B5%E0%B8%88%E0%B8%B1%E0%B8%99%22%5D%2C%22img%22%3A%22https%3A%2F%2Fgumlet.assettype.com%2Fejan%2F2023-10%2Fbcf07a52-3f82-4440-86f7-0a4dbb0e2b68%2F450.jpg%3Fw%3D1200%26h%3D675%26auto%3Dformat%252Ccompress%26fit%3Dmax%26enlarge%3Dtrue%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=16%3A13%3A03.961&id=4606&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/ejan-ejanco/log/3/ 0
230 B 17ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ejan-ejanco/log/3/abtests?route=AM:AM:V&tvi48=10638&tvi50=9864&lti=deflated&ri=49f9d86e8ecc21731f15719c84a00162&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&pi=/world/ec3to6d7sl&wi=6912960585753951466&pt=text&vi=1696601583328&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1696601583977%7D&tim=16%3A13%3A03.978&id=9792&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 6eb434de2d0deff71b80e94162e6a6d9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 9ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6eb434de2d0deff71b80e94162e6a6d9.png
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 47dd0c4ec56f11d0b658ae2333d48d02a52ee4ead61edd6373955e1c8729d7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 14:13:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6eb434de2d0deff71b80e94162e6a6d9.png
age: 382275
edge-cache-tag: 611531404336449796444706107906946886115,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 611531404336449796444706107906946886115,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 144
expiration: expiry-date="Fri, 20 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.abendblatt.de/
content-length: 14272
x-backend-name: CH_nlb801
x-served-by: cache-iad-kiad7000126-IAD, cache-iad-kiad7000106-IAD, cache-iad-kcgs7200090-IAD, cache-fra-eddf8230128-FRA
last-modified: Tue, 19 Sep 2023 23:35:41 GMT
server: nginx
surrogate-reporting: width=726,height=403,bytes=31420,owidth=800,oheight=403,obytes=470191
x-timer: S1696601584.993842,VS0,VE1
etag: "dc07e0a57de094ed71ea64f7458908c4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 158, 1

GET
H2 200 f35d1a1dd4842e141f0aa0d6c714aaf5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 7ms
6ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f35d1a1dd4842e141f0aa0d6c714aaf5.jpg
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f1d5c3e415dc05009b4bb6c9b8565dd48fa6d5561f6d462e2ff433995fb479fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 06 Oct 2023 14:13:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f35d1a1dd4842e141f0aa0d6c714aaf5.jpg
age: 5558826
edge-cache-tag: 595204566173544709461290426420914311544,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 595204566173544709461290426420914311544,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 248
expiration: expiry-date="Sat, 05 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.journalistate.com/
content-length: 19662
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200021-IAD, cache-iad-kcgs7200124-IAD, cache-lax10681-LGB, cache-iad-kiad7000035-IAD, cache-fra-eddf8230128-FRA
last-modified: Wed, 05 Jul 2023 12:27:10 GMT
server: nginx
x-timer: S1696601584.993884,VS0,VE0
etag: "5170457e3e2e1e11bde2fd6585f7f363"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 566, 7

GET
H2 200 a6ef026eedf0f78b810d298fb3677df9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
28 KB 7ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6ef026eedf0f78b810d298fb3677df9.jpg
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dea68ee80eb0ee1eecf08e86a8a31dbfa74e6cb5a7645205c853f3e0c4749d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 06 Oct 2023 14:13:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6ef026eedf0f78b810d298fb3677df9.jpg
age: 4458615
edge-cache-tag: 414664492881501274373442407555399830282,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 414664492881501274373442407555399830282,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 124
expiration: expiry-date="Thu, 31 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tag24.de/
content-length: 28298
x-backend-name: LA_nlb202
x-served-by: cache-iad-kiad7000050-IAD, cache-iad-kiad7000159-IAD, cache-lax10646-LGB, cache-iad-kiad7000053-IAD, cache-fra-eddf8230128-FRA
last-modified: Mon, 31 Jul 2023 18:35:12 GMT
server: nginx
x-timer: S1696601584.994471,VS0,VE0
etag: "2c5e52dc2a761db7d1c47b54ce58bf8d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 39, 1, 3660, 6

GET
H2 200 010265c674156b11c5a7f0548effca2a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_534%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
23 KB 8ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_534%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/010265c674156b11c5a7f0548effca2a.png
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 932b15881c734b61b5efb4ccac47222b4e50a733a6ec8acb4791804e00a8efad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 06 Oct 2023 14:13:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_534%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/010265c674156b11c5a7f0548effca2a.png
age: 1605300
edge-cache-tag: 566384033220055394941780511940138429506,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 566384033220055394941780511940138429506,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 356
req-referer: https://www.hoerzu.de/
content-length: 23078
x-request-id: 952ef747c92321fcdeaada4cf6b44c2a
x-backend-name: LA_nlb202
x-served-by: cache-iad-kjyo7100158-IAD, cache-iad-kjyo7100158-IAD, cache-lax10630-LGB, cache-iad-kcgs7200059-IAD, cache-fra-eddf8230128-FRA
last-modified: Mon, 18 Sep 2023 00:06:23 GMT
server: nginx
surrogate-reporting: width=1600,height=888,bytes=78981,owidth=1600,oheight=900,obytes=1520715
x-timer: S1696601584.994717,VS0,VE0
etag: "26f7346ccb0045e95d724c180ee055d8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 29, 2

GET
H2 200 5f6039a2106dbbcf34bbdca862f39792.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_534%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 87 KB
87 KB 11ms
11ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_534%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f6039a2106dbbcf34bbdca862f39792.jpg
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d9fd273ed44f001ca26bd90c3e9581e8ed7e7d674adf586a4b7b24ecd6d89bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 5
date: Fri, 06 Oct 2023 14:13:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_534%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f6039a2106dbbcf34bbdca862f39792.jpg
age: 2309249
edge-cache-tag: 384672721441747443254367159911346136591,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 384672721441747443254367159911346136591,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 253
expiration: expiry-date="Sat, 30 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.heftig.de/
content-length: 88716
x-backend-name: US_nlb101
x-served-by: cache-iad-kjyo7100051-IAD, cache-iad-kjyo7100028-IAD, cache-iad-kiad7000063-IAD, cache-fra-eddf8230128-FRA
last-modified: Wed, 30 Aug 2023 14:33:10 GMT
server: nginx
x-timer: S1696601584.995140,VS0,VE5
etag: "91a44f952e39322cd2b008b96a355890"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 791, 1

GET
H2 200 adbda4d14c4b427e7a2d9a838696b4e1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
13 KB 7ms
6ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/adbda4d14c4b427e7a2d9a838696b4e1.png
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b91bfb76990accab2e438f0099269a80825ca79588ecd2b76c363f1c5972681

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/adbda4d14c4b427e7a2d9a838696b4e1.png
age: 1513524
edge-cache-tag: 530998512591053026041645068387000615143,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 530998512591053026041645068387000615143,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 198
expiration: expiry-date="Sun, 24 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.abendblatt.de/
content-length: 12272
x-backend-name: LA_nlb203
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kjyo7100114-IAD, cache-sna10739-LGB, cache-iad-kiad7000170-IAD, cache-fra-eddf8230128-FRA
last-modified: Thu, 24 Aug 2023 15:39:29 GMT
server: nginx
surrogate-reporting: width=1200,height=666,owidth=1200,oheight=800,obytes=882311
x-timer: S1696601584.008058,VS0,VE0
etag: "0ed2a4795e9292077497fc5f05c4adc6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 5, 1, 6034, 5

GET
H2 200 31c431056b091aea1ef4b804aeacee0d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 8ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/31c431056b091aea1ef4b804aeacee0d.png
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5daf17273fc1289a5615a1b1fa4a3b9d94a05111e5d39fabb0373f0a83cda440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/31c431056b091aea1ef4b804aeacee0d.png
age: 340552
edge-cache-tag: 521905498663367633710541409358798272650,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 521905498663367633710541409358798272650,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 127
req-referer: https://www.mopo.de/
content-length: 19626
x-request-id: 2d848f851b94580f7880597e8b7c6504
x-backend-name: US_nlb101
x-served-by: cache-iad-kjyo7100062-IAD, cache-iad-kiad7000136-IAD, cache-iad-kiad7000083-IAD, cache-fra-eddf8230128-FRA
last-modified: Mon, 02 Oct 2023 15:37:13 GMT
server: nginx
surrogate-reporting: width=1024,height=569,bytes=82775,owidth=1024,oheight=833,obytes=1076910
x-timer: S1696601584.008711,VS0,VE0
etag: "176f21614becd7aace57b750afa1c630"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 27

GET
H2 200 7ba43e01c0de8dff7ba06782b71e2c82.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 9ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ba43e01c0de8dff7ba06782b71e2c82.jpeg
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d7c688c42ab7b521ec860e4aa65a27d1597ef8f8b1f53921ae38f94e3a61ec26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ba43e01c0de8dff7ba06782b71e2c82.jpeg
age: 2073276
edge-cache-tag: 624731661350146502830850001238637782154,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 624731661350146502830850001238637782154,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 241
expiration: expiry-date="Thu, 28 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.t-online.de/
content-length: 19258
x-backend-name: CH_nlb801
x-served-by: cache-iad-kcgs7200158-IAD, cache-iad-kiad7000060-IAD, cache-iad-kiad7000051-IAD, cache-fra-eddf8230128-FRA
last-modified: Mon, 28 Aug 2023 10:35:35 GMT
server: nginx
surrogate-reporting: width=620,height=345,owidth=1200,oheight=900,obytes=110291
x-timer: S1696601584.008685,VS0,VE0
etag: "96ae547a7a3ee1cc95ff84e2b77100fc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 18778, 88

GET
H2 200 6f57a6327d9ce4f69fbbcfbf9c5ae48b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_534%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
23 KB 9ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_534%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f57a6327d9ce4f69fbbcfbf9c5ae48b.jpg
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 08e602a6b0a07ac6522783a06dd7fc0e8e948edb7bf16521e2f8d108a1400f9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_534%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f57a6327d9ce4f69fbbcfbf9c5ae48b.jpg
age: 2102479
edge-cache-tag: 441492885137662097379391034780010030481,375361956145911532770880688210604790165,29ecf9b93bbf306179626feeda1fab70
cache-tag: 441492885137662097379391034780010030481,375361956145911532770880688210604790165,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 138
expiration: expiry-date="Fri, 15 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tips-and-tricks.co/
content-length: 23144
x-backend-name: LA_nlb203
x-served-by: cache-iad-kjyo7100085-IAD, cache-iad-kjyo7100047-IAD, cache-lax10646-LGB, cache-iad-kiad7000063-IAD, cache-fra-eddf8230128-FRA
last-modified: Tue, 15 Aug 2023 14:08:57 GMT
server: nginx
surrogate-reporting: width=960,height=534,owidth=3200,oheight=1800,obytes=611654
x-timer: S1696601584.009106,VS0,VE1
etag: "112bc360126ab4dce689a1e777fdc993"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 4821, 1

GET
H2 200 c1deeb4d3e8a2c4b1de2d8a641624510.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_534%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 86 KB
87 KB 9ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_534%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c1deeb4d3e8a2c4b1de2d8a641624510.jpg
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92ceade1800b58d9c09144ba0391f90f9146c49a51d781a2bc22f60604fd2694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_534%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c1deeb4d3e8a2c4b1de2d8a641624510.jpg
age: 2525043
edge-cache-tag: 558358744401578134655255791687347760808,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 558358744401578134655255791687347760808,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 328
expiration: expiry-date="Sat, 30 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lablue.de/
content-length: 88320
x-backend-name: CH_nlb801
x-served-by: cache-iad-kjyo7100077-IAD, cache-iad-kjyo7100123-IAD, cache-iad-kiad7000054-IAD, cache-fra-eddf8230128-FRA
last-modified: Wed, 30 Aug 2023 14:55:22 GMT
server: nginx
x-timer: S1696601584.009077,VS0,VE1
etag: "a49e382ed0e5a35a5e6d625a043acbfc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 25, 1

GET
H2 200 ejan%252F2023-10%252F6cfe4d3c-d4aa-4739-8ce4-e43970fe31e8%252Fwow_0.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ 67 KB
68 KB 96ms
96ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F6cfe4d3c-d4aa-4739-8ce4-e43970fe31e8%252Fwow_0.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dd3a8d6dcb3f3c1036cb795d42f70999ce3fa29113b12d0961592f0b52b7a332

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F6cfe4d3c-d4aa-4739-8ce4-e43970fe31e8%252Fwow_0.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
age: 1201
edge-cache-tag: 411316368433464271148309891099741226015,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 411316368433464271148309891099741226015,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 824
req-referer: https://www.ejan.co/
content-length: 68190
x-request-id: e90855eb1ad8faedc75a17f7e764db24
x-backend-name: LA_nlb204
x-served-by: cache-iad-kcgs7200109-IAD, cache-iad-kcgs7200048-IAD, cache-sna10738-LGB, cache-iad-kcgs7200078-IAD, cache-fra-eddf8230128-FRA
last-modified: Fri, 06 Oct 2023 10:49:56 GMT
server: nginx
surrogate-reporting: width=1260,height=630,bytes=112699,owidth=1200,oheight=628,obytes=114276
x-timer: S1696601584.012354,VS0,VE89
etag: "65dca090b5d43b8417b9559ed6c9fc42"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 0

GET
H2 200 ejan%252F2023-10%252F9b72d0e9-1b6e-4b14-8824-4fe93f990cda%252F__INS____________0.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ 40 KB
41 KB 95ms
95ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F9b72d0e9-1b6e-4b14-8824-4fe93f990cda%252F__INS____________0.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9791d39e69ea6e53854706f62279abba14659b6df8130a8f79ef2bffaa894207

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F9b72d0e9-1b6e-4b14-8824-4fe93f990cda%252F__INS____________0.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
age: 276030
edge-cache-tag: 451042261866861720486592151541434639603,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 451042261866861720486592151541434639603,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 600
req-referer: https://www.ejan.co/
content-length: 41218
x-request-id: 2200559edbbb89aedea58ab08530eee4
x-backend-name: LA_nlb201
x-served-by: cache-iad-kjyo7100137-IAD, cache-iad-kiad7000175-IAD, cache-sna10728-LGB, cache-iad-kcgs7200174-IAD, cache-fra-eddf8230128-FRA
last-modified: Tue, 03 Oct 2023 03:47:41 GMT
server: nginx
surrogate-reporting: width=1260,height=630,bytes=90690,owidth=1200,oheight=628,obytes=86715
x-timer: S1696601584.015326,VS0,VE89
etag: "f2af74f2c1281e1fd000ae24190a749f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 9, 0

GET
H2 200 ejan%252F2023-10%252F23007c51-7dcd-4334-bfd1-52e62b2ea4a0%252F__ins__________0.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ 103 KB
104 KB 97ms
95ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F23007c51-7dcd-4334-bfd1-52e62b2ea4a0%252F__ins__________0.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d5906fda1523048cd72d527a5d0b6c6fa336603abcec23dfc77481c7fb7a3cec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F23007c51-7dcd-4334-bfd1-52e62b2ea4a0%252F__ins__________0.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
age: 344403
edge-cache-tag: 375258688295962348587617969907862476730,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 375258688295962348587617969907862476730,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 887
req-referer: https://www.ejan.co/
content-length: 105384
x-request-id: 56e54e8d6ff5fc0df87d2615ed4ebdf7
x-backend-name: LA_nlb204
x-served-by: cache-iad-kiad7000115-IAD, cache-iad-kiad7000146-IAD, cache-sna10745-LGB, cache-iad-kiad7000023-IAD, cache-fra-eddf8230128-FRA
last-modified: Mon, 02 Oct 2023 11:46:46 GMT
server: nginx
surrogate-reporting: width=1260,height=630,bytes=145727,owidth=1200,oheight=666,obytes=150237
x-timer: S1696601584.018325,VS0,VE89
etag: "769eb2befd32073b4038b6b4a1371072"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 11, 0

GET
H2 200 ejan%252F2023-10%252F3c6ca955-64c0-4a24-8e60-f03e02ac7ecb%252F__INS_________0.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ 57 KB
57 KB 98ms
96ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F3c6ca955-64c0-4a24-8e60-f03e02ac7ecb%252F__INS_________0.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cc75d8881e88abd0132cde9eee726aaac4905d70fd2a096092ac66845e1ec27f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F3c6ca955-64c0-4a24-8e60-f03e02ac7ecb%252F__INS_________0.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
age: 10075
edge-cache-tag: 334547745031831832795657848211147620334,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 334547745031831832795657848211147620334,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 766
req-referer: https://www.ejan.co/
content-length: 58048
x-request-id: 79d99f156ca4f6a0c54d5da7fd2641f5
x-backend-name: CH_nlb802
x-served-by: cache-iad-kiad7000127-IAD, cache-iad-kiad7000160-IAD, cache-iad-kiad7000069-IAD, cache-fra-eddf8230128-FRA
last-modified: Fri, 06 Oct 2023 09:18:00 GMT
server: nginx
surrogate-reporting: width=1260,height=630,bytes=107059,owidth=1200,oheight=628,obytes=107922
x-timer: S1696601584.018330,VS0,VE89
etag: "614677875bf66e17c86a66d7837bdfdf"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0

GET
H2 200 ejan%252F2023-09%252Fa36dabba-fcc7-4936-b33a-d7909ba6fb92%252F__ins_____.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ 29 KB
30 KB 9ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-09%252Fa36dabba-fcc7-4936-b33a-d7909ba6fb92%252F__ins_____.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f329e63c5354c535a0e6b2c17941e027987a896f3b9a6c82ac956201f33bafb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-09%252Fa36dabba-fcc7-4936-b33a-d7909ba6fb92%252F__ins_____.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
age: 280814
edge-cache-tag: 533615474393548386841789251873796928468,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
cache-tag: 533615474393548386841789251873796928468,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 587
req-referer: https://www.ejan.co/
content-length: 29560
x-request-id: 02e5f509460744e5057e6d1691295168
x-backend-name: CH_nlb801
x-served-by: cache-iad-kcgs7200095-IAD, cache-iad-kjyo7100047-IAD, cache-iad-kjyo7100066-IAD, cache-fra-eddf8230128-FRA
last-modified: Thu, 28 Sep 2023 04:40:21 GMT
server: nginx
surrogate-reporting: width=660,height=330,bytes=49776,owidth=1200,oheight=666,obytes=135043
x-timer: S1696601584.018722,VS0,VE1
etag: "9c8756f1d8f2f31044760ce504e0490d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 4, 1

GET
H2 200 6eb434de2d0deff71b80e94162e6a6d9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 8ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6eb434de2d0deff71b80e94162e6a6d9.png
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 10a59f50b8d253cc34381b086b946a5f677b44600b248c8d84421165b0d4b7a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6eb434de2d0deff71b80e94162e6a6d9.png
age: 1398040
edge-cache-tag: 611531404336449796444706107906946886115,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 611531404336449796444706107906946886115,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 221
expiration: expiry-date="Fri, 20 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://cashroadster.com/
content-length: 19368
x-backend-name: US_nlb101
x-served-by: cache-iad-kiad7000032-IAD, cache-iad-kjyo7100137-IAD, cache-iad-kcgs7200025-IAD, cache-fra-eddf8230128-FRA
last-modified: Tue, 19 Sep 2023 23:35:41 GMT
server: nginx
surrogate-reporting: width=726,height=403,bytes=31420,owidth=800,oheight=403,obytes=470191
x-timer: S1696601584.018707,VS0,VE1
etag: "dc07e0a57de094ed71ea64f7458908c4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 35, 1

GET
H2 200 f35d1a1dd4842e141f0aa0d6c714aaf5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 30 KB
31 KB 8ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f35d1a1dd4842e141f0aa0d6c714aaf5.jpg
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bb1a25926ad58e37f5ac9b8e4164d29eee9c03ce16a7f7bafdeaa34c7634674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f35d1a1dd4842e141f0aa0d6c714aaf5.jpg
age: 2699804
edge-cache-tag: 595204566173544709461290426420914311544,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 595204566173544709461290426420914311544,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 373
expiration: expiry-date="Sat, 09 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.abendblatt.de/
content-length: 30930
x-backend-name: LA_nlb201
x-served-by: cache-iad-kcgs7200124-IAD, cache-iad-kcgs7200124-IAD, cache-sna10735-LGB, cache-iad-kiad7000128-IAD, cache-fra-eddf8230128-FRA
last-modified: Wed, 09 Aug 2023 07:46:26 GMT
server: nginx
x-timer: S1696601584.027869,VS0,VE1
etag: "5170457e3e2e1e11bde2fd6585f7f363"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 17, 1, 559, 1

GET
H2 200 ejan%252F2023-09%252Fb8b9bb06-aaf7-4b52-95ea-0728659e5a85%252F__INS_________101_.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ 20 KB
21 KB 16ms
16ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-09%252Fb8b9bb06-aaf7-4b52-95ea-0728659e5a85%252F__INS_________101_.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ddf454a513421b70b6f0e6b97913e9d59b01b46bf92b79ba2af4b62ab42cdf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-09%252Fb8b9bb06-aaf7-4b52-95ea-0728659e5a85%252F__INS_________101_.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
age: 953551
edge-cache-tag: 369116858346862390553085144793837244321,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 369116858346862390553085144793837244321,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 448
req-referer: https://www.ejan.co/
content-length: 20580
x-request-id: b3c05c82c649d424b6ed401ef13c4d7b
x-backend-name: CH_nlb801
x-served-by: cache-iad-kcgs7200098-IAD, cache-iad-kiad7000125-IAD, cache-iad-kjyo7100164-IAD, cache-fra-eddf8230128-FRA
last-modified: Mon, 25 Sep 2023 12:15:35 GMT
server: nginx
surrogate-reporting: width=620,height=345,bytes=43879,owidth=1200,oheight=628,obytes=80598
x-timer: S1696601584.028808,VS0,VE2
etag: "0bf9ea1f36e157f6b1db83cf1c37a525"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 4, 1

GET
H2 200 ejan%252F2023-10%252F81c0737c-4860-48ca-8abe-7c9ea91a1c63%252FIMG_2466.jpeg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ 20 KB
21 KB 9ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F81c0737c-4860-48ca-8abe-7c9ea91a1c63%252FIMG_2466.jpeg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6904b4f866006c5acf394688ee283752b3faf4ade43e6babca1d0cb3abfe3b68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F81c0737c-4860-48ca-8abe-7c9ea91a1c63%252FIMG_2466.jpeg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
age: 183129
edge-cache-tag: 582206196499168774964515212103963082477,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 582206196499168774964515212103963082477,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 880
req-referer: https://www.ejan.co/
content-length: 20866
x-request-id: 89774d4142a35643baf253d8bf5fb4ff
x-backend-name: US_nlb101
x-served-by: cache-iad-kcgs7200076-IAD, cache-iad-kiad7000172-IAD, cache-iad-kcgs7200141-IAD, cache-fra-eddf8230128-FRA
last-modified: Wed, 04 Oct 2023 10:14:37 GMT
server: nginx
surrogate-reporting: width=620,height=345,bytes=62641,owidth=1200,oheight=628,obytes=92738
x-timer: S1696601584.036256,VS0,VE1
etag: "7d20d8905c5b61e3d9dc1ffe62366bc7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 8, 1

GET
H2 200 ejan%252F2023-10%252F040092bb-322f-4f60-a3e6-853b906244cd%252F__INS_________12_.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ 13 KB
14 KB 10ms
10ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F040092bb-322f-4f60-a3e6-853b906244cd%252F__INS_________12_.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 79eb553cdf325afc736fcb1366cbfa4aa8062caea51cd82c78df2c681ec99a39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F040092bb-322f-4f60-a3e6-853b906244cd%252F__INS_________12_.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
age: 263975
edge-cache-tag: 424045752560305152043102468678382364837,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 424045752560305152043102468678382364837,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 613
req-referer: https://www.ejan.co/
content-length: 13392
x-request-id: df3acae57c7a93f598cd3d3e410c5b4a
x-backend-name: CH_nlb804
x-served-by: cache-iad-kiad7000088-IAD, cache-iad-kiad7000112-IAD, cache-iad-kcgs7200121-IAD, cache-fra-eddf8230128-FRA
last-modified: Tue, 03 Oct 2023 12:42:12 GMT
server: nginx
surrogate-reporting: width=620,height=345,bytes=34353,owidth=1200,oheight=628,obytes=71648
x-timer: S1696601584.047186,VS0,VE2
etag: "5370193d41a980650e94db1344dd4124"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 4, 1

GET
H2 200 ejan%252F2023-09%252Fa369cb81-3c23-430b-ab6f-26a0e512ef48%252F__INS________.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ 28 KB
29 KB 30ms
29ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-09%252Fa369cb81-3c23-430b-ab6f-26a0e512ef48%252F__INS________.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 13ecf8b655a13c535040f5780fc05749d95940f5084c39dab4faf88517fbf0ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 18
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-09%252Fa369cb81-3c23-430b-ab6f-26a0e512ef48%252F__INS________.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
age: 596171
edge-cache-tag: 521540796017581615204043919432195881820,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 521540796017581615204043919432195881820,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 525
req-referer: https://www.ejan.co/
content-length: 29036
x-request-id: 2e6cc828073b8d660b734a7127af0e6a
x-backend-name: LA_nlb202
x-served-by: cache-iad-kcgs7200099-IAD, cache-iad-kcgs7200021-IAD, cache-lax10627-LGB, cache-iad-kjyo7100046-IAD, cache-fra-eddf8230128-FRA
last-modified: Fri, 29 Sep 2023 12:02:27 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=73185,owidth=1200,oheight=628,obytes=80517
x-timer: S1696601584.051351,VS0,VE18
etag: "cf159317d180f89b769bb6d1a50a9e39"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 ejan%252F2023-10%252F7bc62044-5ad2-45aa-b73a-eee73ee22be7%252F__INS_________58_.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ 41 KB
42 KB 8ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F7bc62044-5ad2-45aa-b73a-eee73ee22be7%252F__INS_________58_.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c0a978b042decc10d2e9f74826d12357e713afcf68ffe84cab1a1d3a2bb421c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252F7bc62044-5ad2-45aa-b73a-eee73ee22be7%252F__INS_________58_.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
age: 359780
edge-cache-tag: 441151530471545643131499626427253754318,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 441151530471545643131499626427253754318,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 609
req-referer: https://www.ejan.co/
content-length: 41572
x-request-id: 9b0a53be970debb4f4e9bed83b85fa99
x-backend-name: LA_nlb203
x-served-by: cache-iad-kcgs7200037-IAD, cache-iad-kjyo7100051-IAD, cache-sna10739-LGB, cache-iad-kiad7000137-IAD, cache-fra-eddf8230128-FRA
last-modified: Mon, 02 Oct 2023 10:16:44 GMT
server: nginx
surrogate-reporting: width=1129,height=628,bytes=109274,owidth=1200,oheight=628,obytes=106497
x-timer: S1696601584.056244,VS0,VE2
etag: "9acd8ea9d56de8b6604cad09303b5e9e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 6, 0, 4, 1

GET
H2 200 010265c674156b11c5a7f0548effca2a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 14ms
14ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/010265c674156b11c5a7f0548effca2a.png
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 22448f459d343be586255d8f7f412d32ac59a854ee4a193e037170a55c7bccac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/010265c674156b11c5a7f0548effca2a.png
age: 1605299
edge-cache-tag: 566384033220055394941780511940138429506,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 566384033220055394941780511940138429506,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 279
req-referer: https://www.tag24.de/dresden/lokales/die-letzten-geheimnisse-vom-eliasfriedhof-2956727
content-length: 22292
x-request-id: 952ef747c92321fcdeaada4cf6b44c2a
x-backend-name: CH_nlb803
x-served-by: cache-iad-kjyo7100158-IAD, cache-iad-kiad7000084-IAD, cache-iad-kjyo7100074-IAD, cache-fra-eddf8230128-FRA
last-modified: Mon, 18 Sep 2023 00:06:23 GMT
server: nginx
surrogate-reporting: width=1600,height=888,bytes=78981,owidth=1600,oheight=900,obytes=1520715
x-timer: S1696601584.066607,VS0,VE0
etag: "26f7346ccb0045e95d724c180ee055d8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 10

GET
H2 200 adbda4d14c4b427e7a2d9a838696b4e1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 8ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/adbda4d14c4b427e7a2d9a838696b4e1.png
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 144f00d0275151ffcc291cb3b0d5ec284e374f06e5b16f5e701f0eea455c9d60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/adbda4d14c4b427e7a2d9a838696b4e1.png
age: 543617
edge-cache-tag: 530998512591053026041645068387000615143,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 530998512591053026041645068387000615143,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 314
req-referer: https://www.abendblatt.de/
content-length: 19496
x-request-id: be2f2dd6f47d5642942e836975eb264f
x-backend-name: CH_nlb803
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kiad7000026-IAD, cache-iad-kjyo7100105-IAD, cache-fra-eddf8230128-FRA
last-modified: Sun, 24 Sep 2023 22:23:18 GMT
server: nginx
surrogate-reporting: width=1200,height=666,bytes=61127,owidth=1200,oheight=800,obytes=882311
x-timer: S1696601584.082147,VS0,VE0
etag: "0ed2a4795e9292077497fc5f05c4adc6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 47, 3

GET
H2 200 ejan%252F2023-10%252Fc1f7109a-d008-49ab-8ef3-f4cd8f2b7273%252F__INS_________88_.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ 25 KB
26 KB 8ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252Fc1f7109a-d008-49ab-8ef3-f4cd8f2b7273%252F__INS_________88_.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d2fdd6091846f289b6ab419232a60af5684a36f45478263e03b029d24de0455e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252Fc1f7109a-d008-49ab-8ef3-f4cd8f2b7273%252F__INS_________88_.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
age: 251702
edge-cache-tag: 458037084287769323628849700496848418842,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 458037084287769323628849700496848418842,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 613
req-referer: https://www.ejan.co/
content-length: 25826
x-request-id: 15ce6dfe0c7f7414b40f2d92d54ec200
x-backend-name: US_nlb103
x-served-by: cache-iad-kjyo7100155-IAD, cache-iad-kjyo7100043-IAD, cache-iad-kjyo7100026-IAD, cache-fra-eddf8230128-FRA
last-modified: Tue, 03 Oct 2023 12:55:20 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=70028,owidth=1200,oheight=628,obytes=75319
x-timer: S1696601584.082370,VS0,VE1
etag: "3df243d068df8fe7eb44945c18697cfd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 7, 1

GET
H2 200 ejan%252F2023-10%252Fcd99aed6-212c-4d46-ab8d-c91292bbc86c%252F_________CCTV___.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ 18 KB
19 KB 9ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252Fcd99aed6-212c-4d46-ab8d-c91292bbc86c%252F_________CCTV___.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 447a14153bb1e6f9debb360b1fab448a9905d88eff4a6ca2cd248daeece706cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gumlet.assettype.com/ejan%252F2023-10%252Fcd99aed6-212c-4d46-ab8d-c91292bbc86c%252F_________CCTV___.jpg%3Fw%3D1200%26auto%3Dformat%252Ccompress%26ogImage%3Dtrue%26enlarge%3Dtrue
age: 228145
edge-cache-tag: 620338951172732765688132356109309531849,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 620338951172732765688132356109309531849,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 611
req-referer: https://www.ejan.co/
content-length: 18340
x-request-id: 6169fcd37e67d9a440961f928c5c1d61
x-backend-name: US_nlb105
x-served-by: cache-iad-kjyo7100139-IAD, cache-iad-kjyo7100109-IAD, cache-iad-kiad7000074-IAD, cache-fra-eddf8230128-FRA
last-modified: Tue, 03 Oct 2023 15:17:27 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=56635,owidth=1200,oheight=628,obytes=60850
x-timer: S1696601584.090443,VS0,VE2
etag: "4f1a02a7af9c0e8223c4fbd9ba64642d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 4, 1

GET
H2 204 supply-feature
am-trc-events.taboola.com/ejan-ejanco/log/3/ 0
230 B 22ms
22ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ejan-ejanco/log/3/supply-feature?route=AM:AM:V&tvi48=10638&tvi50=9864&lti=deflated&ri=49f9d86e8ecc21731f15719c84a00162&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&pi=/world/ec3to6d7sl&wi=6912960585753951466&pt=text&vi=1696601583328&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2211.1875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A13%3A04.068&id=6101&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/ejan-ejanco/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ejan-ejanco/log/2/debug?tim=16%3A13%3A04.082&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=8183&cv=20231005-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13572

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 138ms
53ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Oct 2023 14:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 13:45:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Oct 2023 14:13:04 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
69 KB 47ms
46ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2bbdea1641907d8624ed5fff410ac82a57e6328332422a0118067115a0c92af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Oct 2023 10:34:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651d1575-114b6"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70838
expires: Fri, 06 Oct 2023 15:13:04 GMT

GET
H2 200 spa-detector.20231005-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 8ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20231005-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ejan-ejanco/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07484cc5c4459104a809bfb7d227ac3beaaf0424da333e640669339201943e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: lQH2_VFKv6gmc4GuKBb9CZFD.KKQHW7I
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:13:04 GMT
x-amz-request-id: TRP7HVREC19SVYBD
age: 85050
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 778
x-amz-id-2: m96c2tOlFN9fmVISRZFmhcRnXfayd9W3CqHGzNBY0ZwOV3fsN8C32UuTxWxcQMjEMt+wiTsJYZg=
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Thu, 05 Oct 2023 14:35:34 GMT
server: AmazonS3
x-timer: S1696601584.099107,VS0,VE0
etag: "2d2ae3a73b62b76cf931a21826ba643a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 59
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 84973

GET
H2 204 supply-feature
am-trc-events.taboola.com/ejan-ejanco/log/3/ 0
230 B 17ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ejan-ejanco/log/3/supply-feature?route=AM:AM:V&tvi48=10638&tvi50=9864&lti=deflated&ri=49f9d86e8ecc21731f15719c84a00162&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&pi=/world/ec3to6d7sl&wi=6912960585753951466&pt=text&vi=1696601583328&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A13%3A04.084&id=4653&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/ejan-ejanco/log/3/ 0
230 B 17ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ejan-ejanco/log/3/supply-feature?route=AM:AM:V&tvi48=10638&tvi50=9864&lti=deflated&ri=49f9d86e8ecc21731f15719c84a00162&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&pi=/world/ec3to6d7sl&wi=6912960585753951466&pt=text&vi=1696601583328&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A13%3A04.093&id=5832&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/ejan-ejanco/log/3/ 0
230 B 18ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ejan-ejanco/log/3/abtests?route=AM:AM:V&tvi48=10638&tvi50=9864&lti=deflated&ri=49f9d86e8ecc21731f15719c84a00162&sd=v2_9161402c5e3693d44e4783d393cafa29_15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f_1696601583_1696601583_CNawjgYQqcJZGODd1qqwMSABKAEwODib4wlAgYoQSMX_3wNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&pi=/world/ec3to6d7sl&wi=6912960585753951466&pt=text&vi=1696601583328&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1696601584093%7D&tim=16%3A13%3A04.093&id=8618&llvl=2&cv=20231005-5-RELEASE&
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158497/5936/ 212 KB
64 KB 78ms
21ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158497/5936/pwt.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/ats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f028f694053d9d222b2c8c8aff6af8d4b343ceb049b431ed224210f849012da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:46:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=60312
accept-ranges: bytes
content-length: 65589
expires: Sat, 07 Oct 2023 06:58:16 GMT

GET
H2 200 ptag.js Show response
tag.adbro.me/tags/ 33 KB
10 KB 95ms
17ms Script
application/javascript 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/tags/ptag.js
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03b7408e2d9bcfdb98511ff6bfdff230f88131bb392de3cdedc29e5a69547d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 20 Sep 2023 12:16:25 GMT
content-md5: aI6jVg06ru5WecHXr4cMcg==
age: 1156
server: cloudflare
cf-polished: origSize=62708
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 811e80be6ac03610-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 8tvoo2ti.js Show response
tag.adbro.me/configs/ 1 KB
724 B 409ms
332ms Script
application/javascript 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.adbro.me/configs/8tvoo2ti.js
Requested by: Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f83e36b12b7b05a4e352f21d75c5dfb1a79475f6ca90da45a3761e2f24e83e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 22 Jun 2023 12:21:16 GMT
server: cloudflare
cf-polished: origSize=1954
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 811e80be6ac33610-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 202ms
91ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31d1acc0c288903c49aaf73efd6403c6778cb78a180ba3c16e1c45fc38840764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12037
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 630B 577 B
484 B 204ms
203ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&cmcv=&pix=undefined&cb=1696601584382&uv=3345&tms=1696601584382&abt=eidc_vB!expl_vE!nonrv_vA!ufm_vD!uftchrwf_vC!unf_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4d97dcb0-d7ee-4a5f-aba0-c4076d840e8e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ce2b5c8723b180ca163cdb56dcc80043c3a2649efc85003257aed8256f84fdb1

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 06 Oct 2023 14:13:04 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230128-FRA
x-timer: S1696601584.390195,VS0,VE196

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 68C0 439 B
524 B 23ms
15ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 9ce58bd865caaa866b09ebd63ebaafff6ffcacbc4acfc7e941d6eea98a83086b

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 06 Oct 2023 14:13:04 GMT
machineid: 3406
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
995 B 944ms
941ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696601584390&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1558&pt=-1330655982&tz=120&viewable=true&ddast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3135285&dpubid=552925&abtst=eidc_vB!expl_vE!nonrv_vA!ufm_vD!uftchrwf_vC!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fwww.ejan.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d5114460588fbbcabf495ce05187f1cbbdd10afdc7776511b17046e068e053c0

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 06 Oct 2023 14:13:05 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1441
x-cache: MISS
x-served-by: cache-fra-eddf8230128-FRA
pragma: no-cache
server: nginx
x-timer: S1696601584.397565,VS0,VE916
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 54ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&cmcv=&pix=31589837&cb=1696601584382&uv=3345&tms=1696601584382&abt=eidc_vB!expl_vE!nonrv_vA!ufm_vD!uftchrwf_vC!unf_vC&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1696601581496.9!ts:1696601584382&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
content-length: 0
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 68C0 70 B
149 B 122ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 68C0 43 B
426 B 149ms
42ms Image
image/gif 2a05:d018:d29:3601:bf41:b326:fa86:2937
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:bf41:b326:fa86:2937 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 68C0 0
125 B 75ms
11ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
29 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/359/ats.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33406ec7b140b95b3ad6980aa476febefe3063532e97d051610cb411f60a227b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30144
x-xss-protection: 0
server: cafe
etag: 282 / 19636 / 31078612 / config-hash: 12631718780053314049
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 14:13:04 GMT

GET
H2 200 prebid_2023_9_15_10_34_31.js Show response
anymind360.com/js/359/ 472 KB
150 KB 12ms
10ms Script
application/javascript 151.101.65.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/359/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e98411f0ef293c650626dfb58775f4c0d6b0b14032252166b15a131046c55c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Mon, 02 Oct 2023 17:02:00 GMT
date: Fri, 06 Oct 2023 14:13:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 318460
x-guploader-uploadid: ADPycdsERmDWhPSINd0BwDOm13iu4_mzpsJpzsUezLfufUos9c109FXijCf1YMdZGqV57BKgfig
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 152825
x-served-by: cache-tyo11945-TYO, cache-fra-eddf8230085-FRA
last-modified: Fri, 15 Sep 2023 10:34:48 GMT
server: UploadServer
x-timer: S1696601584.443216,VS0,VE4
etag: "054b397d5a790b5392a69b39a999a24c"
vary: Accept-Encoding
x-goog-generation: 1694774088766048
x-goog-hash: crc32c=ED2TeA==, md5=BUs5fVp5C1OSpps5qZmiTA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=31536000, public
x-goog-stored-content-length: 152825
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-cache-hits: 11, 1

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 255 KB
63 KB 42ms
9ms Script
application/javascript 18.66.110.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:31:18 GMT
content-encoding: gzip
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 19:43:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P5
age: 2507
etag: W/"e1caada96468a3b669d0d0cc6ec9a23c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Tl-y7CnqwLa1s8mfnjSP2pDqBuuXF_unxK5sRRLsgSkkZTkNh9e_GQ==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 36ms
20ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c550961c64fcfc26e556c028ef9747b25f32e5eb0fc45a20a2ef0d87ee52e8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 36294
x-jsd-version: 1.0.1834
content-encoding: br
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"63f-zdz8vCIamZSvo1edzkJrU6FjXkY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCVkrtUikuNY0ymBHMsiJ5q83zGpeqUyIMGPX3%2BIK7kreqoITWLRgVgGKBj4Qu8nxw9RMU6lohYbo7oid6hlKsfs7s4AES3WkXah16CgGlwNKPHw7PN5s%2FtA%2BsalYaqh3H5%2BGANaTTsg2PFubFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 811e80bf4ed24d28-FRA

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
396 B 329ms
29ms XHR
text/plain 52.18.11.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.18.11.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-11-220.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace: https://tracing.smaato.net/api/traces/9ec35059104af0f460eeba5ff97e8e0a?prettyPrint=true
access-control-allow-origin: https://www.ejan.co
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: a0f10ab6-df4b-6514-95ed-5f350742d47d

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
395 B 349ms
49ms XHR
text/plain 52.18.11.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.18.11.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-11-220.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace: https://tracing.smaato.net/api/traces/7ecb14a54008092a09e023f22571a0f5?prettyPrint=true
access-control-allow-origin: https://www.ejan.co
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 3921ff09-2d66-218b-2575-3076da19defe

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
396 B 361ms
62ms XHR
text/plain 52.18.11.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.18.11.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-11-220.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace: https://tracing.smaato.net/api/traces/36321768fb8bee82c76a7aafa5292b46?prettyPrint=true
access-control-allow-origin: https://www.ejan.co
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 914d3e3a-09ef-112d-2c3c-1dedff98dc4f

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
395 B 359ms
61ms XHR
text/plain 52.18.11.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.18.11.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-11-220.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace: https://tracing.smaato.net/api/traces/ae56d75154029a7c225f752d4ecaa4ef?prettyPrint=true
access-control-allow-origin: https://www.ejan.co
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 774b9d2f-5a1a-9e35-5a85-724ebb6b0b10

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
396 B 358ms
60ms XHR
text/plain 52.18.11.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.18.11.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-11-220.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace: https://tracing.smaato.net/api/traces/d6400063261b65eaa3915d9d3b78650b?prettyPrint=true
access-control-allow-origin: https://www.ejan.co
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 0edf9248-8298-5f2e-3215-399fb58b1cfa

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
395 B 360ms
63ms XHR
text/plain 52.18.11.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.18.11.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-11-220.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace: https://tracing.smaato.net/api/traces/f14f8c6f02826223e8379701aa5746f0?prettyPrint=true
access-control-allow-origin: https://www.ejan.co
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: fb727443-8aaa-1a91-3508-66452f4af13f

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
190 B 325ms
30ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=19520863280&lsavail=0

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ejan.co
date: Fri, 06 Oct 2023 14:13:04 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
158 B 73ms
48ms XHR
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.ejan.co
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
158 B 56ms
31ms XHR
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.ejan.co
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
159 B 61ms
30ms XHR
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.ejan.co
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
158 B 70ms
46ms XHR
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.ejan.co
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
246 B 308ms
18ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e0161237accae5795027e9d86b460a67d5cde41645336638f324569a71292b4d

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.ejan.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
555 B 339ms
128ms XHR
application/json 18.159.182.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&tmax=2000

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.182.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-182-232.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status: 29, 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 297ms
14ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ejan.co
date: Fri, 06 Oct 2023 14:13:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 53 B
615 B 293ms
14ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
an-x-request-uuid: 13a1d8b7-1441-4f72-a6b8-39dba20c0ab9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ejan.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.161; 185.213.155.161; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 53
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
378 B 343ms
64ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ejan.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 06 Oct 2023 14:13:04 GMT

POST
H2 204 2710969 Show response
bs.yandex.ru/prebid/ 0
428 B 437ms
159ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2710969?imp-id=1&target-ref=www.ejan.co&ssp-id=10500
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
last-modified: Fri, 06 Oct 2023 14:13:04 GMT
x-yandex-req-id: 1696601584861488-1561808036009557465700328-production-app-host-sas-pcode-182
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.ejan.co
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Fri, 06 Oct 2023 14:13:04 GMT

POST
H2 200 2710969 Show response
bs.yandex.ru/prebid/ 102 KB
18 KB 559ms
281ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/2710969?imp-id=2&target-ref=www.ejan.co&ssp-id=10500
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e15d6204a47457a4287f3c014d9400c7213337d35f06dec9c35d777f1c034a54

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

x-ya-format-type: banner-tgo-media
date: Fri, 06 Oct 2023 14:13:05 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1696601584862678-813954626929414200000193-production-app-host-vla-pcode-137
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-ya-request-id: 1696601584862678-813954626929414200000193-production-app-host-vla-pcode-137
x-ya-product-type: direct
uniformat-product-type: Direct
pragma: no-cache
last-modified: Fri, 06 Oct 2023 14:13:05 GMT
uniformat: true
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ejan.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Fri, 06 Oct 2023 14:13:05 GMT

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
333 B 283ms
19ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:03 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
333 B 284ms
21ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
553 B 300ms
36ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
333 B 284ms
22ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
333 B 284ms
21ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
333 B 283ms
21ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
333 B 302ms
18ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
333 B 310ms
24ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
333 B 306ms
20ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
333 B 306ms
21ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
333 B 303ms
18ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
333 B 316ms
18ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
2 KB 446ms
175ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU3VM41V
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 7fead0910087c78ad231902e6d9d2d4dcf28c256ba43056ba8b79abe3f29acf9

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ejan.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 14:13:04 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 5 KB
2 KB 416ms
151ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=398455
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83b3125a195efad653d60987bbebbb1d99b9e3e8a53963c238fae109f3c1a780

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiwMcSB9ykh3xDAqsjZB8GsCQQZvUrdjgJQ2igqwxzTeKQYSnD6X7gVE91LpTZKu6WIQWPzC1FGXIEeRaiJ2Y%2BZWckwFdDNpDllTq5jhLTU3R6ir0pboPAhr%2FzlX%2FEHJI7nO9cs5"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 811e80c14cf99249-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 1005 B
2 KB 501ms
242ms XHR
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=357596&zone_id=2052502%3B1922706%3B1922700%3B1922704%3B2825216%3B3017878&size_id=2%3B2%3B15%3B15%3B15%3B2&alt_size_ids=55%2C57%3B55%3B2%2C16%2C198%2C221%3B2%2C16%2C198%3B16%3B55&rp_schain=1.0,1!anymanager.io,A198,1,,,&rf=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&kw=%E0%B9%80%E0%B8%94%E0%B9%87%E0%B8%81%E0%B8%AD%E0%B8%B1%E0%B8%88%E0%B8%89%E0%B8%A3%E0%B8%B4%E0%B8%A2%E0%B8%B0%2C%E0%B8%9B.%E0%B9%80%E0%B8%AD%E0%B8%81%2C%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%A8%E0%B8%B6%E0%B8%81%E0%B8%A9%E0%B8%B2%2C%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%A8%E0%B8%B6%E0%B8%81%E0%B8%A9%E0%B8%B2%E0%B8%AD%E0%B8%B2%E0%B8%A2%E0%B8%B8%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%A2%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B9%83%E0%B8%99%E0%B8%88%E0%B8%B5%E0%B8%99%2C%E0%B8%88%E0%B8%B5%E0%B8%99%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%95%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%81%E0%B8%9B%E0%B8%A5%E0%B8%81%2C%E0%B8%88%E0%B8%B2%E0%B8%87%E0%B8%8B%E0%B8%B4%E0%B8%99%E0%B8%AB%E0%B8%A2%E0%B8%B2%E0%B8%87%2C%E0%B9%80%E0%B8%AB%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%8D%E0%B8%97%E0%B8%AD%E0%B8%87%2C%E0%B8%A7%E0%B8%B4%E0%B8%97%E0%B8%A2%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%A7%E0%B8%B4%E0%B8%A8%E0%B8%A7%E0%B8%81%E0%B8%A3%E0%B8%A3%E0%B8%A1%E0%B8%A8%E0%B8%B2%E0%B8%AA%E0%B8%95%E0%B8%A3%E0%B9%8C%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B8%88%E0%B8%B4%E0%B8%99%2C%E0%B9%81%E0%B8%82%E0%B9%88%E0%B8%87%E0%B8%82%E0%B8%B1%E0%B8%99%E0%B8%84%E0%B8%93%E0%B8%B4%E0%B8%95%E0%B8%A8%E0%B8%B2%E0%B8%AA%E0%B8%95%E0%B8%A3%E0%B9%8C%2C%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%A8%E0%B8%B6%E0%B8%81%E0%B8%A9%E0%B8%B2%E0%B8%9B%E0%B8%A3%E0%B8%B4%E0%B8%8D%E0%B8%8D%E0%B8%B2%E0%B9%80%E0%B8%AD%E0%B8%81%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%AD%E0%B8%B2%E0%B8%A2%E0%B8%B8%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%A2%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B9%83%E0%B8%99%E0%B8%88%E0%B8%B5%E0%B8%99%2C%E0%B8%A1%E0%B8%93%E0%B8%91%E0%B8%A5%E0%B9%80%E0%B8%AB%E0%B8%A5%E0%B8%B5%E0%B8%A2%E0%B8%A7%E0%B8%AB%E0%B8%99%E0%B8%B4%E0%B8%87&tg_i.domain=ejan.co&tg_i.page=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&tg_i.pbadslot=ats-insert_ads-1%3Bats-overlay_bottom-4%3Bdiv-gpt-ad-1617003382415-0%3Bdiv-gpt-ad-1617352165923-0%3Bats-insert_ads-10%3Bats-insert_ads-16&tk_flint=pbjs_lite_v7.54.4&x_source.tid=d6036a1c-a00d-4936-a668-46469886f156%3Bce448bdd-aba5-4f7b-a47b-75448bfa64dd%3B2e0e585a-032a-41d9-87d2-a2bbb6f6fe1f%3B7c2f6a02-fbe3-4b0f-a21f-f2ace16df017%3B5b19650b-d41b-4c4f-b45e-f616c8c4c4ad%3B5e5786d7-f07f-4a88-a546-52648e62732b&l_pb_bid_id=88ab304e577415a%3B891d0d1a998287c%3B908b51907ad93f5%3B91be3c9450c0ab7%3B9243b2aaedbf68b%3B93c0a32e7a5adc2&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d6036a1c-a00d-4936-a668-46469886f156%3Bce448bdd-aba5-4f7b-a47b-75448bfa64dd%3B2e0e585a-032a-41d9-87d2-a2bbb6f6fe1f%3B7c2f6a02-fbe3-4b0f-a21f-f2ace16df017%3B5b19650b-d41b-4c4f-b45e-f616c8c4c4ad%3B5e5786d7-f07f-4a88-a546-52648e62732b&rp_maxbids=1&p_gpid=%2F21622890900%2C21614983423%2FTH_ejan.co_res_allsite_masthead_970x250%2F%2F970x90%2F%2F728x90%2F%2F320x100%2F%2F320x50%3B%2F21622890900%2C21614983423%2FTH_ejan.co_pc_allsite_anchor_970x90%2F%2F728x90%3B%2F21622890900%2C21614983423%2FTH_ejan.co_res_article_mid2_300x250%2F%2F336x280%3B%2F21622890900%2C21614983423%2FTH_ejan.co_res_article_mid3_728x90%2F%2F640x360%2F%2F336x280%2F%2F300x250%2F%2F320x100%2F%2F320x50%2F%2F300x600%3B%2F21622890900%2C21614983423%2FTH_ejan.co_res_article_1x1%3B%2F21622890900%2C21614983423%2FTH_ejan.co_res_article_top_728x90%2F%2F970x90%2F%2F320x50%2F%2F320x100&slots=6&rand=0.8036377713457608
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9b6f7d604b0b9b29e61a0e105b0b793c5f634af5135b9afd8c8c58f06d5b2745

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:05 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 437
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 298ms
52ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 14:13:04 GMT

GET
H2 200 db25e772-a50a-4abc-826c-f029cd5364e4 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
803 B 226ms
8ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/db25e772-a50a-4abc-826c-f029cd5364e4
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2c1b4ffd3d6aae45c5e5ae3fde9374daf632286062b7cda71f5ebd893cada986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:19:11 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3233
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: KaDZ-fn2MDAUcwsFbLBAFkkdptW0MuhqKg6-8EFPXVF-WgoQTncMiw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 12ms
12ms XHR
text/plain 18.66.110.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ejan.co&pubid=db25e772-a50a-4abc-826c-f029cd5364e4
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-17.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:08:04 GMT
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
age: 299
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.ejan.co
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: _XYNaQ2ww8bJy8Cu_rsJYMyM0dlEcTju87VHdkbAFSkqDDlwgER2rw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
460 B 261ms
57ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&pid=YykYDfggD0Khe&cb=0&ws=1600x1200&v=23.919.1525&t=2000&slots=%5B%7B%22sd%22%3A%22ats-insert_ads-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21622890900%2C21614983423%2FTH_ejan.co_res_allsite_masthead_970x250%2F%2F970x90%2F%2F728x90%2F%2F320x100%2F%2F320x50%22%7D%2C%7B%22sd%22%3A%22ats-overlay_bottom-4%22%2C%22s%22%3A%5B%22970x90%22%2C%22729x90%22%5D%2C%22sn%22%3A%22%2F21622890900%2C21614983423%2FTH_ejan.co_pc_allsite_anchor_970x90%2F%2F728x90%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1617003382415-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22728x90%22%2C%22640x360%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F21622890900%2C21614983423%2FTH_ejan.co_res_article_mid2_300x250%2F%2F336x280%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1617352165923-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22728x90%22%2C%22640x360%22%5D%2C%22sn%22%3A%22%2F21622890900%2C21614983423%2FTH_ejan.co_res_article_mid3_728x90%2F%2F640x360%2F%2F336x280%2F%2F300x250%2F%2F320x100%2F%2F320x50%2F%2F300x600%22%7D%2C%7B%22sd%22%3A%22ats-insert_ads-10%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F21622890900%2C21614983423%2FTH_ejan.co_res_article_1x1%22%7D%5D&schain=1.0%2C1!anymanager.io%2C359%2C1%2C%2C%2C&pubid=db25e772-a50a-4abc-826c-f029cd5364e4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: S78D192QMH65VXQWAZA7
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ejan.co
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 1ysfYtOAYwqH_RVBVUCNFRaGIdWcG_otxDRfaqYL2PmotqNIRnS7sA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 22ms
7ms XHR
application/javascript 18.66.110.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
date: Fri, 06 Oct 2023 05:39:27 GMT
x-amz-cf-pop: FRA56-P5
age: 30817
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 1SItKuvtC6KBXcypafHmt7sG8R1pbSaDN2c_BRQUMh0D2x7g8PNmlQ==

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 630B 70 B
148 B 34ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&cmcv=&pix=undefined&cb=1696601584382&uv=3345&tms=1696601584382&abt=eidc_vB!expl_vE!nonrv_vA!ufm_vD!uftchrwf_vC!unf_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4d97dcb0-d7ee-4a5f-aba0-c4076d840e8e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 630B 43 B
425 B 36ms
35ms Image
image/gif 2a05:d018:d29:3601:bf41:b326:fa86:2937
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&cmcv=&pix=undefined&cb=1696601584382&uv=3345&tms=1696601584382&abt=eidc_vB!expl_vE!nonrv_vA!ufm_vD!uftchrwf_vC!unf_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4d97dcb0-d7ee-4a5f-aba0-c4076d840e8e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:bf41:b326:fa86:2937 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 306ms
11ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ejan.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.ejan.co
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Fri, 06 Oct 2023 14:13:04 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 305ms
12ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ejan.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.ejan.co
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Fri, 06 Oct 2023 14:13:04 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 304ms
11ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ejan.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.ejan.co
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Fri, 06 Oct 2023 14:13:04 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 305ms
12ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ejan.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.ejan.co
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Fri, 06 Oct 2023 14:13:04 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1DCF 281 B
554 B 102ms
8ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&cmcv=&pix=undefined&cb=1696601584382&uv=3345&tms=1696601584382&abt=eidc_vB!expl_vE!nonrv_vA!ufm_vD!uftchrwf_vC!unf_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4d97dcb0-d7ee-4a5f-aba0-c4076d840e8e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 06 Oct 2023 14:13:04 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1DCF 36 KB
11 KB 12ms
11ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 14:13:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 22:01:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=27965
Connection: keep-alive
Content-Length: 10539
Expires: Fri, 06 Oct 2023 21:59:09 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 1DCF 7 B
380 B 91ms
10ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 717C 13 KB
5 KB 86ms
44ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 110160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 07:37:05 GMT
expires: Fri, 04 Oct 2024 07:37:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 98C8 829 B
559 B 113ms
80ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9ee0cd43140a2e81a4e98e5f334e8b9a9c09daf2ab093241e09c896d53b42432

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-91vgwDDu7_9DlSb3jCtqnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-91vgwDDu7_9DlSb3jCtqnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:13:05 GMT
expires: Fri, 06 Oct 2023 14:13:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 bulk Show response
trc.taboola.com/ejan-ejanco/log/3/ 0
307 B 57ms
16ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ejan-ejanco/log/3/bulk?tvi48=10638&tvi50=9864&route=AM%3AAM%3AV&lti=deflated&bulkSize=10
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 11
date: Fri, 06 Oct 2023 14:13:05 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7817
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230128-FRA
pragma: no-cache
server: nginx
x-timer: S1696601585.020692,VS0,VE11
content-type: image/gif
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
718 B 24ms
5ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Fri, 06 Oct 2023 14:13:05 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 27923
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1696601585.150878,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 87
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 20879

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 78 KB
25 KB 658ms
655ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1984550382996053&correlator=500169642720944&eid=44801493%2C676982996&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=21622890900%3A21614983423%2CTH_ejan.co_pc_allsite_anchor_970x90%2C728x90%2CTH_ejan.co_mb_allsite_interstitial_300x600%2C160x600%2C120x600%2C300x250%2C336x280%2CTH_ejan.co_res_article_mid2_300x250&enc_prev_ius=%2F0%2F1%2F%2F2%2C%2F0%2F3%2F%2F4%2F%2F5%2F%2F6%2F%2F7%2C%2F0%2F8%2F%2F7&prev_iu_szs=970x90%7C729x90%2C1x1%2C300x250%7C336x280%7C640x360%7C728x90%7C1x1&ifi=3&didk=590274413~3331996133~2218564032&sfv=1-0-40&rcs=0%2C0%2C1&ists=2&fas=0%2C8%2C0&eri=1&sc=1&cookie=ID%3D4d870ea52b25bfb2%3AT%3D1696601583%3ART%3D1696601583%3AS%3DALNI_Ma7qP0j1CppjPg9F_htzuJLOjXkog&gpic=UID%3D00000c8f9d3f354b%3AT%3D1696601583%3ART%3D1696601583%3AS%3DALNI_MY3BkZ3zUcWQDMtbIyMXDOWwQGieg&abxe=1&dt=1696601585269&lmt=1696594385&adxs=0%2C-9%2C456&adys=4%2C-9%2C1971&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C3&ucis=3%7C4%7C1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&vis=1&psz=1600x1%7C0x-1%7C752x0&msz=970x0%7C0x-1%7C300x21&fws=132%2C2%2C132&ohw=1600%2C0%2C752&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=156981466.1696601582&ga_sid=1696601583&ga_hid=1661371357&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7NvWqrAxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjv29aqsDFIAFICCGQSGQoKcHViY2lkLm9yZxjM3NaqsDFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y79vWqrAxSABSAghkEhkKCnVpZGFwaS5jb20Y7tvWqrAxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVptWmxTR2huUWsxUlluRllPRk40TWpCb1NsQnhRVDA5SW4wPRiD39aqsDFIABIbCgxpZDUtc3luYy5jb20YjN3WqrAxSABSAghq&dlt=1696601581616&idt=1396&prev_scp=amznbid%3D2%26amznp%3D2%7C%7Camznbid%3D2%26amznp%3D2%26ats_hb_bid%3Dtrue%26ats_hb_pb%3D0.01%26hb_format%3Dbanner%26hb_adid%3D984018e48bb7631%26hb_size%3D300x250%26ats_hb_bidder%3Dix&cust_params=url%3D%252Fworld%252Fec3to6d7sl%26ref%3Dnull%26param%253Afbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&adks=4159779603%2C2789466354%2C335918148&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e03d7b0025c81a76175e08b83f61726ea3327f9ec554a829f20f0c9fef46661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 213202,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25074
x-xss-protection: 0
google-lineitem-id: -1,-2,5854012962
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,138374718060
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 414ms
412ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1984550382996053&correlator=500169642720944&eid=44801493%2C676982996&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=21622890900%3A21614983423%2CTH_ejan.co_res_allsite_masthead_970x250%2C970x90%2C728x90%2C320x100%2C320x50&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4%2F%2F5&prev_iu_szs=728x90%7C970x250%7C970x90&ifi=6&didk=2825456940&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4d870ea52b25bfb2%3AT%3D1696601583%3ART%3D1696601583%3AS%3DALNI_Ma7qP0j1CppjPg9F_htzuJLOjXkog&gpic=UID%3D00000c8f9d3f354b%3AT%3D1696601583%3ART%3D1696601583%3AS%3DALNI_MY3BkZ3zUcWQDMtbIyMXDOWwQGieg&abxe=1&dt=1696601585289&lmt=1696594385&adxs=436&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&vis=1&psz=1600x20&msz=728x0&fws=132&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=156981466.1696601582&ga_sid=1696601583&ga_hid=1661371357&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7NvWqrAxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjv29aqsDFIAFICCGQSGQoKcHViY2lkLm9yZxjM3NaqsDFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y79vWqrAxSABSAghkEhkKCnVpZGFwaS5jb20Y7tvWqrAxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVptWmxTR2huUWsxUlluRllPRk40TWpCb1NsQnhRVDA5SW4wPRiD39aqsDFIABIbCgxpZDUtc3luYy5jb20YjN3WqrAxSABSAghq&dlt=1696601581616&idt=1396&prev_scp=amznbid%3D2%26amznp%3D2%26ats_hb_bid%3Dtrue%26ats_hb_pb%3D0.02%26hb_format%3Dbanner%26hb_adid%3D965f1d0e51288bb%26hb_size%3D970x250%26ats_hb_bidder%3Dix&cust_params=url%3D%252Fworld%252Fec3to6d7sl%26ref%3Dnull%26param%253Afbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&adks=1830099629&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d644ec48b51b6014608ab60060300c6269877c11b464adccffd286929f7ecab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12130
x-xss-protection: 0
google-lineitem-id: 5854036314
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374718051
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
20 KB 268ms
266ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1984550382996053&correlator=500169642720944&eid=44801493%2C676982996&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=21622890900%3A21614983423%2CTH_ejan.co_res_article_top_728x90%2C970x90%2C320x50%2C320x100&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=728x90%7C970x90&ifi=7&didk=1599267885&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4d870ea52b25bfb2%3AT%3D1696601583%3ART%3D1696601583%3AS%3DALNI_Ma7qP0j1CppjPg9F_htzuJLOjXkog&gpic=UID%3D00000c8f9d3f354b%3AT%3D1696601583%3ART%3D1696601583%3AS%3DALNI_MY3BkZ3zUcWQDMtbIyMXDOWwQGieg&abxe=1&dt=1696601585298&lmt=1696594385&adxs=230&adys=935&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&vis=1&psz=752x0&msz=728x0&fws=132&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=156981466.1696601582&ga_sid=1696601583&ga_hid=1661371357&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7NvWqrAxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjv29aqsDFIAFICCGQSGQoKcHViY2lkLm9yZxjM3NaqsDFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y79vWqrAxSABSAghkEhkKCnVpZGFwaS5jb20Y7tvWqrAxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVptWmxTR2huUWsxUlluRllPRk40TWpCb1NsQnhRVDA5SW4wPRiD39aqsDFIABIbCgxpZDUtc3luYy5jb20YjN3WqrAxSABSAghq&dlt=1696601581616&idt=1396&prev_scp=ats_hb_bid%3Dtrue%26ats_hb_pb%3D0.00%26hb_format%3Dbanner%26hb_adid%3D99d37b35937b0b9%26hb_size%3D970x90%26ats_hb_bidder%3Dyandex&cust_params=url%3D%252Fworld%252Fec3to6d7sl%26ref%3Dnull%26param%253Afbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&adks=4066571553&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0f555ee0442bb7d0d1a3cb1e623ccc45895bf8a0496368d139e32c4b7b169c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 213202
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20048
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 327881
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 826ms
824ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1984550382996053&correlator=500169642720944&eid=44801493%2C676982996&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=21622890900%3A21614983423%2CTH_ejan.co_res_article_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=8&didk=1599268311&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4d870ea52b25bfb2%3AT%3D1696601583%3ART%3D1696601583%3AS%3DALNI_Ma7qP0j1CppjPg9F_htzuJLOjXkog&gpic=UID%3D00000c8f9d3f354b%3AT%3D1696601583%3ART%3D1696601583%3AS%3DALNI_MY3BkZ3zUcWQDMtbIyMXDOWwQGieg&abxe=1&dt=1696601585335&lmt=1696594385&adxs=1353&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&vis=1&psz=0x-1&msz=195x-1&fws=644&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=156981466.1696601582&ga_sid=1696601583&ga_hid=1661371357&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7NvWqrAxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjv29aqsDFIAFICCGQSGQoKcHViY2lkLm9yZxjM3NaqsDFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y79vWqrAxSABSAghkEhkKCnVpZGFwaS5jb20Y7tvWqrAxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVptWmxTR2huUWsxUlluRllPRk40TWpCb1NsQnhRVDA5SW4wPRiD39aqsDFIABIbCgxpZDUtc3luYy5jb20YjN3WqrAxSABSAghq&dlt=1696601581616&idt=1396&prev_scp=amznbid%3D2%26amznp%3D2%26ats_hb_bid%3Dtrue%26ats_hb_pb%3D0.02%26hb_format%3Dbanner%26hb_adid%3D94a1c01c1ddb66d%26hb_size%3D300x250%26ats_hb_bidder%3Dix&cust_params=url%3D%252Fworld%252Fec3to6d7sl%26ref%3Dnull%26param%253Afbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw&adks=2903755340&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d65d30a2e5c1cd30d1c5e4f0cdb81fa910f1eadf948c2897ea8bf9496c43ec7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11658
x-xss-protection: 0
google-lineitem-id: 5999127497
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138389697062
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/ 37 KB
13 KB 48ms
44ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

193851be4b21cb5abd35752d000f4e44ed8c09e2ea3880458e69c780d935398e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8979
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13142
x-xss-protection: 0
server: cafe
etag: 17226072091034798249
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 05 Oct 2024 11:43:26 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_4_5/infra/ 882 KB
144 KB 22ms
13ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c930218a7329f9a602afceefc667804448908afb5048d9db9bbb31ea85486562

Request headers

Referer: https://www.ejan.co/
Origin: https://www.ejan.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-meta-mtime: 1696324689
date: Fri, 06 Oct 2023 14:13:05 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: Z3HN305F4BYJJD72
age: 276780
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1696324690
x-amz-meta-mode: 33188
content-length: 147342
x-amz-id-2: 0458jpKlcHtyqmxP5zkJMjfcV3ZVfGwp4x9iL6YNqXh4iLFA2v1piYXjQhXHkAVtDJq36H9KyRE=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Tue, 03 Oct 2023 09:18:11 GMT
server: AmazonS3-br
x-timer: S1696601585.371423,VS0,VE0
etag: "506fa4da9ad74d978d49cd3219439d0e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 60007

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_4_5/assets/css/ 60 KB
8 KB 23ms
14ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_4_5/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-meta-mtime: 1696324708
date: Fri, 06 Oct 2023 14:13:05 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: AAB07MP3Z0BRKB90
age: 276784
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1696324709
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: 5zlPQrxkHXYPWMBB+EHlzkEfvuhsb1WuCuNJYZ/zDtQvkzfgK1ihN8wqrUFlyz8QYKidyM+16Xk=
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Tue, 03 Oct 2023 09:18:30 GMT
server: AmazonS3-br
x-timer: S1696601585.374576,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 279210

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 98C8 0
0 160ms
69ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310020101&jk=1984550382996053&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 717C 37 KB
14 KB 131ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:29:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 13:29:55 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 8ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:05 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1756190
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1696601586.580109,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 122182

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/ 465 KB
87 KB 7ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 2666d821e6b53e7bc5d7dd513f07b4081cbe859c04c86541b556375b56262042

Request headers

Referer: https://www.ejan.co/
Origin: https://www.ejan.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-meta-mtime: 1696237416
date: Fri, 06 Oct 2023 14:13:05 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 2EK0MFKQJ582WGF5
age: 364100
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1696237429
x-amz-meta-mode: 33188
content-length: 89004
x-amz-id-2: uWnSXRPNxYC47yYqArglm/Yl1WFzirwr1h4h6dCkk/tO4FFf9RUbOHfsYVNsTCpw+wNcNXoFYxA=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Mon, 02 Oct 2023 09:03:50 GMT
server: AmazonS3-br
x-timer: S1696601586.605150,VS0,VE0
etag: "585652628115b4409d6c93eb98f8e63c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 361750

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 2E8F 577 B
662 B 17ms
14ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: ce2b5c8723b180ca163cdb56dcc80043c3a2649efc85003257aed8256f84fdb1

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 06 Oct 2023 14:13:05 GMT
machineid: 3402
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 17ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&cmcv=&pix=31579697&cb=1696601585607&uv=3345&tms=1696601585607&su=3&abt=eidc_vB!expl_vE!nonrv_vA!ufm_vG!uftchrwf_vC!unf_vC&ft=0&unm=FEED_MANAGER&su=3&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:05 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 25ms
19ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.ejan.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Fri, 06 Oct 2023 14:13:05 GMT
via: 1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: WAW51-P3
age: 1419520
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1696601586.672149,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits: 505463

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2E8F 70 B
148 B 37ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 2E8F 43 B
425 B 43ms
40ms Image
image/gif 2a05:d018:d29:3601:bf41:b326:fa86:2937
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:bf41:b326:fa86:2937 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 container.html Show response
37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC88 6 KB
3 KB 48ms
46ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:13:03 GMT
expires: Sat, 05 Oct 2024 14:13:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1B09 281 B
554 B 24ms
24ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 06 Oct 2023 14:13:05 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4F1B 261 B
122 B 89ms
78ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKP727ECEM_MoZYDGJ-js_gBMAE&v=APEucNUle7Bm6kzGDAO1ouA6HvX5PqPJh95rifYZjbs5uXZTsjHa9Mkjxz33algFXGaHGFweX5PYCa9FpGrqXRDptEom7jN_VH71mpOSbHamY2C7fO9daVYYgOwgtnotoztqU6hi5KP8ow5LPOk9fLXlnYAWLXp-onfK7_Xn2iTJebRTuomu9e0

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:13:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AC88 89 KB
31 KB 162ms
152ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 14:13:05 GMT

GET
H/1.1 200
OK 0748c935-388d-4471-a14f-839990d72b99
a237.casalemedia.com/impression/v2/341462/85/ckg1bsc4m7fsjm825m30/ Frame AC88 43 B
303 B 74ms
15ms Image
image/gif 185.80.36.187
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a237.casalemedia.com/impression/v2/341462/85/ckg1bsc4m7fsjm825m30/0748c935-388d-4471-a14f-839990d72b99?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1696602185&profileIDs=&creativeID=25847da&pubID=189149&format=banner&channel=site&ap=ZSAV8QAGKkIHg5KeAA3XMs2oaglltXVKGzUmAQ
Requested by: Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.36.187 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:13:05 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC88 42 B
63 B 82ms
72ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGKVORdXOYC38X0X2tv5ebOPE1OBeNIo8KbLH9fnveemBiuCkuOxs7gYXGM4e8xN7UAd3_SQOm5tcIgwtWpV_znO2ob3a2Zvw3Y6uNRcGJwoCiT1M

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC88 0
20 B 78ms
71ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11921399005681920769&x=13&ct=2

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame AC88 3 KB
1 KB 50ms
42ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame AC88 20 KB
8 KB 52ms
44ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:09 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AC88 24 KB
6 KB 53ms
45ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 16:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 03 Oct 2024 16:05:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC88 187 KB
59 KB 193ms
86ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 14:13:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5418 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-wqM8DAFab5DZworqllThWZaRacVzR2QfB7G4pAYJxHvdZI5xki3YS06xEaajR6lb7jOMLvwrIeG9-xf62eLRlGmWOFwNPcV93wVB-Njj4Nqnw-sPMUJYSA7l9c2KwcOcAhzcIinJoaQr_yyDyfLBvtO2VW1WOr9AlZjel_iQ_nX6PGAru_WeebnPeKSJpo8Xbqh1DIODZ90_wfKR_j5Mr2js3xqR1WUJ7RUXNXnn_XzXad929gsCQ648WrZ2fq-yk4ls5uu8XNMyEfTKjpHdTtJBLBRhJS75EeJIv0hi6V7GJl3RTVu27Y1Vlxsddzquv7CRcTOxAWCbEcuZS--TfdFKw06zfF0YNo_32wodK-pxGuQ5jM9zZSXHEL-NWpiJBwbRQlulMmnXGdYIPrJar4Y&sai=AMfl-YTlUYxfPiVsXCnprRxQSW6Nf7bvJoi7I9lqiuGp9WvldN3n0gvlwXBzll0erKOtMtiiw4zpe25tTANk_az5Gp2Vzb_tdAZMj2L-aRxN_KJakAKeXY4OrFZ0Um0MDg&sig=Cg0ArKJSzJ1SNXI5NPkgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 uct.js Show response
anymind360.com/js/prebid_creative/ Frame 5418 24 KB
9 KB 7ms
7ms Script
application/javascript 151.101.65.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/prebid_creative/uct.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

910d07ea08d88e63965fd6188c9f20736b5b81a9d2a9ad45fc74b240287c2b7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Mon, 28 Aug 2023 09:02:30 GMT
date: Fri, 06 Oct 2023 14:13:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 68732
x-guploader-uploadid: ADPycdtUxMZOEfRYK24ckrNGm1h4BWb3T5vZwRIypBcYuxBZQvJFVyZLd2I3esiYYj2B0uD_D-niN9h9jGyEiUk3AfVIyA
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8280
x-served-by: cache-tyo11926-TYO, cache-fra-eddf8230028-FRA
last-modified: Fri, 10 Dec 2021 08:36:59 GMT
server: UploadServer
x-timer: S1696601586.861379,VS0,VE0
etag: "32935b1d2878254c40c430821f9ad672"
vary: Accept-Encoding
x-goog-generation: 1639125419758288
content-language: en
access-control-allow-origin: *
x-goog-hash: crc32c=MQ+Z5Q==, md5=MpNbHSh4JUxAxDCCH5rWcg==
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 8280
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 198, 12

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5418 187 KB
59 KB 250ms
168ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 14:13:06 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 11ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231005-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:13:05 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 1488
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1696601586.914835,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 84
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 9455

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1B09 36 KB
11 KB 36ms
34ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 14:13:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 22:01:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=27964
Connection: keep-alive
Content-Length: 10539
Expires: Fri, 06 Oct 2023 21:59:09 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 4F1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEN2PyIS2vi1LXS4neOVHqkE&google_cver=1

0
400 B

84ms
37ms

Image
text/plain

23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEN2PyIS2vi1LXS4neOVHqkE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKP727ECEM_MoZYDGJ-js_gBMAE&v=APEucNUle7Bm6kzGDAO1ouA6HvX5PqPJh95rifYZjbs5uXZTsjHa9Mkjxz33algFXGaHGFweX5PYCa9FpGrqXRDptEom7jN_VH71mpOSbHamY2C7fO9daVYYgOwgtnotoztqU6hi5KP8ow5LPOk9fLXlnYAWLXp-onfK7_Xn2iTJebRTuomu9e0
Protocol: HTTP/1.1
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:13:06 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Thu, 05 Oct 2023 14:13:06 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEN2PyIS2vi1LXS4neOVHqkE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame 4F1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEAABd6DxkB1o0mOd5l8jPA8&google_cver=1&adform_v=1

43 B
163 B

101ms
21ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEAABd6DxkB1o0mOd5l8jPA8&google_cver=1&adform_v=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKP727ECEM_MoZYDGJ-js_gBMAE&v=APEucNUle7Bm6kzGDAO1ouA6HvX5PqPJh95rifYZjbs5uXZTsjHa9Mkjxz33algFXGaHGFweX5PYCa9FpGrqXRDptEom7jN_VH71mpOSbHamY2C7fO9daVYYgOwgtnotoztqU6hi5KP8ow5LPOk9fLXlnYAWLXp-onfK7_Xn2iTJebRTuomu9e0
Protocol: H2
Server: 37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
last-modified: Thu, 11 May 2023 08:48:09 GMT
server: nginx
accept-ranges: bytes
etag: "645cabc9-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEAABd6DxkB1o0mOd5l8jPA8&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 5418 969 B
1 KB 79ms
22ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59377243;rtbwp=ZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w;rtbdata=-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fc5037dbf74ae3f9d36e4a0eeb8bba7e31a9288e23ab86859c0803c281adb0e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 840
expires: -1

GET
H/1.1 200
OK d126f195-e218-400e-a6ca-205ece1f3cfb
a5161.casalemedia.com/impression/v2/398455/111/ckg1bs1bgakujq3oikpg/ Frame 5418 43 B
303 B 37ms
7ms Image
image/gif 85.91.45.75
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a5161.casalemedia.com/impression/v2/398455/111/ckg1bs1bgakujq3oikpg/d126f195-e218-400e-a6ca-205ece1f3cfb?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1696602184&profileIDs=&creativeID=176e312&pubID=189148&format=banner&channel=site
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.91.45.75 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:13:06 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 1B09 7 B
380 B 9ms
9ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 19ms
6ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230029-FRA
date: Fri, 06 Oct 2023 14:13:06 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.ejan.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 200 container.html Show response
37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 004D 6 KB
3 KB 63ms
62ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:13:03 GMT
expires: Sat, 05 Oct 2024 14:13:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 033C 0
0 126ms
92ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-P5ytXtfZkqMRo5xXA0XG5vq6mMPRrOJ8HR2gcOJshJVXiWmpV4kPygaf9WYPBnnJaMtI1b_KGLpGBxianby90Yxoop8Y3p8e3f6X51suea3epS2mNxaW3N9NDgAEbMfSS3-_zbvgoKm-JjeflHCTrCICGF2_g7Zo24wi246Bvdxk001Qzqukmk1ifyA68etzcV6gBYMu_YBmot06hT_J51nGUgB96gAtSetNhyK0QgNfwcB48ZYPH9sl6hPC6z2tYPALWHd3KJhv4c9M2P0jWiS4YPKo-V2Mk0LeDkOwOHKx2u-adubeH6nkpbHHyJR_amWIjnEHiR0_HkiqPWjo2GGV7OJLn1crdXNSYdJp_NXxpOmb0Q&sai=AMfl-YSZilpa-n0ZRmMX1UhaOhQUGWqJYPBND1BUJ3I9rig1yoaytCRfaKYfRY4QdfVIPhvsJvxzU4vViOqxMxqMMSEU5w6BuFts-0ZHa_AjSCtZxg3-um4tPncDnnCHPQ&sig=Cg0ArKJSzIanaLD-XWJTEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 uct.js Show response
anymind360.com/js/prebid_creative/ Frame 033C 24 KB
9 KB 16ms
7ms Script
application/javascript 151.101.65.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/prebid_creative/uct.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

910d07ea08d88e63965fd6188c9f20736b5b81a9d2a9ad45fc74b240287c2b7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Mon, 28 Aug 2023 09:02:30 GMT
date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 68732
x-guploader-uploadid: ADPycdtUxMZOEfRYK24ckrNGm1h4BWb3T5vZwRIypBcYuxBZQvJFVyZLd2I3esiYYj2B0uD_D-niN9h9jGyEiUk3AfVIyA
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8280
x-served-by: cache-tyo11926-TYO, cache-fra-eddf8230028-FRA
last-modified: Fri, 10 Dec 2021 08:36:59 GMT
server: UploadServer
x-timer: S1696601586.118186,VS0,VE0
etag: "32935b1d2878254c40c430821f9ad672"
vary: Accept-Encoding
x-goog-generation: 1639125419758288
content-language: en
access-control-allow-origin: *
x-goog-hash: crc32c=MQ+Z5Q==, md5=MpNbHSh4JUxAxDCCH5rWcg==
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 8280
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 198, 13

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 033C 187 KB
59 KB 98ms
87ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 14:13:06 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC88 0
20 B 98ms
92ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=224337728841&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC88 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=224337728841&version=m202309260101&ct=2&x=13&cor=11921399005681920000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AC88 77 KB
35 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUYRKhIy9HPeFVrSmT-6XGPUW6wYwpa572u4C2Xxmkmw8ebjXtV8LHHJwkaGBjLau4XHtzWIDNIdco_K3LbGPIF0NxoX6nAXOUxXLCfxcvLDEhsmSYe5jEBmUqtit7uRWgWmThReB9CywuAYXsrzijhuPkX3uOrj0hGd3FodsVZo_pV9M&cry=1&dbm_d=AKAmf-A3RhhId_uPe4o_JHDLkT-x2G9HUwReIexbw8ON2j-QDAdVRPvGrFvAA_p2WXMvVIdtTPiYtb8o_D0StQYzr3Zx2_zmFvvsgaruzIzerQ-gwY467XQvd2smphb4u-TILDXIQ6TmGg5rPG-nY64XpASZ5fhb_mF0dHSWUUij3OwlxIqmDjLhvEUrBU5n4n9lz8darirhlVMh4BEFrN6VPiHEgnRZbjIx1w-5wvoOzU_8iepn87COt_db804Z1cDr4Ca9FcIidEZEcthhVyPtvnZQg6huFpKwb_QpwlYYn5ADAQhaLOspaeL2Cmezc2qDYwz-CCA14ZSg86wyQhOu5AlBYwRsrrXxxwIIfLFkLM6ZGdIYPNTmpUc6o3QmH0Wo3gqlc1fuSUPq5bYIhfvYBHWBIxXhaKu0m7OsKhjsIoH3-JTBWnZMjyn4l_ca36be1Mw03gExGPG_SiJld_NccrPuTj5ZPsCL63iDBzAjlBdOpA2UdDRg7Z5rTpG22hShfYJR9bhCOASnTmSkBaqeVltWUKAUJGQveidwDwuMryP66wnSSUp87NQaAHfvv-9sVvH2ZS2Ecj-mWXMf4bFE92qi0_8Xrmp_Z_wzg9V9Il19z6fep3xn52-vRx6l0z5See-YOLcqxBPYUFUQlh2H34KmUEo3FbzIZDZJziQzDoXqnHJ1Tj4OS7J-YCW-loVZvSnKwNjQL3G4vYb1iVNRrQ2ryWQwSh8iU9dO2BVx1R1xcb070_XRlYX5Ofvx1wEEX_brbiIdoUJ6H528oQxgOIU8n1qpQFgLXDCz3wS3pkg4Qh3IJrjEmIBRzKDsHDdW3N0bwEtKHtHzShe_PXqAaLWduOz_oA3PYXgyQtLr45MpX6XnLCMbFeE24Ayar7DwodwpAoAOQu4JEMlOJf5S7PReJeeQbJl_zIe-czYRh-RLnQlVpTlzK9CrfCBJz68UMbLhEmX1-ewJLtMXK-giCHZUpJIde4c-t9l1frOkz54Yh0w_vc0f9Ral46h9iqLAz7WPZwU5dGHTTelY4MfYjXihVsYURlFiODWxSbz-dBkiyv6ep4xS675VPIWESX7Wdt4p_d1fP8Z2JZPGsGyfILwbgjHk7ptJvNBGc_10G0LFDd05NAn6k4VgHcF0alkUYmXCWdzqVqYAeNNLR9rgvEUQeMbANmZQU9nRX__9o8mVqlJgE8azAKOj2OlvDcCLY-ej_yvJ-Yx9MxrWBMHEgPMl-Y7pufUBrmQPYYwfXRhlcl2dl0141liKdA0e8BL6eJV75eD2YILCru_-XoYJYTqa8iCti_PkNJZ30RGdVZhDkA2ObNvYhDY7WVSn0d7XUEb-pNDFCD2FIglm2-piyzliuGWZiBKBNMmA8uspjd9CioN9B1Vau92AF_e9qkrBQk9BgKzGg_Qhk-x7p81qqGpVociWf-w0ZeWRySmSvInIu8KzY72ZbOL1szSs_wUcRRYQ6m7DBKBD3f6N0Tb7ol03yOPm1LU5Bk4DwzhrqNd4O0N0QpEjMSS74rTtr2dn5J7VA3p32zGPm1euBZnQ5WQoHtsCwN2wjuAOlGmDsmyquZtlG5K7DHcVEshL-HipynA6ijjm42CDtJPrj3ERBrfdA1QpbBYAzJFn0ntl5CNng93BOv4-uZa_ffHTbGuBMAU4EIS8lbH7BVIgxZOg8jKmKi1MRz9IwuKZUUOt09pmW9NdcqoVIY-q6HCFFdCj3cqRWzPjAaMD4yw1-ISi7O3kRXBLS-qh5F60aIfuJ6sDOPn0xZ8MBtxgcV2m-4X44mxQG6MVcpqZ3tTw9vzeMdkLdO2PUMnxjYiPlbDQHlyNRtUaqHV-F_uV8JaW1AT3gWGnAVjVk5qAzUX6nPOGMxFweDQKImGj5C-IZr2Wlm6W2u5eQjiYcKfv9Xf2ffF1dgKT7niN_xCsvB0RXALaga04ak5QTccPxFS5RbaX_iI3u-c7y3x8e8Vf_mtEQ-HCEe7DsrJGc7cenQzeyCjpIgHYiN0n0qCSLnB9udc3ruA73T-Tyl7-4G3ayWwxd1qWXihgLJktYiVLcknLAduG2_BGenptn5olSfVx_v3gs840Jtk5xhLpX7xd4RdZnPgRtMJlSf7csbfXXUZrZQ73t8RA0DcyEzgP_4BMTJCGHLoow3AeFf8rT91XE2lLML2L69WzewTC7d3CGomwPmaSO78plPlxYu-kM_RHkq7k0c5NUdNyrzXI4WYQxkoWcDNPDOYTyxlxFyJohPjN0UcG7GggCGMuEcx8XrLpktuXmDX1AkMYNCCyuCJLKJ3uL2_D-c1Q8BhN9GAlsXuUx0rc9YhU7ezO3w1pnzKMZqAntUkbDYeSkbMFDfAEbrXNpm8FHB3bBn9chLLxbW2JQQJ0SUT1Zf1GiyaYhouSdK1mKQGPJvdYh5-_dBQHS-_dX4mv-aT1LBW_PxPmotL4gYWXBUioAhbPoqbyx9DaDCMRIuo8sp1ntXxHnzrdC3lVr-Bw3egIuzWJoTVqgSH9GhgrEtREW5etUNzjyWbkWUsxF3gIliu0p479lJe9MNgFMP6hVYfnpyQ5V1ZMQeTgWzpsZTbGRcf2F7HcaYIa7Ps6lwFqe96lIG6nmGwlgWfhXp3idlYxhRQRtfrqBgVMuUA_E6ZqfhkxpM2FN0rMMAXLX6BCkTGBU4G5EwtGW1JHi8G59PbBB4b5ZVlMsFegvkHH0PD0SKFjb3YFPnbQ3SSLcKpZR7epZhctO8IHVKaQJ8ngIfjaFfX70B_JChy0jawYasWeNWKc7MQsuJ3q5m7skOzxtdLllbtG1tzkZKND2lTkErYSJz7igpgtQOgkpqFYM7o7uViW3XVJuNL7mqZsPw-O23JVvY_KL6F049hfFkDOMem2z4G9fo_8qH7-p5PExLjYBtWMqadaGQq96UQYv7oTJ59wjP6qDvU2ys_sBnTbcQcqNNMFCbGHWJB6aAG1ePYq4orfGoldQoGFbs-xl5izEn7fIuiRxMSuyH4RvvAisDkXgJTBvlZJTHmLpprkD2VGF1iYuMngZ3lHKLOp5iAzQryWyDiK7Sxp-CoE4X3BySsolCjFZMotYYpFnR-zTXYPnbkEwxFv1PbJJaMZJ2CfPlvXQtrKZVjHAHgeAwlt-FTc374eOWvCoK39j5Cv5siLdUyJqkDRvoDEURXmG57-qA29ZZbWDRgbk_l0YWIMP1cXcmsHa3_0ugE2m5hGCSgkEk17L35GK9iJI97d1-X5Oow913Ncd_ZbRhKOj0ui3htfzJs8ngRFc39sjgDSgn7PnuReTqgOBVRAI4iimV9NuymfqZ8TOxHNF1k5NfqJYVHCZhuQWMcIMtkb-h36QR0qfulcMz7cnouOviOdnVhkMZl8OU6i7wOe0Y-8n8mrTrLRap000OivGlstrcdTmiojLtlCUfsVqMN89PEYsGI740NAnJNrH4-Hi-UTmzs_qlpIoqVY-gC3JE8zFybyD3J8W1EFHhMLVasIdDqizuXtKPOzQ_IbCPJf2X5neYmnJ-uQrkvjDHpmgWOI4ox4-wSvnCguKzs3YCioCsOs71G4wd25xa1rJAdln6BffhdBLURMKamAcyliUFHzBwhicTtk3xVeY3AI4ztMNCrW15r8z5AWvqVJb6JOHUJjFo3LZcjhgYR4GPV-_4tOMphqNXzt1se06HbncB5ZPE4HK87hoSoxpRT8pfxxw1UqmtNai7qN7SAaF6LB1ft_5TsoNzMGDtR62RKvnPBM4tkcREAtxrzbphzkUCJ5vA41bn-1BBJJzcj7O_SENJuLy1AcnTPNRF4QVaEwhnh770xoI9dfQtT_CphkqvjHdHBucvNnveFpg2kEWhgHdRN-xTSWWX9kMjzcueza92DouTsWORTt7sVZbi8-WpgMkpK_QOZNghkXMWshyZWD9B__VvNuM7CUDE0qkv-IW6Y0bASjoVjjtqkxBBBRMyE_ltYCa_5AwLCb2-SLTkJqcl6GXHMUgqWwZLRzTAnpQSlJyc4tM94tiN7LPWoVElRNDTr0sAs7aQXooEyu1jYf6f08S2FIgMg9aTYGxbTQu0CNtYpUw3sYFFcA7ul4oHvxg5C0H0PiGyVTOvP_LvUKXsSiRuUMG-9fmqFtOH1129keWafhFv0C4VgHQcRT_gbHGdhttVRS9VsLpl1SDFjbuvz4-432_jCCz-7ja-oNm07lt_VPOpUqmBVM7RWFF89Jmhe400llpLlJQcF2nCbyohQqbdV6rH9X9bufQ9msBX4lHHAwyOzkG1-rOZA&pr=13%3AZSAV8QAAAADsVoH-5rEyD9P4aGD1Rv32SJuJsA&cid=CAQSGwDICaaNM9_-qgF3Ec-HTXB4rHtn8X9psBxDaBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ejan.co%2F&ds=l&xdt=1&iif=1&cor=11921399005681920000&adk=1686910031&idt=187&cac=0&dtd=57

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d511767ff05f2d7004326f00e946d4a3a3e26e6e8aeac5c0f73e8893bddf9ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35472
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 311ms
91ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 Oct 2023 14:13:06 GMT
cache-control: no-store
server: nginx

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame 5418 36 KB
17 KB 175ms
49ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59377243;rtbwp=ZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w;rtbdata=-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 10:58:46 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Aug 2023 15:08:03 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B966 624 B
242 B 92ms
82ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKP727ECEM_MoZYDGJ-js_gBMAE&v=APEucNWbEwUDSIPSP_hO_zz-kk2XUuMLWQ4d_rIfQuUMnfLGWs6NBE-QOuOgWxGa7lSI2RunxUodw-Ug4bO_IxZ_Erb5HXN4WAhgD1yRWp28FjYNcss1D-iHpNUo7sh3H7phlkr3Kww_l3AYEA02X9FsFvj7wsLnH37oUlq4Z76XwB95xGed-I8

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:13:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 004D 89 KB
31 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 14:13:06 GMT

GET
H/1.1 200
OK 9fa5dfef-c7d2-4be8-955d-67b82d12500b
a4393.casalemedia.com/impression/v2/341462/85/ckg1bsbfofkdk629o170/ Frame 004D 43 B
303 B 82ms
15ms Image
image/gif 185.170.62.165
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4393.casalemedia.com/impression/v2/341462/85/ckg1bsbfofkdk629o170/9fa5dfef-c7d2-4be8-955d-67b82d12500b?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1696602185&profileIDs=&creativeID=25847da&pubID=189149&format=banner&channel=site&ap=ZSAV8QAK8jIKd_HZAADBd0iO-JSIpjhcsY0Eng
Requested by: Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.62.165 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:13:06 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 004D 42 B
63 B 78ms
69ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B3M-jStnCJc6636IsK5Ka3XyBQmW_KVfiSi_31eBc3t5HsO_WBOr6a5gc2ZfEOxjDLhtg_OOG2umbfeBd-JxKJf8s1HSE-mjbUf36rxAZrV1ktzFo

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 004D 0
20 B 83ms
72ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16747566082251255018&x=13&ct=2

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 004D 3 KB
1 KB 58ms
48ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 004D 20 KB
8 KB 58ms
48ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 004D 0
0 64ms
55ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT332vGkebKo54AHuiOcfZlwqPUwJmIohtdB31C9L7iruJh3D3dPfW6w94P8ADRVg4KLJhzemwICpBeavFNZuSAUGfuTQ
Requested by: Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 004D 24 KB
6 KB 62ms
53ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 16:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 03 Oct 2024 16:05:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 004D 187 KB
59 KB 89ms
81ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 14:13:06 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 033C 964 B
1 KB 26ms
22ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=38735235;rtbwp=ZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg;rtbdata=ZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

243b8004bbad8b11b4235f5dc0573154eea524d731755a600742cc98faa74932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 835
expires: -1

GET
H/1.1 200
OK 9d894319-2757-4670-94a8-be34e03a448e
a5161.casalemedia.com/impression/v2/398455/111/ckg1bs1bgakujq3oikpg/ Frame 033C 43 B
303 B 11ms
9ms Image
image/gif 85.91.45.75
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a5161.casalemedia.com/impression/v2/398455/111/ckg1bs1bgakujq3oikpg/9d894319-2757-4670-94a8-be34e03a448e?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1696602184&profileIDs=&creativeID=17675c5&pubID=189148&format=banner&channel=site
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.91.45.75 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:13:06 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B0B 0
0 76ms
75ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMagZCR2WChpUGhZkTE8PjXqyjQihbLn4RLiMNkb0WG0h_iY3Q84Z0sr8fynuvx5Dut1Xe6uZJpbSiTmlEHI6gEvXuXOmpsAp-LGqUcv4NQ5G3MvPvg-nf9wddJa-SxRx8yNAqNlxrLlXFLy6j0W4ndjAMxQSQUBtEtkWIRgC_p8iKgj_CAaHqGhDaE3EW0hZbNPUnvvnR9C7W8gjkmz_m7w8Y29JIZfpje3EkDODsSRiVbVh6wE2wnYfAEDE1UiUhrav6dieY8xHKYydR6qFcO0M-EdFxmqYPR8yg9Pep8wCHeLCUiI7XVPDB7bBoZGYhLXSek-h1aYm213HmRwRfiZ1RwDM&sai=AMfl-YRfogOG6maK5Zl7BT-NMaiZKhdeWKxBZjIP8NNDOAP7_ygotWgEGjjh1GBTjZ41q9kTHwoabJwCa0wH7wPfWmGCLhm95fcuxddLQ2QndEAvxoq9KbhttvKL3O9OCA&sig=Cg0ArKJSzJZH3yjo5Iw4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ejan.co
URL: https://www.ejan.co/world/ec3to6d7sl?fbclid=iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 6144.js Show response
cnt.trvdp.com/js/1273/ Frame 9B0B 3 KB
2 KB 49ms
8ms Script
application/javascript 65.9.66.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1273/6144.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-43.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89bacd854a2f11eb86ec41b110efee7db37c9681f70a3d6209f79c2491d76709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:20:08 GMT
content-encoding: gzip
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
last-modified: Thu, 28 Apr 2022 09:54:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2076779
etag: W/"b00397744932b2785306d689d37a584f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: nomSVsezrb2xIfDCvhVtXI_Ybi3MVI_xS4L0mJQUMfPhhCbx5EPU9g==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B0B 187 KB
59 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 14:13:06 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B966
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcOpVudz3WHTXrMqsi504Q&google_cver=1

43 B
342 B

34ms
34ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcOpVudz3WHTXrMqsi504Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKP727ECEM_MoZYDGJ-js_gBMAE&v=APEucNWbEwUDSIPSP_hO_zz-kk2XUuMLWQ4d_rIfQuUMnfLGWs6NBE-QOuOgWxGa7lSI2RunxUodw-Ug4bO_IxZ_Erb5HXN4WAhgD1yRWp28FjYNcss1D-iHpNUo7sh3H7phlkr3Kww_l3AYEA02X9FsFvj7wsLnH37oUlq4Z76XwB95xGed-I8
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oWsLrpjHYbNFDcEVZTQIt83TWh4tAsMDN48SteCPy2xPqEQDIfMM%2FZxF6c%2F7jl1iV%2BK%2Bdr%2BQcr6ek2ddVdo1yQif4iPnVHtK2krMIvBhHUCSN%2FubsjCvpTvX2OMp%2B9vTfLul2XkESl8Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80cba95b9249-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcOpVudz3WHTXrMqsi504Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B966
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSAV8gZmdfs.1VHdiARoMQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcOpVudz3WHTXrMqsi504Q&google_cver=1&google_hm=2

43 B
729 B

177ms
33ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcOpVudz3WHTXrMqsi504Q&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKP727ECEM_MoZYDGJ-js_gBMAE&v=APEucNWbEwUDSIPSP_hO_zz-kk2XUuMLWQ4d_rIfQuUMnfLGWs6NBE-QOuOgWxGa7lSI2RunxUodw-Ug4bO_IxZ_Erb5HXN4WAhgD1yRWp28FjYNcss1D-iHpNUo7sh3H7phlkr3Kww_l3AYEA02X9FsFvj7wsLnH37oUlq4Z76XwB95xGed-I8
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6cZYYXKSVrFVQ0KfvChLUdHEVFyEPs7jmGi8oBOOulaLVJQQaSqWIxZLi59NuNX7cria6M9bs6wLrfnTRp1CttDNFPZXyULMgX1uzFYiT320tAX7kMWAqRzStFKRQWRBDi2JRy80tmJUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80ce19a735fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcOpVudz3WHTXrMqsi504Q&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame B966
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFlXPlvxOW3xsyB_RuN8Qgc&google_cver=1

43 B
841 B

28ms
27ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFlXPlvxOW3xsyB_RuN8Qgc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKP727ECEM_MoZYDGJ-js_gBMAE&v=APEucNWbEwUDSIPSP_hO_zz-kk2XUuMLWQ4d_rIfQuUMnfLGWs6NBE-QOuOgWxGa7lSI2RunxUodw-Ug4bO_IxZ_Erb5HXN4WAhgD1yRWp28FjYNcss1D-iHpNUo7sh3H7phlkr3Kww_l3AYEA02X9FsFvj7wsLnH37oUlq4Z76XwB95xGed-I8

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
an-x-request-uuid: c185e7ca-cd91-41f8-9c37-6b35555fb539
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.161; 185.213.155.161; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFlXPlvxOW3xsyB_RuN8Qgc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B966
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMjI5NjcwODg2ODc2ODYzNQ%3D%3D

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMjI5NjcwODg2ODc2ODYzNQ%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
an-x-request-uuid: cbba19a1-bac7-46ef-bb65-02dc903c9b0c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMjI5NjcwODg2ODc2ODYzNQ%3D%3D
x-proxy-origin: 185.213.155.161; 185.213.155.161; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame AC88 30 KB
11 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUYRKhIy9HPeFVrSmT-6XGPUW6wYwpa572u4C2Xxmkmw8ebjXtV8LHHJwkaGBjLau4XHtzWIDNIdco_K3LbGPIF0NxoX6nAXOUxXLCfxcvLDEhsmSYe5jEBmUqtit7uRWgWmThReB9CywuAYXsrzijhuPkX3uOrj0hGd3FodsVZo_pV9M&cry=1&dbm_d=AKAmf-A3RhhId_uPe4o_JHDLkT-x2G9HUwReIexbw8ON2j-QDAdVRPvGrFvAA_p2WXMvVIdtTPiYtb8o_D0StQYzr3Zx2_zmFvvsgaruzIzerQ-gwY467XQvd2smphb4u-TILDXIQ6TmGg5rPG-nY64XpASZ5fhb_mF0dHSWUUij3OwlxIqmDjLhvEUrBU5n4n9lz8darirhlVMh4BEFrN6VPiHEgnRZbjIx1w-5wvoOzU_8iepn87COt_db804Z1cDr4Ca9FcIidEZEcthhVyPtvnZQg6huFpKwb_QpwlYYn5ADAQhaLOspaeL2Cmezc2qDYwz-CCA14ZSg86wyQhOu5AlBYwRsrrXxxwIIfLFkLM6ZGdIYPNTmpUc6o3QmH0Wo3gqlc1fuSUPq5bYIhfvYBHWBIxXhaKu0m7OsKhjsIoH3-JTBWnZMjyn4l_ca36be1Mw03gExGPG_SiJld_NccrPuTj5ZPsCL63iDBzAjlBdOpA2UdDRg7Z5rTpG22hShfYJR9bhCOASnTmSkBaqeVltWUKAUJGQveidwDwuMryP66wnSSUp87NQaAHfvv-9sVvH2ZS2Ecj-mWXMf4bFE92qi0_8Xrmp_Z_wzg9V9Il19z6fep3xn52-vRx6l0z5See-YOLcqxBPYUFUQlh2H34KmUEo3FbzIZDZJziQzDoXqnHJ1Tj4OS7J-YCW-loVZvSnKwNjQL3G4vYb1iVNRrQ2ryWQwSh8iU9dO2BVx1R1xcb070_XRlYX5Ofvx1wEEX_brbiIdoUJ6H528oQxgOIU8n1qpQFgLXDCz3wS3pkg4Qh3IJrjEmIBRzKDsHDdW3N0bwEtKHtHzShe_PXqAaLWduOz_oA3PYXgyQtLr45MpX6XnLCMbFeE24Ayar7DwodwpAoAOQu4JEMlOJf5S7PReJeeQbJl_zIe-czYRh-RLnQlVpTlzK9CrfCBJz68UMbLhEmX1-ewJLtMXK-giCHZUpJIde4c-t9l1frOkz54Yh0w_vc0f9Ral46h9iqLAz7WPZwU5dGHTTelY4MfYjXihVsYURlFiODWxSbz-dBkiyv6ep4xS675VPIWESX7Wdt4p_d1fP8Z2JZPGsGyfILwbgjHk7ptJvNBGc_10G0LFDd05NAn6k4VgHcF0alkUYmXCWdzqVqYAeNNLR9rgvEUQeMbANmZQU9nRX__9o8mVqlJgE8azAKOj2OlvDcCLY-ej_yvJ-Yx9MxrWBMHEgPMl-Y7pufUBrmQPYYwfXRhlcl2dl0141liKdA0e8BL6eJV75eD2YILCru_-XoYJYTqa8iCti_PkNJZ30RGdVZhDkA2ObNvYhDY7WVSn0d7XUEb-pNDFCD2FIglm2-piyzliuGWZiBKBNMmA8uspjd9CioN9B1Vau92AF_e9qkrBQk9BgKzGg_Qhk-x7p81qqGpVociWf-w0ZeWRySmSvInIu8KzY72ZbOL1szSs_wUcRRYQ6m7DBKBD3f6N0Tb7ol03yOPm1LU5Bk4DwzhrqNd4O0N0QpEjMSS74rTtr2dn5J7VA3p32zGPm1euBZnQ5WQoHtsCwN2wjuAOlGmDsmyquZtlG5K7DHcVEshL-HipynA6ijjm42CDtJPrj3ERBrfdA1QpbBYAzJFn0ntl5CNng93BOv4-uZa_ffHTbGuBMAU4EIS8lbH7BVIgxZOg8jKmKi1MRz9IwuKZUUOt09pmW9NdcqoVIY-q6HCFFdCj3cqRWzPjAaMD4yw1-ISi7O3kRXBLS-qh5F60aIfuJ6sDOPn0xZ8MBtxgcV2m-4X44mxQG6MVcpqZ3tTw9vzeMdkLdO2PUMnxjYiPlbDQHlyNRtUaqHV-F_uV8JaW1AT3gWGnAVjVk5qAzUX6nPOGMxFweDQKImGj5C-IZr2Wlm6W2u5eQjiYcKfv9Xf2ffF1dgKT7niN_xCsvB0RXALaga04ak5QTccPxFS5RbaX_iI3u-c7y3x8e8Vf_mtEQ-HCEe7DsrJGc7cenQzeyCjpIgHYiN0n0qCSLnB9udc3ruA73T-Tyl7-4G3ayWwxd1qWXihgLJktYiVLcknLAduG2_BGenptn5olSfVx_v3gs840Jtk5xhLpX7xd4RdZnPgRtMJlSf7csbfXXUZrZQ73t8RA0DcyEzgP_4BMTJCGHLoow3AeFf8rT91XE2lLML2L69WzewTC7d3CGomwPmaSO78plPlxYu-kM_RHkq7k0c5NUdNyrzXI4WYQxkoWcDNPDOYTyxlxFyJohPjN0UcG7GggCGMuEcx8XrLpktuXmDX1AkMYNCCyuCJLKJ3uL2_D-c1Q8BhN9GAlsXuUx0rc9YhU7ezO3w1pnzKMZqAntUkbDYeSkbMFDfAEbrXNpm8FHB3bBn9chLLxbW2JQQJ0SUT1Zf1GiyaYhouSdK1mKQGPJvdYh5-_dBQHS-_dX4mv-aT1LBW_PxPmotL4gYWXBUioAhbPoqbyx9DaDCMRIuo8sp1ntXxHnzrdC3lVr-Bw3egIuzWJoTVqgSH9GhgrEtREW5etUNzjyWbkWUsxF3gIliu0p479lJe9MNgFMP6hVYfnpyQ5V1ZMQeTgWzpsZTbGRcf2F7HcaYIa7Ps6lwFqe96lIG6nmGwlgWfhXp3idlYxhRQRtfrqBgVMuUA_E6ZqfhkxpM2FN0rMMAXLX6BCkTGBU4G5EwtGW1JHi8G59PbBB4b5ZVlMsFegvkHH0PD0SKFjb3YFPnbQ3SSLcKpZR7epZhctO8IHVKaQJ8ngIfjaFfX70B_JChy0jawYasWeNWKc7MQsuJ3q5m7skOzxtdLllbtG1tzkZKND2lTkErYSJz7igpgtQOgkpqFYM7o7uViW3XVJuNL7mqZsPw-O23JVvY_KL6F049hfFkDOMem2z4G9fo_8qH7-p5PExLjYBtWMqadaGQq96UQYv7oTJ59wjP6qDvU2ys_sBnTbcQcqNNMFCbGHWJB6aAG1ePYq4orfGoldQoGFbs-xl5izEn7fIuiRxMSuyH4RvvAisDkXgJTBvlZJTHmLpprkD2VGF1iYuMngZ3lHKLOp5iAzQryWyDiK7Sxp-CoE4X3BySsolCjFZMotYYpFnR-zTXYPnbkEwxFv1PbJJaMZJ2CfPlvXQtrKZVjHAHgeAwlt-FTc374eOWvCoK39j5Cv5siLdUyJqkDRvoDEURXmG57-qA29ZZbWDRgbk_l0YWIMP1cXcmsHa3_0ugE2m5hGCSgkEk17L35GK9iJI97d1-X5Oow913Ncd_ZbRhKOj0ui3htfzJs8ngRFc39sjgDSgn7PnuReTqgOBVRAI4iimV9NuymfqZ8TOxHNF1k5NfqJYVHCZhuQWMcIMtkb-h36QR0qfulcMz7cnouOviOdnVhkMZl8OU6i7wOe0Y-8n8mrTrLRap000OivGlstrcdTmiojLtlCUfsVqMN89PEYsGI740NAnJNrH4-Hi-UTmzs_qlpIoqVY-gC3JE8zFybyD3J8W1EFHhMLVasIdDqizuXtKPOzQ_IbCPJf2X5neYmnJ-uQrkvjDHpmgWOI4ox4-wSvnCguKzs3YCioCsOs71G4wd25xa1rJAdln6BffhdBLURMKamAcyliUFHzBwhicTtk3xVeY3AI4ztMNCrW15r8z5AWvqVJb6JOHUJjFo3LZcjhgYR4GPV-_4tOMphqNXzt1se06HbncB5ZPE4HK87hoSoxpRT8pfxxw1UqmtNai7qN7SAaF6LB1ft_5TsoNzMGDtR62RKvnPBM4tkcREAtxrzbphzkUCJ5vA41bn-1BBJJzcj7O_SENJuLy1AcnTPNRF4QVaEwhnh770xoI9dfQtT_CphkqvjHdHBucvNnveFpg2kEWhgHdRN-xTSWWX9kMjzcueza92DouTsWORTt7sVZbi8-WpgMkpK_QOZNghkXMWshyZWD9B__VvNuM7CUDE0qkv-IW6Y0bASjoVjjtqkxBBBRMyE_ltYCa_5AwLCb2-SLTkJqcl6GXHMUgqWwZLRzTAnpQSlJyc4tM94tiN7LPWoVElRNDTr0sAs7aQXooEyu1jYf6f08S2FIgMg9aTYGxbTQu0CNtYpUw3sYFFcA7ul4oHvxg5C0H0PiGyVTOvP_LvUKXsSiRuUMG-9fmqFtOH1129keWafhFv0C4VgHQcRT_gbHGdhttVRS9VsLpl1SDFjbuvz4-432_jCCz-7ja-oNm07lt_VPOpUqmBVM7RWFF89Jmhe400llpLlJQcF2nCbyohQqbdV6rH9X9bufQ9msBX4lHHAwyOzkG1-rOZA&pr=13%3AZSAV8QAAAADsVoH-5rEyD9P4aGD1Rv32SJuJsA&cid=CAQSGwDICaaNM9_-qgF3Ec-HTXB4rHtn8X9psBxDaBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ejan.co%2F&ds=l&xdt=1&iif=1&cor=11921399005681920000&adk=1686910031&idt=187&cac=0&dtd=57

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:38:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame AC88 11 KB
4 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:38:45 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AC88 0
0 185ms
86ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAaUAQONo5HVL_JPopFjt5kQggz7-XUbIMPRTqu9i8uXB_k3HuKS7j7V2qJxbbZMCb5zUF9X5LXNgHtG3pC8fIY107K3QJgGRobjxEAOPEorK2TAcLuXN7WsINBggcikoqiZIcvEDDwEmOiCN7nXffS6gxtzLisCS0HWkK57LgypsfxIt0fEDxQfe9xOPXrZuxPZMsDta6DPpNEpTWg8l8I3IDIM1ApG8CtkOXpWOC3tOh7XdkrNbUCBC5m5ugFdnTbCbVBHSBXh1mSO5gtz6if-KrBdkFCPuimbhXiW0zSrd4skRYGQ4Jt_61pPZnecuifK4_8ZnCVQT-LvhiSRi9884gktWysP6g5ddfA4ZwdTLhqUBw72wVERes2pul_R6HSz44_M6AUYKOsHDOPeQR4_BVczL3nN6jB_VZuapT2sdVqKubEJal6FUOFkhNgLosjd00CwgQYmcvZ3SxCYQT1lEDgRnFIBEIv5MLpdVpPPv89oUhUwQHTdJFDGFmp-Vx_TGrPp87E9Ygj036AdNAwfu4wXom6Hl6kjore7aPvZO16gXIDj2iukpwuOf_PhtVzFUgPEhFadHSPB9irN6wCH10uWlV0lYTKBVPPRKO_PgVH61MdSlBBHaldquMctu7YCf_I8Hq6yUWOQkt9GrLX-wYy5tioe3m85CDyJcSAEOqJL8Tjmyd0iRVnwK-qKWuUq_wke114KIz1lxpDmbBGeaWJW8zdDruMicIioxhu129dd4q53aWW5dm8zbjzDBUXIGWQdY7Y6bcMAhw9OKRUx90ydhxdobLZpmI0rrlGc8X0NYjcslTj6Dg0ac6Op8XP_UxE31Mopg9bhvzixGP0uJawFM6zvReQNcUSNy7VA8vTFucljis5ioE2FmpLUw7498pcMpRsP8b89bIdHB4MH1Ebk15KhBP9H32AUBIvuCDUR28qKgVobpIESG3D8_0b67ge3S4qy9mYeLJ-IV142l-QoXQdMIz2QR_PBV6i8Bt1naW_OyJjh1R89cvvj25R3FQ9wH725qfB_CC2Ib_ANcO3jiD7vSkGZCtdp9wkL5hh_OiavLdLCsN3mhxOpNyxDhSqV6LuvdCHCkpRzG3Liar3Rwxi1EKXAEKwyeNLA2ovKp8nBHXE0qLZes--eEycBa324toQOif4R0tm_ksLopKpPia5pcYWUke6-LifQfoYddXgxfxTxUKk5lJDqB0qHrhT8XY3j-eQjJowV6hyhMPLq0UPScp0sMYAbZYCoiUhfvp60H_ancgq_9digf8&sai=AMfl-YR_NBfS9aKQoA71Ee0mqtzUkKNdwBhVQ7wvXGIT2kLhZ6-X23h8zdA7iG6n-KIDwJv3BbCwxo7vwjsfXF5T9T2fti5bVR_dSlb7qGz9MqucVAjGdUhpcYzZDigtA9feSMWDnA0t3dW9IdJN_x9AFX8DrVlF4YpdFzdf8ia_X2KNiUU-yYM&sig=Cg0ArKJSzPtiRFwv0yGjEAE&uach_m=[UACH]&pr=13:ZSAV8QAAAADsVoH-5rEyD9P4aGD1Rv32SJuJsA&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231004.93816&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 06 Oct 2023 14:13:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AC88 41 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 12:26:28 GMT

GET
H2 200 16251784296504023533
s0.2mdn.net/simgad/ Frame AC88 14 KB
15 KB 134ms
38ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16251784296504023533

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1d30dfa791e1125588bddca1eb3d05b4bdb3ce840765bad8c08b9ba7d28b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 21:44:21 GMT
x-content-type-options: nosniff
age: 577725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14805
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 14:51:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Sep 2024 21:44:21 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame 033C 36 KB
17 KB 46ms
46ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=38735235;rtbwp=ZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg;rtbdata=ZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 10:58:46 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Aug 2023 15:08:03 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 717C 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CGKltA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 199C 2 KB
838 B 42ms
36ms Document
text/html 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Requested by: Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c553891c301f7759acdbce7a5f04d2671a16406a960710d2e23e87e1123bec4

Request headers

Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 811e80cb48f49249-FRA
content-encoding: br
content-type: text/html
date: Fri, 06 Oct 2023 14:13:06 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnMMr3IHnjzqe5KiwWZnYa%2FwRyWYJmoz9npK8N1SB9eNqGy5FjNLaamnG068DOgq80YpO5nZCDFCeYf044i1yf78laV8Y49aAhfsdkVjniD%2BCio2xKCOh6hIGOrkqXe8plTw6cwkVu56xw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AB33 1 KB
643 B 36ms
36ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 22:36:10 GMT
etag: 48472445140208031
expires: Fri, 06 Oct 2023 22:36:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC88 187 KB
59 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 14:13:06 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 004D 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9255791059177&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 004D 0
20 B 70ms
69ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9255791059177&version=m202309260101&ct=2&x=13&cor=16747566082251256000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 004D 78 KB
35 KB 407ms
406ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-7zSKvgbGofpLMfWDILWpCBr1A1gZYDIROsN8Jh20L1Y-vpGw_HpRWJzn_M7TK5tJ7RBQGWDpQHq2cfg8mihuntGuO_umxhxvXhFT_BPy5NgUwVJbsfNI8PhTrbGHeUYT8dQ_T2pVUVgZi4a2J2eQY1n4kchoRVTHkXenAc-9OZ7Mm0s&cry=1&dbm_d=AKAmf-CM-ncxHrQDHjkSotrnXSh8FlK8osLyzegB0NskjdgDO9YuZYPrjos3leH5Ge0qnCyKhbm_jYRl4J_v2_cPkRJ_vzMb8yK0O9tHy2qcwvPhKUSW7rc6i5DVrjGkHxsWobzxuyF7iBfryIWW18_9PDAVCufIUEEzLdC607CBmqTqd3Qafpg3GTzIsszhpcPEJiopAyjQImUO_4YMIts2P5Q9gv4v3DpgMLSSve8w8X2RqGLqweI-WEeB4vDDQe3FCZFDvj71RhOarAuSruj7FqLH2yXingz_O12w9jTit4B07nfy0RbiJqEuHdzhclQlDEY7dG7dF9juStbEWKKQGW2Mq2SZRL1uYDpVIS_SztvGYc6rkmFR8Xvy038sPFW9kqEQoctqY0uWBY9OlL5uaeFh0lSsxBw0XD7TpBuAofJQXr1DpvbSGo9gf-00RGPDp0KJyyVZOdIfMSQVknvVrc_9IH5V7_VPJvegC6INc4sImyBf8KDjcmqJ7BlJpw_ISjRp13WICZ8YtInXXaGr74RNQp_t2LGVFzFyq7m5nIL3b06IxXK-pzxH-SbqL-t1Yic7nkoHhf-LJBFI0z9WnMii27E0vouzY81eQOziWtCMKWkGg65V0tPnbasY6WoW6KjoC3Bhf1_RXXbiDBEG50PuSMOgMVoO3tYKTdFC9QInDUWDpQGvVOJXxMTDLdR7auAmcck_2VrfhdmFOn7ac6yXzXJ5JucWqiGOiz7LCuuz-KOgVevEel7MnE_M8g3lHcWtX4Ig41yrZbkY3go_0t4znE_mRr2lq6zI3YmaWmAnJ1ZfXo86vl2tXAhuG4UlMT8Tw-bS_5FOZjwtdw1SjtqRLK7Q0WBhy_dW6GYTTj7FwDBZPhAWjV62B99SQVje9lVeCf-5EEjsozTJ2zbLVkF8vmv_R_GBHinbBHuhWrCfite1INkjVKh1hahcclWtKUknJgROoH3V8k9kjlE1oUwcc7sf-_KYIuQaJ7H0m1EUVF7Yru8wdhb8BI3-2FGeM5ixelPYxkuJqVh7IqF_XSngff3E7Svayw36-Ywdq2QNaceDRYZESOQa6B61Spfr-jx1InOUaSjyLLhuZDqb58fnd29RwwWCopgfedrEzHSVuywPSVjNJD5Z_RDNpeEXAj1K-V3JRdYIP7fNJEZWSX5rRw2NzCun9rgo1e6syatvhOpJN04c4-W75pBtRYk0bD-1xq3UwAcl1CfTgwp208gsyHvL7SBNsPOHek2OIwlgDpT99vZgA-5iF-z5KsVCiZMEDeDYJw_lwMpbN_1KO9zUaMCqjaMaXMsve3yF2DAhls2vIs0AkYvq63mWC0BmhvQkTV_zEGWtYlwzjw3lEjI_x36PNoWd2zo4zEuzkV1YhENhsR0CFN63PlDjWUODbCI8WPgKIt3xs9--MFNSmvAh9tD5A7Wcg7-4pCGXmpXq8qiPe-TlhdMUEff5SUXNV7nQ_c-fTfOGq6ujbCRgrf-3Eu7TnGeQY8KhU4-ucu25sDePm1vcuPHrIrt9GKSDMoTOmyGnNO2fHoHJh1aZk8_vFG_3-Afkl0kayFF7DmDzHzontrCn76armj3vi5XN6hZh9JQTbON8wT8G0qqUeQZN3YUdFNMtIGFnp9gZNEnOCxIKBtiLTjCFaMV6daLAK5n9b_YirUPmxJwAsfvD_uiIh_NMpCqXgBo5-z8wQQxUyvkaO3EBd3B4UzvnrTyHK3bB5Y30Z_BoarNBvr1ovfLFFsyYCk13RZNsELVyc78VuN63-VNopmwWJFu2Lq-zSNaDBIIm1CT49DptTImCx6cTxEo6Du1BlsF2v1pzGC8sc6WNCMl4xtJyflhsJYT5uR1gTg5TyxXeXubv6affTkKvkswsVJ1ClUj9-Az1KH-suU_QxAgcnZmTWOyM3-UgJyWKlUx7xqUSSPnl-saki4JrMW6obg8w1UyTlc4IbJtiscu8PTFd-7KFe16vmWhwAGPNPx4F1REIk4WQ3sO7pVkmSofIe2aduAOJdgirdTHzkhCjZRQdShp0JIXevJnS_Oek_N0qKApATilYM9bXdDjVt-DIPp6v9rOSAmcMP6Pd9Dpv41hm0gbei_VY_89m7SUVyYHt6dxmH2twNkVahhdX9wLUhytaWzkKEI2zCTjGt4CJ5aYS2mcExBSP6iJLd1RmoHHJS-mHBjJWk2DCQldv8pum_FEoGCOJXqDDrbcNAYLVjRRyFnNpFMD6Qq3J8XTAhgnnHQfL-SaW4fTkjWUevmk0wDGaO5p7yqU3dsyaV5PJGp0Bj6ZFLpCYnPjKtTJqzuhRDgfPrTxkBvlD7kv1FGiMw0dsPJz2fH3ER2VM_ZbZV7hppQb7RhNUVPFF5IF2MJz58oolGZWzmzAtE8pagdrCQ1k2Lgzfb84MHImRQxr7WNSb1kahpqil66lsO872tSB4pHliyyxHKaWCZvW4-mP9VstMBaoT4VQOtp9UjXI6rVu8kqlZXWoyEc28XakC1OX8DtoKF8n9mbT6ODpg1WLEIc-DJVz4i6Q_-l_x4LQzdvz5SsLshudVxOm_zWY_5vtVROLKKbinVN5pYRT73VUQetscrM_F_suEgu1CkLs_xTy_PMToyGzKglI7ds9XyWtUpqQtRrwdh9KHZGYJdVZTG6UOVPIqf2Fz8NTfqJ2yCcMAv_JV8bxb8aa_OhwmhgOB2xvCb66HAjGINxs2qn0pWCrc8rbVgF1gLJi9VJWhI-LDV5gNtkocA2JWZdoil0TBa3HMXBEyr_2Yz477NFCHh9KECrL4D2SZI369vyWyQeNXoIp3chCWxom7fvdvnylmOcOMKCD13UoEns_I18oHgkaqtZThjBi8p4yUPO5fDBsdqDKSqvFR4l4YA5dwGtfYg2Q0u9M5OTwDTEsYGCeq_IQ99UhCEez5FxvKdz036zKCUA0DhBB68jkEwTbDP6fqih3CJBczgCgbm8QLsfceCbEuG3pdNmuXP_ch3HUO5JlkEh6wwuaic9pozc3TPIag0wp-AKlqEDgy6XD_FmGxA1M_8xd2wR-Fwy6C3fYMYHngBZwe4KEX5iDtHgIvKaHCVBtZvnwNxCY_sGUX0eX343grrByFEtZ5qjQW2E2hkKCqKfcD_siGr-tXyV8C4M2kL5YpUZQdlT_0mPifEtfu_KlX2Z1DZm4Dz4j6iLQhGBhdr8DQFBehVbIDcIGLBYGOMXx9cOVKSP6xBA6udS9NE30cyzc3BCv87afIXh6q5TzaGX4YiguroxPDv9a8I2PC-gNRskQ9imGfgy0dOiQ9Hr0AKeNIluBG9bGFOeM7ZbQPCDVcE2DPWOlzGI1DFmYNAFP69k5gV-_70vkaJ5HfZvsCGqJsiNUf04-ey0qfEtwgaWN-uLnK8N2t71sJd28QJ2xrh4bNC-uWPaiEzomV6H6Q8rKyE-BHEXSmcZ-mCdSDSlDlejUas6Gl1dFTf3X9_lQENWEpeaJ6QjAOn29-eWMRaTgnL-XxR0w5_unU6EVnkGgRHcg2VUWrC2cYIdCroVOx92V5AdGq-k4VL-aHXTbCQ7rkZk59iwYV5TCTNbr12zUVaxsjqgtIyZGYEPXNsbC07r_t2JT92jiYv-gJVbqLP2G0oC1TrIf2yt3MVIXWynFu4wAfXak8LNqE3svNTMcXEVZ7gsAj4kd-CTKeITT5yYDCi6yRknNP05yO4kY502fQ25j56WKc7OuqPB97rlYqz4JDbH4rgUBWXCpTAjhJEMfRD8GGiqHzShGIZk57vIntKQfbQ-aZSU0rALnJpCs-cGSOlEzJVJsRzBI-TXwTs0gvvvM8PJzaVzL88qjAZVsKs6JsaZ9NtOlHKYcICmKqLt2CDTFb4yVnmM2wuXCI9TKRlE0aqPBZ5tTYb-2bsLQE4_PeThRrOYdENnESL6Z6YbfRcvugZDwmw78VDPjJMXFvyWvYRCkMd2ZmFZdONUtB8lZEH9t1Emc5O1i2E07LLA_uBVoC_6WZyN-pDbIz-cN_9Fg-PiVVB5VvfMOCDYWtGMYvFIJeNL0DyugynMjvjwzSK3YuWZ7lcHXH1Q3d4attWRVIG84Oq5REaO5gFnQZe0a-O6cZsVDiR3eQh_s0_yso9WHhZZaXjKkJAq7Wgcd2rQ7DeK9JDD2y2Zp9qbQqIUB9qddDydA8vDe_W_UNpipziKuWAWseTn1j9CXuF66cHOGOGgqKA3ejJtty1isaCInEyon4Lqobpxq4MqoOxCjx0lj_ftmvHhIvnx5rHMohlRXqay--Cwk5Kxc&pr=13%3AZSAV8QAAAADczyJESiYS8r7OF6vUMFFfPUBOzw&cid=CAQSGwDICaaNPgpA8Gi4VZxHf-9hr6I-CK100jI3fhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ejan.co%2F&ds=l&xdt=1&iif=1&cor=16747566082251256000&adk=1980819454&idt=112&cac=0&dtd=27

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70da12299f133d98f5510a500241db971ddb087fb09194f5e774a7b63b150cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35734
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame AC88 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbb010f36768b2a8cb6096aef10033ccf6d70a547052d3b0bed3d981dfe180a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 199C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZSAV8gZmdfs.1VHdiARoMQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENcOpVudz3WHTXrMqsi504Q&google_cver=1&gdpr=1&google_hm=2

43 B
733 B

51ms
46ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENcOpVudz3WHTXrMqsi504Q&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zDETaJvbXuPQhXRpSfov%2B7n1Peta6NNLv5PB9qDEueHdwt7KFNdKp88HMS9aeQ5djSzbzEsalCfOD%2Benl7%2Bl%2BijniNl8K8PVJdMSlai4yqccy38vG5XBKvVsx5wbcJvPiM7WRY6c%2BrZeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80ce19c135fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENcOpVudz3WHTXrMqsi504Q&google_cver=1&gdpr=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 199C 170 B
188 B 71ms
64ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&gdpr_consent=&us_privacy=&gdpr=1&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 199C 70 B
148 B 36ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 199C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&gpp=&gpp_sid=&dcc=t

43 B
568 B

110ms
110ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:13:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2SYEXBPMBE91X792M38C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:13:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8KZE1RFCNJFD3QQXVPWC
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 199C
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e9ab459a0f2d4339ad6df3fb484d8db1&expiration=1699193586

43 B
730 B

53ms
48ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e9ab459a0f2d4339ad6df3fb484d8db1&expiration=1699193586
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1GG02RTtSZzk3qHR6r0ZCoLJepOsIW58RZGl5j29dtUEosOMw00fv9bhrRszcH9ckP%2Bsji%2Fne0IsavwooadXm86JnEjzWRv1FdL%2FEJIbvOIVXh2xY7xRmfVIhCoipxp1hgelRsrvbmWDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80ce19bf35fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:05 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e9ab459a0f2d4339ad6df3fb484d8db1&expiration=1699193586
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 199C 0
453 B 51ms
20ms Image
text/plain 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 199C 42 B
181 B 256ms
32ms Image
image/gif 2a05:d018:cc3:fe05:6646:86d3:d57a:3a46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:6646:86d3:d57a:3a46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2 200 ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 199C 43 B
602 B 39ms
37ms Image
image/gif 2a05:d018:d29:3601:bf41:b326:fa86:2937
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB?gdpr_consent=&us_privacy=&gdpr=1&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:bf41:b326:fa86:2937 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 htw-pixel.gif
js-sec.indexww.com/ht/ Frame 199C 43 B
352 B 63ms
15ms Image
image/gif 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 189
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 811e80cd0f245c38-FRA
content-length: 43
expires: Fri, 06 Oct 2023 18:13:06 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 033C 6 KB
3 KB 32ms
31ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=38735235;rtbwp=ZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg;rtbdata=ZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1;js=1;adfxid=1x;9320;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ec0f73bfe4075ae257effe70749797a4fb02d717ad637358ebc02663cf12844e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2555
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 5418 6 KB
3 KB 24ms
24ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=59377243;rtbwp=ZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w;rtbdata=-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1;js=1;adfxid=2x;9626;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

90371c9e9138171bf8c7801eb07b60fb5cf5633da2e57ab8cd4fa3f1c57f0cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2570
expires: -1

GET
DATA 200
OK truncated
/ Frame 9B0B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6cd2df99c9367e7233a24ed68b0cb715333272d9a46a9e1fb479b4e680ccaa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B0B 0
0 217ms
141ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuU0O_053bh6W6X8sTIuexA7rxwH8DrHoR5djnnk-gf9DAwBEsRhAg9pcWIWXWgTolPS9IOu2D9OIeeeyQqyvvXgQPsMJ-60ps99r1uhHwidAgVeF7sKmpXUk52ttpcfYRfFftUilaQKKl51NjYnXHFhSa9g_TqrXv7HAgRPoHkQB8GyQBeTMq1KlSJExE9yTNPsjszaxZMnn5w5AKhil3OrKfLJBNSZckzZ_52LHDvlEcfecVxyFTh-W-GHu10aTaxfWrAWDZD1CKvd_BT8RBEsQArEE0LgkvrMgqpD7rzsFUiu7sNU9S58nPk6j9QaBGlNrc5rHZpD58-IU-DhuIN4-EDPiY5qg&sai=AMfl-YQrOTP7DAgTJ_LW9l1BWKCE7bnLGpmH88ZHdK9vDkJViqaRHgi14uNMZf_B91Z_6vQhLq3Bgycda8J3TalE6z5R85bQAJZbUZ61S7UuzUN_v02JCVZFL9dpnWaDHA&sig=Cg0ArKJSzGP7yim36j_eEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 14:13:06 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AC88 0
0 117ms
115ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAaUAQONo5HVL_JPopFjt5kQggz7-XUbIMPRTqu9i8uXB_k3HuKS7j7V2qJxbbZMCb5zUF9X5LXNgHtG3pC8fIY107K3QJgGRobjxEAOPEorK2TAcLuXN7WsINBggcikoqiZIcvEDDwEmOiCN7nXffS6gxtzLisCS0HWkK57LgypsfxIt0fEDxQfe9xOPXrZuxPZMsDta6DPpNEpTWg8l8I3IDIM1ApG8CtkOXpWOC3tOh7XdkrNbUCBC5m5ugFdnTbCbVBHSBXh1mSO5gtz6if-KrBdkFCPuimbhXiW0zSrd4skRYGQ4Jt_61pPZnecuifK4_8ZnCVQT-LvhiSRi9884gktWysP6g5ddfA4ZwdTLhqUBw72wVERes2pul_R6HSz44_M6AUYKOsHDOPeQR4_BVczL3nN6jB_VZuapT2sdVqKubEJal6FUOFkhNgLosjd00CwgQYmcvZ3SxCYQT1lEDgRnFIBEIv5MLpdVpPPv89oUhUwQHTdJFDGFmp-Vx_TGrPp87E9Ygj036AdNAwfu4wXom6Hl6kjore7aPvZO16gXIDj2iukpwuOf_PhtVzFUgPEhFadHSPB9irN6wCH10uWlV0lYTKBVPPRKO_PgVH61MdSlBBHaldquMctu7YCf_I8Hq6yUWOQkt9GrLX-wYy5tioe3m85CDyJcSAEOqJL8Tjmyd0iRVnwK-qKWuUq_wke114KIz1lxpDmbBGeaWJW8zdDruMicIioxhu129dd4q53aWW5dm8zbjzDBUXIGWQdY7Y6bcMAhw9OKRUx90ydhxdobLZpmI0rrlGc8X0NYjcslTj6Dg0ac6Op8XP_UxE31Mopg9bhvzixGP0uJawFM6zvReQNcUSNy7VA8vTFucljis5ioE2FmpLUw7498pcMpRsP8b89bIdHB4MH1Ebk15KhBP9H32AUBIvuCDUR28qKgVobpIESG3D8_0b67ge3S4qy9mYeLJ-IV142l-QoXQdMIz2QR_PBV6i8Bt1naW_OyJjh1R89cvvj25R3FQ9wH725qfB_CC2Ib_ANcO3jiD7vSkGZCtdp9wkL5hh_OiavLdLCsN3mhxOpNyxDhSqV6LuvdCHCkpRzG3Liar3Rwxi1EKXAEKwyeNLA2ovKp8nBHXE0qLZes--eEycBa324toQOif4R0tm_ksLopKpPia5pcYWUke6-LifQfoYddXgxfxTxUKk5lJDqB0qHrhT8XY3j-eQjJowV6hyhMPLq0UPScp0sMYAbZYCoiUhfvp60H_ancgq_9digf8&sai=AMfl-YR_NBfS9aKQoA71Ee0mqtzUkKNdwBhVQ7wvXGIT2kLhZ6-X23h8zdA7iG6n-KIDwJv3BbCwxo7vwjsfXF5T9T2fti5bVR_dSlb7qGz9MqucVAjGdUhpcYzZDigtA9feSMWDnA0t3dW9IdJN_x9AFX8DrVlF4YpdFzdf8ia_X2KNiUU-yYM&sig=Cg0ArKJSzPtiRFwv0yGjEAE&uach_m=[UACH]&pr=13:ZSAV8QAAAADsVoH-5rEyD9P4aGD1Rv32SJuJsA&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=319&vt=11&dtpt=317&dett=2&cstd=0&cisv=r20231004.93816&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 24ms
19ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-17d52"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 14:13:06 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1BBD 22 KB
8 KB 41ms
39ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23658
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:38:48 GMT
expires: Sat, 05 Oct 2024 07:38:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB33
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2R6bBlUCQlGIIHZrp5wacA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2R6bBlUCQlGIIHZrp5wacA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTHvLmsXt4r3wmoN7zvyWWcYK03A7Fw4QBD6N2Dv2ZLFsgwMckC4p1AePSosZmf5gLyJoDGlAZsMbJC-0c88FzFpDyhpSLPlA

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2R6bBlUCQlGIIHZrp5wacA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTHvLmsXt4r3wmoN7zvyWWcYK03A7Fw4QBD6N2Dv2ZLFsgwMckC4p1AePSosZmf5gLyJoDGlAZsMbJC-0c88FzFpDyhpSLPlA
date: Fri, 06 Oct 2023 14:13:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB33
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOEYB61HY_qKeCWLwku1PyU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOEYB61HY_qKeCWLwku1PyU&google_hm=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&google_nid=index&google_push=AXcoOmQHnG_qnD_Jg22O4J3qiTzrmBdCT4w15...

170 B
188 B

57ms
53ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOEYB61HY_qKeCWLwku1PyU&google_hm=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&google_nid=index&google_push=AXcoOmQHnG_qnD_Jg22O4J3qiTzrmBdCT4w153XsRb6iW9p6fVPTJxFVU62aW-YGaulfyM_XB2ZTwQzuNutKncZBLbXaS_x9EZaONA

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFrok1Phf931m38rRpgx%2BhvNv7nKlQNib9Zp0Zoq8su4upqDE65Ka3JatrWE4IbfzWHs8TZ0ySSRIkAMlKxuYwcLGZLRQo6Z8NfPB3ycTlwslzQHZzoD%2BfayKxjRL5t0QZzUle6xgvdHnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOEYB61HY_qKeCWLwku1PyU&google_hm=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&google_nid=index&google_push=AXcoOmQHnG_qnD_Jg22O4J3qiTzrmBdCT4w153XsRb6iW9p6fVPTJxFVU62aW-YGaulfyM_XB2ZTwQzuNutKncZBLbXaS_x9EZaONA
cache-control: no-cache
cf-ray: 811e80cd080a35fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame AB33 0
237 B 224ms
43ms Image
text/plain 2600:9000:211e:4600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOcMOSRC4I_tNdCgyrI_BqQ&google_cver=1&google_push=AXcoOmSEj_59SwDeerIvWyAXi_7KhEY0P3opFy98--cS7V-r4OMtCpkEqbOdo-pdthuEgHmEwF2zlppnnVh2YKjVbIfe0w0peHeB
Requested by: Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
cache-control: no-cache, must-revalidate
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: -X-7PfpqV0ls6jJUBfksj6e-6lejWyoXFKriVPc-F5DvFH9X1-D4sg==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB33
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQ_vD43KY2Jr6BOphx9Ft_VTmGCuibmO4_BaPCZqN9A0f2uD4GqFDho0odc_nwiQvYnTNJF14RMC93fs8ofNZMocYUMzk4e3g&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-a1cb47af-b083-4c22-a2cd-bfc48821f446-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQ_vD43KY2Jr6BOphx9F...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ_vD43KY2Jr6BOphx9Ft_VTmGCuibmO4_BaPCZqN9A0f2uD4GqFDho0odc_nwiQvYnTNJF14RMC93fs8ofNZMocYUMzk4e3g&google_hm=A6HLR6-wg0wios2_xIgh9EY

170 B
188 B

55ms
55ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ_vD43KY2Jr6BOphx9Ft_VTmGCuibmO4_BaPCZqN9A0f2uD4GqFDho0odc_nwiQvYnTNJF14RMC93fs8ofNZMocYUMzk4e3g&google_hm=A6HLR6-wg0wios2_xIgh9EY

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ_vD43KY2Jr6BOphx9Ft_VTmGCuibmO4_BaPCZqN9A0f2uD4GqFDho0odc_nwiQvYnTNJF14RMC93fs8ofNZMocYUMzk4e3g&google_hm=A6HLR6-wg0wios2_xIgh9EY
date: Fri, 06 Oct 2023 14:13:07 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXa1cb47afb0834c22a2cdbfc48821f446003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB33
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHM2Iez5-Tqy8tM2o4My-Dw&google_cver=1&google_push=AXcoOmQSNVkotoJRXY6uWKSZatncwWzTGTzG9GdRdiSr0iq14Jje9OLeBZYZBUhmm1d2571sjTK3OA3OZGOE_8yAg0hhVV90Re...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQSNVkotoJRXY6uWKSZatncwWzTGTzG9GdRdiSr0iq14Jje9OLeBZYZBUhmm1d2571sjTK3OA3OZGOE_8yAg0hhVV90Re-...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUyNzUyOTk3MTkyMjc1NjQ1NTUzOA%3D%3D&google_push=AXcoOmQSNVkotoJRXY6uWKSZatncwWzTGTzG9GdRdiSr0iq14Jje9OLe...

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUyNzUyOTk3MTkyMjc1NjQ1NTUzOA%3D%3D&google_push=AXcoOmQSNVkotoJRXY6uWKSZatncwWzTGTzG9GdRdiSr0iq14Jje9OLeBZYZBUhmm1d2571sjTK3OA3OZGOE_8yAg0hhVV90Re-uuw

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUyNzUyOTk3MTkyMjc1NjQ1NTUzOA%3D%3D&google_push=AXcoOmQSNVkotoJRXY6uWKSZatncwWzTGTzG9GdRdiSr0iq14Jje9OLeBZYZBUhmm1d2571sjTK3OA3OZGOE_8yAg0hhVV90Re-uuw
date: Fri, 06 Oct 2023 14:13:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame AB33 0
45 B 213ms
33ms Image
text/plain 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJ3odasghcuFldxA0QosZm0&google_cver=1&google_push=AXcoOmTTNVgySaAs410vbulfbGWdGpyxLMYaOWd5NKde3p6LJsq0l8G_rZ5cBDEmAgKnevMHxbz_9QhbYq2Qwt74tzACaQ2qhKyRXw
Requested by: Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame AB33
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJDv6M41TCWc1ufPYM7xW4E&google_cver=1&google_push=AXcoOmSYFCesDKhEJS3n6T2Idve_q_146_zUSdC93sExgb85ImjeA354TPeGojg8ycj29tTqQlzNAQa3ao3...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSYFCesDKhEJS3n6T2Idve_q_146_zUSdC93sExgb85ImjeA354TPeGojg8ycj29tTqQlzNAQa3ao3ecQX6sa0vmlUvHQgQ-MU
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

8ms
7ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AB33 0
12 B 131ms
127ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDhPSA0y_W4t0NouotIQxbWxZB4PPuZiihbZpcO2XZbWZzfwYDWJdFx_MRg8XTHdVDaQKmNA

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 033C 25 KB
10 KB 191ms
27ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 250952
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c93rfrSioQ5I2glwihF1k%2BZ3zIWta0AR6VPJTkno6uWMtBmH%2F6%2FH30qJbr8eCXovsYvkmAjVNxNzuGHtcWHLP%2ByjTCdg058T%2BDmIBCC5xrS4SNbQ%2F%2FEvFuWmeSNaKdOaplgcPgg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 811e80ce1cbb1d86-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Oct 2023 16:30:24 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 033C 35 B
589 B 60ms
52ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=38735235&csi=UJu-Uw0Nu20A8ND2l-nnpiAJq_3wSyslqS0eH6U_iLPrygPkIxxfkyuhpzPqriHmkc322OkUuWGP4P6BXvdjUWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://www.ejan.co
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 5418 25 KB
10 KB 192ms
29ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 250952
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYxsfS%2F4EPw%2FRMebSzGDuTFwYQTk6VAUf4rgaqwy6GAbBKJ431AcGAdXLIcUURA%2BRo49%2FOx2IgLKJ7RE7%2BJbYt1TwcssE3asDEBkw2GLRvh7nJDX5%2FC400c72L0E8w1hUj6HT7c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 811e80ce1cc11d86-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Oct 2023 16:30:24 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 5418 35 B
589 B 60ms
52ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59377243&csi=2D8g9Ld1GH-30fyWQi8EcAo7GbIkt8haLyEiX5v5orTrygPkIxxfk4r1Dh1DEXAnwew3RL89HHpx76O4C-ObeWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://www.ejan.co
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 645F 15 KB
6 KB 37ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.ejan.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:13:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 1014803
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.141.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 106ms
22ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.141.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-17d52"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 14:13:06 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 033C 35 KB
15 KB 60ms
34ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c6d8f1bb211f1cc56c2d65ef97b49e27407c581b9d030be87ed80788634b269a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 10:58:46 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Aug 2023 15:08:03 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 5418 35 KB
15 KB 63ms
38ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c6d8f1bb211f1cc56c2d65ef97b49e27407c581b9d030be87ed80788634b269a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:06 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 10:58:46 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 24 Aug 2023 15:08:03 GMT

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BBD 37 KB
14 KB 52ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 09:32:25 GMT

GET
H2 200 16251784296504023533
s0.2mdn.net/simgad/ Frame 004D 14 KB
15 KB 43ms
38ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16251784296504023533

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-7zSKvgbGofpLMfWDILWpCBr1A1gZYDIROsN8Jh20L1Y-vpGw_HpRWJzn_M7TK5tJ7RBQGWDpQHq2cfg8mihuntGuO_umxhxvXhFT_BPy5NgUwVJbsfNI8PhTrbGHeUYT8dQ_T2pVUVgZi4a2J2eQY1n4kchoRVTHkXenAc-9OZ7Mm0s&cry=1&dbm_d=AKAmf-CM-ncxHrQDHjkSotrnXSh8FlK8osLyzegB0NskjdgDO9YuZYPrjos3leH5Ge0qnCyKhbm_jYRl4J_v2_cPkRJ_vzMb8yK0O9tHy2qcwvPhKUSW7rc6i5DVrjGkHxsWobzxuyF7iBfryIWW18_9PDAVCufIUEEzLdC607CBmqTqd3Qafpg3GTzIsszhpcPEJiopAyjQImUO_4YMIts2P5Q9gv4v3DpgMLSSve8w8X2RqGLqweI-WEeB4vDDQe3FCZFDvj71RhOarAuSruj7FqLH2yXingz_O12w9jTit4B07nfy0RbiJqEuHdzhclQlDEY7dG7dF9juStbEWKKQGW2Mq2SZRL1uYDpVIS_SztvGYc6rkmFR8Xvy038sPFW9kqEQoctqY0uWBY9OlL5uaeFh0lSsxBw0XD7TpBuAofJQXr1DpvbSGo9gf-00RGPDp0KJyyVZOdIfMSQVknvVrc_9IH5V7_VPJvegC6INc4sImyBf8KDjcmqJ7BlJpw_ISjRp13WICZ8YtInXXaGr74RNQp_t2LGVFzFyq7m5nIL3b06IxXK-pzxH-SbqL-t1Yic7nkoHhf-LJBFI0z9WnMii27E0vouzY81eQOziWtCMKWkGg65V0tPnbasY6WoW6KjoC3Bhf1_RXXbiDBEG50PuSMOgMVoO3tYKTdFC9QInDUWDpQGvVOJXxMTDLdR7auAmcck_2VrfhdmFOn7ac6yXzXJ5JucWqiGOiz7LCuuz-KOgVevEel7MnE_M8g3lHcWtX4Ig41yrZbkY3go_0t4znE_mRr2lq6zI3YmaWmAnJ1ZfXo86vl2tXAhuG4UlMT8Tw-bS_5FOZjwtdw1SjtqRLK7Q0WBhy_dW6GYTTj7FwDBZPhAWjV62B99SQVje9lVeCf-5EEjsozTJ2zbLVkF8vmv_R_GBHinbBHuhWrCfite1INkjVKh1hahcclWtKUknJgROoH3V8k9kjlE1oUwcc7sf-_KYIuQaJ7H0m1EUVF7Yru8wdhb8BI3-2FGeM5ixelPYxkuJqVh7IqF_XSngff3E7Svayw36-Ywdq2QNaceDRYZESOQa6B61Spfr-jx1InOUaSjyLLhuZDqb58fnd29RwwWCopgfedrEzHSVuywPSVjNJD5Z_RDNpeEXAj1K-V3JRdYIP7fNJEZWSX5rRw2NzCun9rgo1e6syatvhOpJN04c4-W75pBtRYk0bD-1xq3UwAcl1CfTgwp208gsyHvL7SBNsPOHek2OIwlgDpT99vZgA-5iF-z5KsVCiZMEDeDYJw_lwMpbN_1KO9zUaMCqjaMaXMsve3yF2DAhls2vIs0AkYvq63mWC0BmhvQkTV_zEGWtYlwzjw3lEjI_x36PNoWd2zo4zEuzkV1YhENhsR0CFN63PlDjWUODbCI8WPgKIt3xs9--MFNSmvAh9tD5A7Wcg7-4pCGXmpXq8qiPe-TlhdMUEff5SUXNV7nQ_c-fTfOGq6ujbCRgrf-3Eu7TnGeQY8KhU4-ucu25sDePm1vcuPHrIrt9GKSDMoTOmyGnNO2fHoHJh1aZk8_vFG_3-Afkl0kayFF7DmDzHzontrCn76armj3vi5XN6hZh9JQTbON8wT8G0qqUeQZN3YUdFNMtIGFnp9gZNEnOCxIKBtiLTjCFaMV6daLAK5n9b_YirUPmxJwAsfvD_uiIh_NMpCqXgBo5-z8wQQxUyvkaO3EBd3B4UzvnrTyHK3bB5Y30Z_BoarNBvr1ovfLFFsyYCk13RZNsELVyc78VuN63-VNopmwWJFu2Lq-zSNaDBIIm1CT49DptTImCx6cTxEo6Du1BlsF2v1pzGC8sc6WNCMl4xtJyflhsJYT5uR1gTg5TyxXeXubv6affTkKvkswsVJ1ClUj9-Az1KH-suU_QxAgcnZmTWOyM3-UgJyWKlUx7xqUSSPnl-saki4JrMW6obg8w1UyTlc4IbJtiscu8PTFd-7KFe16vmWhwAGPNPx4F1REIk4WQ3sO7pVkmSofIe2aduAOJdgirdTHzkhCjZRQdShp0JIXevJnS_Oek_N0qKApATilYM9bXdDjVt-DIPp6v9rOSAmcMP6Pd9Dpv41hm0gbei_VY_89m7SUVyYHt6dxmH2twNkVahhdX9wLUhytaWzkKEI2zCTjGt4CJ5aYS2mcExBSP6iJLd1RmoHHJS-mHBjJWk2DCQldv8pum_FEoGCOJXqDDrbcNAYLVjRRyFnNpFMD6Qq3J8XTAhgnnHQfL-SaW4fTkjWUevmk0wDGaO5p7yqU3dsyaV5PJGp0Bj6ZFLpCYnPjKtTJqzuhRDgfPrTxkBvlD7kv1FGiMw0dsPJz2fH3ER2VM_ZbZV7hppQb7RhNUVPFF5IF2MJz58oolGZWzmzAtE8pagdrCQ1k2Lgzfb84MHImRQxr7WNSb1kahpqil66lsO872tSB4pHliyyxHKaWCZvW4-mP9VstMBaoT4VQOtp9UjXI6rVu8kqlZXWoyEc28XakC1OX8DtoKF8n9mbT6ODpg1WLEIc-DJVz4i6Q_-l_x4LQzdvz5SsLshudVxOm_zWY_5vtVROLKKbinVN5pYRT73VUQetscrM_F_suEgu1CkLs_xTy_PMToyGzKglI7ds9XyWtUpqQtRrwdh9KHZGYJdVZTG6UOVPIqf2Fz8NTfqJ2yCcMAv_JV8bxb8aa_OhwmhgOB2xvCb66HAjGINxs2qn0pWCrc8rbVgF1gLJi9VJWhI-LDV5gNtkocA2JWZdoil0TBa3HMXBEyr_2Yz477NFCHh9KECrL4D2SZI369vyWyQeNXoIp3chCWxom7fvdvnylmOcOMKCD13UoEns_I18oHgkaqtZThjBi8p4yUPO5fDBsdqDKSqvFR4l4YA5dwGtfYg2Q0u9M5OTwDTEsYGCeq_IQ99UhCEez5FxvKdz036zKCUA0DhBB68jkEwTbDP6fqih3CJBczgCgbm8QLsfceCbEuG3pdNmuXP_ch3HUO5JlkEh6wwuaic9pozc3TPIag0wp-AKlqEDgy6XD_FmGxA1M_8xd2wR-Fwy6C3fYMYHngBZwe4KEX5iDtHgIvKaHCVBtZvnwNxCY_sGUX0eX343grrByFEtZ5qjQW2E2hkKCqKfcD_siGr-tXyV8C4M2kL5YpUZQdlT_0mPifEtfu_KlX2Z1DZm4Dz4j6iLQhGBhdr8DQFBehVbIDcIGLBYGOMXx9cOVKSP6xBA6udS9NE30cyzc3BCv87afIXh6q5TzaGX4YiguroxPDv9a8I2PC-gNRskQ9imGfgy0dOiQ9Hr0AKeNIluBG9bGFOeM7ZbQPCDVcE2DPWOlzGI1DFmYNAFP69k5gV-_70vkaJ5HfZvsCGqJsiNUf04-ey0qfEtwgaWN-uLnK8N2t71sJd28QJ2xrh4bNC-uWPaiEzomV6H6Q8rKyE-BHEXSmcZ-mCdSDSlDlejUas6Gl1dFTf3X9_lQENWEpeaJ6QjAOn29-eWMRaTgnL-XxR0w5_unU6EVnkGgRHcg2VUWrC2cYIdCroVOx92V5AdGq-k4VL-aHXTbCQ7rkZk59iwYV5TCTNbr12zUVaxsjqgtIyZGYEPXNsbC07r_t2JT92jiYv-gJVbqLP2G0oC1TrIf2yt3MVIXWynFu4wAfXak8LNqE3svNTMcXEVZ7gsAj4kd-CTKeITT5yYDCi6yRknNP05yO4kY502fQ25j56WKc7OuqPB97rlYqz4JDbH4rgUBWXCpTAjhJEMfRD8GGiqHzShGIZk57vIntKQfbQ-aZSU0rALnJpCs-cGSOlEzJVJsRzBI-TXwTs0gvvvM8PJzaVzL88qjAZVsKs6JsaZ9NtOlHKYcICmKqLt2CDTFb4yVnmM2wuXCI9TKRlE0aqPBZ5tTYb-2bsLQE4_PeThRrOYdENnESL6Z6YbfRcvugZDwmw78VDPjJMXFvyWvYRCkMd2ZmFZdONUtB8lZEH9t1Emc5O1i2E07LLA_uBVoC_6WZyN-pDbIz-cN_9Fg-PiVVB5VvfMOCDYWtGMYvFIJeNL0DyugynMjvjwzSK3YuWZ7lcHXH1Q3d4attWRVIG84Oq5REaO5gFnQZe0a-O6cZsVDiR3eQh_s0_yso9WHhZZaXjKkJAq7Wgcd2rQ7DeK9JDD2y2Zp9qbQqIUB9qddDydA8vDe_W_UNpipziKuWAWseTn1j9CXuF66cHOGOGgqKA3ejJtty1isaCInEyon4Lqobpxq4MqoOxCjx0lj_ftmvHhIvnx5rHMohlRXqay--Cwk5Kxc&pr=13%3AZSAV8QAAAADczyJESiYS8r7OF6vUMFFfPUBOzw&cid=CAQSGwDICaaNPgpA8Gi4VZxHf-9hr6I-CK100jI3fhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.ejan.co%2F&ds=l&xdt=1&iif=1&cor=16747566082251256000&adk=1980819454&idt=112&cac=0&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1d30dfa791e1125588bddca1eb3d05b4bdb3ce840765bad8c08b9ba7d28b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 21:44:21 GMT
x-content-type-options: nosniff
age: 577725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14805
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 14:51:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Sep 2024 21:44:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 004D 30 KB
11 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:38:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 004D 11 KB
4 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:38:45 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 004D 0
0 124ms
94ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuh1aDlxU8EpkVWgb2ldAvxEOZXnDMwTiz5Po3diM_QRcVjo5dyMno0WGhtFfBSSyONH2HRLU0Voc9XZhvzRciGdpOvyO3H4ctz5zn1u-pHQHMOoCNk5a4VF3YvuMRJd8i9We7RqIqH0_L1N8U-jHipznnPbXiXoSm10G9-CU1Xt8VZNpKPwnJ7IvHMiofu494qBIT8ik62OidtTxnQhRUj0HwdqG7jSniUjdjTdRsU1iyxeas3EtthXnzTcgEpcE0r-b3amw4ToR4GpVSNouihZk4vcAUW5SF82tW3GHjiPUUfWOuoYm8LAPOBevu1A2jlJLzQVjMESTxvVd9SIXQxa0rreh3f1A7NkKrVM2ZxB0K0dneXRdVZXD4gaeNgb6LtG_t7U8uLSAsMRqs2_Mv2Od0AkB6hSCI_voCzRX-_bUxmA2Qk1BU1ElWPbDOlN4n99aX81HGiTByZzqoJXvJQKSvg3OK7Cn-pYrxHhUJnn4xvYDpC7P9D3Z1LTBQ0CTsZLO2YGyRYHbKhxpSjh0QVFjTnxC2PnOjwqwcm5aZSccnFaRzwd1sJmv0N2NwCTB2N-WUc2S6TW9oT8WZsAHxToNJ-RRF21f0Nff4nTTTXPMIZvZxSLjrGfJFJyEcCoyt3j_-SJ_pOod0LrCS7UXZmLEz5k758qbNsLqyk4V1dsp2PeUNWg_Dh0i8soMaUxuJ0pBVjwV9xzq2XXGShJUgTddXp6pJFE9sY7GcYLitkyXtc0FWMHF_WUPZfnNbNADhSlrc6tEoYHhN5QA4sjspJ4OcMEsoInyGxVQLbNEHwMhyd1XC-AEmQ8AB9DzE1iRc1KokEDcO_0ur73IVYCocV_C6ypnrsB6tqgRCc0lgJQemlfcNdLKkHi4jJbwdyu0xUTDJj8fXGHe3JNOvQ7Pvu9yDdExpctS_FBasoDwSjVIfKJB3bgqPy7GU_FTIBBckdDmPzAfL_y543TecceOXm42rA--XS9ySQ5k9kmTiy2A0rKQ7O5KQlhi7D5bbxqExxxdfs5XIw4aPvolqw4OCF0v3up2NyJvQbXzcF2jjcEvsDOqYxF1NPB4pbeSLwpp5jK9k7r4wq7X7niLhgW-BkArxlLlGjznF-h4COS8fmGZZcCqQPp28Yg2OGuRxwxrRuYyoO1rj7PWgwCB4TuhHbvUHuImtUf6ex6IMsPb3_h8A4h2v-6iFpunX2eHkjzBnGmyH3GUxXH6lczF98aBIyLvUr97i1F0Zdv6VFwEy-AoVx3nNORJUpj8VkkiyyzUKk&sai=AMfl-YRx39hIiGLYxeWYeeftqcugDETAsecb4TOs38ZB4LkltWqTF9IPbomvoC6Br3X5DkIoeOaUPluSKrNja1IwvJyPCSeseHlaMsreEEP9NusnOAIIBs_qrrzNPY2g5--wD_E7JKlvJcV8AtdFK2PrBQbN8O8oSC_jrfoFGk-JQilCfgkvC3k&sig=Cg0ArKJSzE937DqyHoxNEAE&uach_m=[UACH]&pr=13:ZSAV8QAAAADczyJESiYS8r7OF6vUMFFfPUBOzw&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=1&cisv=r20231004.94404&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 06 Oct 2023 14:13:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 004D 41 KB
13 KB 66ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 12:26:28 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 3A6E 2 KB
1 KB 31ms
30ms Document
text/html 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Requested by: Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f410be57db3c00ec346c5aa396fe53983fde192b05496c68342133b4cb8276

Request headers

Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 811e80cedabf35fa-FRA
content-encoding: br
content-type: text/html
date: Fri, 06 Oct 2023 14:13:07 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7lEiV6T%2Fq50DOBk2XRNgU9Mif7StuLyT8H3A95ecsSompEiSpIAD9YeBuQjD1nxr4tZJTwpKTd4yAj%2B0XfnhPogCRUpdVS9V9HNWGNBmsOHEXTFwLWGkD7%2FYE%2Bb1x%2Fv6n0aNlTe%2B8ZOPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D4A9 1 KB
643 B 57ms
56ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 22:36:10 GMT
etag: 48472445140208031
expires: Fri, 06 Oct 2023 22:36:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 004D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45a38360b6021d586489273c7efebe913190b9af6496dc3963fb78981aff1b51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame 645F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ejan.co&sn=ChromeSyncframe&so=3&topUrl=www.ejan.co&bundle=bX8G8F9KeW9tQ2duRGd3TWZOZnVIbzBBRzJiZ2VhWWlVSjY4JTJGRVpRSDZhM1I5a0dHRFRHVlgwJTJG...
https://mug.criteo.com/sid?cpp=UTLKpHxoTEpUcUp5VTdFM2o1aS9ZcmdmZGo1RHVNMktoOXFSSnkxOGRzc3Qvclh6QncyRGNSQUc5N3c3eE1zZVJGc3pSTEtzWldNV0RqcWk5UkpxeGxZTzFJMW5oKzhyYzJOQnRkcFkxMmV2WUE4NlJBTzBEcE1NcHJTaj...

415 B
645 B

21ms
20ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=UTLKpHxoTEpUcUp5VTdFM2o1aS9ZcmdmZGo1RHVNMktoOXFSSnkxOGRzc3Qvclh6QncyRGNSQUc5N3c3eE1zZVJGc3pSTEtzWldNV0RqcWk5UkpxeGxZTzFJMW5oKzhyYzJOQnRkcFkxMmV2WUE4NlJBTzBEcE1NcHJTajc1Q2JtWjFnQjRseC9jSGlZZVdaVS9aQVk4a2tYZ2t3ckc1OEhmWmVpTzduR1BaVkZRTFhOSGtzSlRVM1gyZU1GR2RyeHd4OU9rdkpEYjVKRzVpZWU1S2c5dDhRTGw5U3lRbzl6cE5sRjhmcDc5UElGb0s2SGRtQWI1c08vWWNhTHd5L1FWZEtrMUErWTNaS05JOUVSd0drbllsajBUdz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

45cb21569883b705efac003f713e3dcd819ac50cf548d98ec25083f91c10fda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 807736
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=UTLKpHxoTEpUcUp5VTdFM2o1aS9ZcmdmZGo1RHVNMktoOXFSSnkxOGRzc3Qvclh6QncyRGNSQUc5N3c3eE1zZVJGc3pSTEtzWldNV0RqcWk5UkpxeGxZTzFJMW5oKzhyYzJOQnRkcFkxMmV2WUE4NlJBTzBEcE1NcHJTajc1Q2JtWjFnQjRseC9jSGlZZVdaVS9aQVk4a2tYZ2t3ckc1OEhmWmVpTzduR1BaVkZRTFhOSGtzSlRVM1gyZU1GR2RyeHd4OU9rdkpEYjVKRzVpZWU1S2c5dDhRTGw5U3lRbzl6cE5sRjhmcDc5UElGb0s2SGRtQWI1c08vWWNhTHd5L1FWZEtrMUErWTNaS05JOUVSd0drbllsajBUdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 284535
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame 033C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1871094f9e890357a2867e967397fd342d3be0ba8fe4f69806bb5d54a7cbb055

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5418 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78c26fbe1e16602c2cf5b553ac1a61d9bd239a07eabb47551ccfa3caec147652

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 400 getuid
secure.adnxs.com/ Frame 3A6E 0
0 15ms
13ms Image
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 3A6E 0
38 B 12ms
11ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&gdpr_consent=&us_privacy=&gdpr=1&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 3A6E 43 B
696 B 151ms
76ms Image
image/gif 2.21.20.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&gdpr_consent=&us_privacy=&gdpr=1&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:13:07 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1696601587342074-604
Expires: Fri, 06 Oct 2023 14:13:07 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 3A6E
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADP_k7KQCwAABhx4-TyRQ&expiration=1697811187&gdpr=1

43 B
731 B

35ms
35ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADP_k7KQCwAABhx4-TyRQ&expiration=1697811187&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDJCNMNcj5l0z3cxds5a1k9%2F5VY5GABUmP54vimTABzNHRIQCrEunoJtIkHjwoC%2BVkbJeKH7HjW6kE0UZGgufKEY8zrJThS8m2Kv6uehNvE6QPh%2Ff4FLoHdlmANenHn1Kcv9k2utk2WrSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80d258bd35fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADP_k7KQCwAABhx4-TyRQ&expiration=1697811187&gdpr=1
Date: Fri, 06 Oct 2023 14:13:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 3A6E
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

43 B
733 B

32ms
31ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4037TInxiwqccGYEAxXjosDKElS9quaZKPcXdaOMHrS%2BvR9jvrLKLWeArelwC4xss%2FsqJl3tQAlDlSdkXHlWjxw%2Be3twfQ2iUKAxO56MS%2Fcmu5Pm0Wlh28xZpTo3WJSCoGYy7dEgSjiRbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80d40b2635fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma: no-cache
Date: Fri, 06 Oct 2023 14:13:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 106
Content-Type: text/html; charset=utf-8

GET
H2 200 bridge
cm.adgrx.com/ Frame 3A6E 43 B
283 B 143ms
47ms Image
image/gif 173.231.181.122
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.181.122 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-3
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3A6E 0
187 B 141ms
46ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:06 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 3A6E
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336725610154321

43 B
733 B

38ms
37ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336725610154321
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dtd0%2FwJ3BpW6ZOnYG0crfu9U2oZODwyWzTfudPwEd4atxnMmYN6PxuuL1bRpKfZXfJGqDSctUAmHOj8S6713f%2F3grbza8%2B9fGF0jIelkCFMhHoK%2BMIE6UENzn1EdggUhSQDcch4pPzw5Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80d1efdf35fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336725610154321
Date: Fri, 06 Oct 2023 14:13:07 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3A6E 43 B
152 B 21ms
19ms Image
image/gif 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 190
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 811e80d0bae55c38-FRA
content-length: 43
expires: Fri, 06 Oct 2023 18:13:07 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 004D 0
0 86ms
85ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuh1aDlxU8EpkVWgb2ldAvxEOZXnDMwTiz5Po3diM_QRcVjo5dyMno0WGhtFfBSSyONH2HRLU0Voc9XZhvzRciGdpOvyO3H4ctz5zn1u-pHQHMOoCNk5a4VF3YvuMRJd8i9We7RqIqH0_L1N8U-jHipznnPbXiXoSm10G9-CU1Xt8VZNpKPwnJ7IvHMiofu494qBIT8ik62OidtTxnQhRUj0HwdqG7jSniUjdjTdRsU1iyxeas3EtthXnzTcgEpcE0r-b3amw4ToR4GpVSNouihZk4vcAUW5SF82tW3GHjiPUUfWOuoYm8LAPOBevu1A2jlJLzQVjMESTxvVd9SIXQxa0rreh3f1A7NkKrVM2ZxB0K0dneXRdVZXD4gaeNgb6LtG_t7U8uLSAsMRqs2_Mv2Od0AkB6hSCI_voCzRX-_bUxmA2Qk1BU1ElWPbDOlN4n99aX81HGiTByZzqoJXvJQKSvg3OK7Cn-pYrxHhUJnn4xvYDpC7P9D3Z1LTBQ0CTsZLO2YGyRYHbKhxpSjh0QVFjTnxC2PnOjwqwcm5aZSccnFaRzwd1sJmv0N2NwCTB2N-WUc2S6TW9oT8WZsAHxToNJ-RRF21f0Nff4nTTTXPMIZvZxSLjrGfJFJyEcCoyt3j_-SJ_pOod0LrCS7UXZmLEz5k758qbNsLqyk4V1dsp2PeUNWg_Dh0i8soMaUxuJ0pBVjwV9xzq2XXGShJUgTddXp6pJFE9sY7GcYLitkyXtc0FWMHF_WUPZfnNbNADhSlrc6tEoYHhN5QA4sjspJ4OcMEsoInyGxVQLbNEHwMhyd1XC-AEmQ8AB9DzE1iRc1KokEDcO_0ur73IVYCocV_C6ypnrsB6tqgRCc0lgJQemlfcNdLKkHi4jJbwdyu0xUTDJj8fXGHe3JNOvQ7Pvu9yDdExpctS_FBasoDwSjVIfKJB3bgqPy7GU_FTIBBckdDmPzAfL_y543TecceOXm42rA--XS9ySQ5k9kmTiy2A0rKQ7O5KQlhi7D5bbxqExxxdfs5XIw4aPvolqw4OCF0v3up2NyJvQbXzcF2jjcEvsDOqYxF1NPB4pbeSLwpp5jK9k7r4wq7X7niLhgW-BkArxlLlGjznF-h4COS8fmGZZcCqQPp28Yg2OGuRxwxrRuYyoO1rj7PWgwCB4TuhHbvUHuImtUf6ex6IMsPb3_h8A4h2v-6iFpunX2eHkjzBnGmyH3GUxXH6lczF98aBIyLvUr97i1F0Zdv6VFwEy-AoVx3nNORJUpj8VkkiyyzUKk&sai=AMfl-YRx39hIiGLYxeWYeeftqcugDETAsecb4TOs38ZB4LkltWqTF9IPbomvoC6Br3X5DkIoeOaUPluSKrNja1IwvJyPCSeseHlaMsreEEP9NusnOAIIBs_qrrzNPY2g5--wD_E7JKlvJcV8AtdFK2PrBQbN8O8oSC_jrfoFGk-JQilCfgkvC3k&sig=Cg0ArKJSzE937DqyHoxNEAE&uach_m=[UACH]&pr=13:ZSAV8QAAAADczyJESiYS8r7OF6vUMFFfPUBOzw&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=303&vt=11&dtpt=300&dett=2&cstd=1&cisv=r20231004.94404&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 frame.html Show response
ad4m.at/ Frame D16B 2 KB
1 KB 29ms
28ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2314109
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 811e80d03fdc1d86-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 06 Oct 2023 14:13:07 GMT
expires: Sat, 09 Sep 2023 00:14:58 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2heKpFzJtiiwzMCIlTVG7jtcKCfjsQNnlsC6595zxyOLRNX3dN6P6CGzd2NLxAlkAWuXAPjyFJTe6%2Bst1Rae27rcUaM0P1DnLzr0vUzhkYVQ34IITRLkxyR2sWBX3orOGRGVQtc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 frame.html Show response
ad4m.at/ Frame BCE8 2 KB
1 KB 40ms
35ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2314109
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 811e80d068191d86-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 06 Oct 2023 14:13:07 GMT
expires: Sat, 09 Sep 2023 00:14:58 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLMBClJtGHoAp8FdPpzUcIn7R%2BYnsawvHhErVSiYiQ9qSTzXtTllqGxOiX2dr%2FQ%2B7gN83p9wDoTHrte8omYuUACyuxIl1EfXvnD67GYtjpnOlwzPhfw7PCdYefRWqgGEuZcDXfA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5751 22 KB
8 KB 42ms
41ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:38:48 GMT
expires: Sat, 05 Oct 2024 07:38:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
1019 B 218ms
217ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696601587355&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1558&pt=520519896&tz=120&viewable=true&ddast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3135285&dpubid=552925&abtst=eidc_vB!expl_vE!nonrv_vA!ufm_vG!uftchrwf_vC!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fwww.ejan.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d5114460588fbbcabf495ce05187f1cbbdd10afdc7776511b17046e068e053c0

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 06 Oct 2023 14:13:07 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1429
x-cache: MISS
x-served-by: cache-fra-eddf8230128-FRA
pragma: no-cache
server: nginx
x-timer: S1696601587.362864,VS0,VE201
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4A9
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKAEF9aOURreek5xnnEU5vE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKAEF9aOURreek5xnnEU5vE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UUpLZFVlZEExUU9Meko1&google_gid=CAESEKAEF9aOURreek5xnnEU5vE&google_cver=1&google_push=AXcoOmQEz2Vkw3RLPvh8zM0t59389hSKUyF6XDH6Adi-Qq5...

170 B
188 B

60ms
60ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UUpLZFVlZEExUU9Meko1&google_gid=CAESEKAEF9aOURreek5xnnEU5vE&google_cver=1&google_push=AXcoOmQEz2Vkw3RLPvh8zM0t59389hSKUyF6XDH6Adi-Qq5ydIiDdmx4mrZkXZCafDlMd6BdBmquRvQdgZ23FHiieMANlDpcVSflJw

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:13:06 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-038ad97d93033251e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UUpLZFVlZEExUU9Meko1&google_gid=CAESEKAEF9aOURreek5xnnEU5vE&google_cver=1&google_push=AXcoOmQEz2Vkw3RLPvh8zM0t59389hSKUyF6XDH6Adi-Qq5ydIiDdmx4mrZkXZCafDlMd6BdBmquRvQdgZ23FHiieMANlDpcVSflJw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4A9
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDtbR7iu6EhBevcsIlVsF8s&google_cver=1&google_push=AXcoOmQ2In_oWR6j0u5L-f5bC-vPlPX2QYYxa6ZjTjz7_wUOeKGpTLygE7m3jOACbrGHOQSG89dDBWsMUeDYBgddGMiHlBCtZZiUQQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=10101D4331404DA5BD5B392E2E87E2D2&google_push=AXcoOmQ2In_oWR6j0u5L-f5bC-vPlPX2QYYxa6ZjTjz7_wUOeKGpTLygE7m3jOACbrGHOQSG89dDBWsMUeDYBgd...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=10101D4331404DA5BD5B392E2E87E2D2&google_push=AXcoOmQ2In_oWR6j0u5L-f5bC-vPlPX2QYYxa6ZjTjz7_wUOeKGpTLygE7m3jOACbrGHOQSG89dDBWsMUeDYBgddGMiHlBCtZZiUQQ

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 06 Oct 2023 14:13:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=10101D4331404DA5BD5B392E2E87E2D2&google_push=AXcoOmQ2In_oWR6j0u5L-f5bC-vPlPX2QYYxa6ZjTjz7_wUOeKGpTLygE7m3jOACbrGHOQSG89dDBWsMUeDYBgddGMiHlBCtZZiUQQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 05 Oct 2023 14:13:07 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4A9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOEYB61HY_qKeCWLwku1PyU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOEYB61HY_qKeCWLwku1PyU&google_hm=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&google_nid=index&google_push=AXcoOmSgzjLlRU-0IJ_JLscA4xWmNcV4m0zFq...

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOEYB61HY_qKeCWLwku1PyU&google_hm=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&google_nid=index&google_push=AXcoOmSgzjLlRU-0IJ_JLscA4xWmNcV4m0zFq8WAlQaGN9883ncTum2N06cCtsuRxt3qEJHSgtWUrQZK1JX38OAQcGZq7keHppnzvA

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfR5B%2FWEh1QOLxJ4wzeS2vzuHR1BLdQufIE3K8eSO3VUQXZYqKlFAHAoFiFJe5kgae8qR%2BW%2B9xoG1qz%2FVqkHck6DNKpI2Sc8x57JS%2BQReRZ3sQR7IA345x1840sWrkm7X7KO9fV4eyLZWg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOEYB61HY_qKeCWLwku1PyU&google_hm=ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB&google_nid=index&google_push=AXcoOmSgzjLlRU-0IJ_JLscA4xWmNcV4m0zFq8WAlQaGN9883ncTum2N06cCtsuRxt3qEJHSgtWUrQZK1JX38OAQcGZq7keHppnzvA
cache-control: no-cache
cf-ray: 811e80d14efb35fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4A9
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
https://sync.targeting.unrulymedia.com/csync/RX-a1cb47af-b083-4c22-a2cd-bfc48821f446-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmT9rScFdCVQOZslLMPAy...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmT9rScFdCVQOZslLMPAyiJSuDbHVDxcEIxxHx9A356a9UN_jV86-UEanGFoLbEwF0KXAqLWocnID4t7i3ELgLSq4zYcjTXP&google_hm=A6HLR6-wg0wios2_xIgh9EY

170 B
188 B

54ms
53ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmT9rScFdCVQOZslLMPAyiJSuDbHVDxcEIxxHx9A356a9UN_jV86-UEanGFoLbEwF0KXAqLWocnID4t7i3ELgLSq4zYcjTXP&google_hm=A6HLR6-wg0wios2_xIgh9EY

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmT9rScFdCVQOZslLMPAyiJSuDbHVDxcEIxxHx9A356a9UN_jV86-UEanGFoLbEwF0KXAqLWocnID4t7i3ELgLSq4zYcjTXP&google_hm=A6HLR6-wg0wios2_xIgh9EY
date: Fri, 06 Oct 2023 14:13:07 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXa1cb47afb0834c22a2cdbfc48821f446003
content-type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame D4A9
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJDv6M41TCWc1ufPYM7xW4E&google_cver=1&google_push=AXcoOmSCd0bonY-BTbqPHxsT_hyd35EVmuhYV6iZwDlmgzFA6w5AU5eGfywqiVdjhAFQ6F8NSIQXnjLxQmE...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSCd0bonY-BTbqPHxsT_hyd35EVmuhYV6iZwDlmgzFA6w5AU5eGfywqiVdjhAFQ6F8NSIQXnjLxQmEvI7AjxHTrKkvUxqo4vQo
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

18ms
17ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4A9
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAEyiJKRuSZUw4f5Du9F_7g&google_cver=1&google_push=AXcoOmQ1BpRN9dNnb...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjIzMjI5NjcwODg2ODc2ODYzNQ%3D%3D&google_gid=CAESEAEyiJKRuSZUw4f5Du9F_7g&google_cver=1&google_push=AXcoOmQ1BpRN9dNnbivfMSYWwbZP7OpeSp...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjIzMjI5NjcwODg2ODc2ODYzNQ%3D%3D&google_gid=CAESEAEyiJKRuSZUw4f5Du9F_7g&google_cver=1&google_push=AXcoOmQ1BpRN9dNnbivfMSYWwbZP7OpeSpndhwjCqi3U4oXaAbCcUV6IguLBVjN-FXCAqLEnZRwxgp_AqogvUP59DzgV8BPRLKPW3C4

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
an-x-request-uuid: f21f61d3-5478-41fb-a501-ee141f41ae37
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjIzMjI5NjcwODg2ODc2ODYzNQ%3D%3D&google_gid=CAESEAEyiJKRuSZUw4f5Du9F_7g&google_cver=1&google_push=AXcoOmQ1BpRN9dNnbivfMSYWwbZP7OpeSpndhwjCqi3U4oXaAbCcUV6IguLBVjN-FXCAqLEnZRwxgp_AqogvUP59DzgV8BPRLKPW3C4
x-proxy-origin: 185.213.155.161; 185.213.155.161; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame D4A9 43 B
146 B 107ms
8ms Image
image/gif 18.193.237.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBrdZ9CUHUK5YqBynPIalMg&google_cver=1&google_push=AXcoOmRtq43N2oDTierA7URhMSYpK4qPPo9Lqx8HCwXBPrC4d7FQpF_r2o2sDsWL2fV-hXITKOtWRTgq0WIwHuxMKFcFwKW7aJS_3w
Requested by: Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.237.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-237-199.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D4A9 0
12 B 68ms
57ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMZGh5DV0WpAFHzlTweAmmHEHcPXGYKmn6VGsvKGqsgEivX79bP6pP4-67adnuKr1GuaHZ3F19

Requested by

Host: 37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
URL: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AC88 0
0 98ms
89ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4PPW8RUgZcLUGJ6ljuwPsq63gAieoaGuXKH56P6fA8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMByAMCqgTPAk_QejuXdurv0pu8n8PUP7maEuD7FoSVJEN0_oH45dr4g09WPu02CNVd6RLsVMjYWiTjJIiKL7Y31YyNjKhw5kbP-4BgM_23EgvJMuH8IhOTbdRKEGQg0I0VsbnJToJ-ZIUWwHERX3L4P1tREsixvdEvHCkJ28AVt5bFMrBnYle3WZHbkzm39Wl1AFwtDEF4_kJCH2DoDLEsjj4BflO7Qt6WSIeG-7ox0xsbwUHtuKu2T0xNcu0mfx6Behy3lSiTUPNx2wr8q0TKmTG5z3BlW7X_7AbVY7hKbN-N1djuvH80_jXpGZOc-Iz6gkZgJxNlFXPIlDKfwgBR1v6xFoxREaIsQ7nuSNyWJsQT6nLzD2UhMDcj_lVImOuN4GPEKfL_pM8e7ZCO1ruFM9Xe90V_jofueyV4okcMFliT_jrg50vpqmZqCwUVSh7_XtCJ4aE84AQBgAbSjvyD1tOn15sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0xMjM2OTkzMjQwNzYwMzcygAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTkwNTgyOTE4NTQ0NDM4ODEYttdp&sigh=xJsf4gRg0ms&uach_m=[UACH]&cid=CAQSOwDICaaNOlHyoiC-_fAZp6HHVZdFs1BWsjK89gEfRraOiwOFx8zQdzAYqwRPJoxBlm3dg5bghTJLSF9MGAE&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 033C 0
0 84ms
79ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuISr4hL01ytOynERfUoYd5emximDt7_3qMST0j9AU2DCsZP-J6Ej46eA5T59Tv-6Ax7xBN9xFNZo0mve-CMF9hU2Fc54znyzDffTPp3fwks2ZfGJuL3RTPtlMCV2bIL55yGnouAe_UHAnme89ybCkKvnpc2xQmn7fhFMtAi2mHWjLLAXyQqc9U0cAagqdxU7-ybGZSH4EUfwPQs662BfoEbhr_0PlNglkmgjDM2gIXhD4irW_FgXAgkhbqiBNbHF_sB_3bi0WmPAa-T37KHThmPmrdybTnSbe7mAIHaF6LoTp2nm9QwB-Ms-Fyqu6x_KvvxdtW4RMGD6uqFF0cX6fEFulZxzb_AJlSAG8bQ4D53ybZ6R12j625&sai=AMfl-YTR6elpJxkInbi_MIHsJ3msqtQR_itIJjLyxlF2yleuPUbZOP-tbf9HokIBIWpuYF9agu_cNdm_cyBwnK1vay_ZkDJ2BtWLByZdNPlAaSrcBG-1Xb4Wt1NVkBKWEQ&sig=Cg0ArKJSzNMBo3BfzZb5EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 14:13:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5418 0
0 90ms
85ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRz6fQcoFvWcp6orVo-E6bL-FSsByMpAS5EInWXmYNXbHMH4zBJQ_KOgVM76hjjOFnYHe4Qnb8jwlPtFCmU1EgewTxMJvfJQtzV2lpVoMv3_0SFIQ_Msg6mXRcFabNh5Uhru-wqmrfIMyxY5TmZS6KES4tWdG0TczDXgFXiDw3X_MdaJVMPtfec9k1JhrgK_n4YG94zfIdc0mKUaSPIawntZORrACpNke-ZEX3uN7QT38O1shG31h0P8e5F2CzpHtu7cqJdefe6uZ02ssPzWeyxUgaUOv06S0BZhfvghRWV9GEOjynzLb7dl63qO-MJVtEse2ZWQSxPoL2ACGC3W4uwRP8DhUfWctgPQjjGZZYOI9iOmWOrVTMIbLOEp2gUrroyZcSPL_RROthJboahHm6RIxnaw&sai=AMfl-YT1AGv-9Nc4JOXwcSWL36iuI6LSmObSslOOe4NXjK1mLLZUfFh6ML7g8XC1jiTkM4fR9ndZc828MgaHD3bOSuacAyb-i0GSwwl4BNnTeApFFBu7LzjKCZ2afTiFag&sig=Cg0ArKJSzEp2CjKwMAGREAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 14:13:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
76ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310020101&jk=1984550382996053&bg=!8vGl8b7NAAbjlzx0w5c7ADQBe5WfOIy0itC3KMStQfSV2tNX4YdsLoPpcJW7gmy4CkjV3kNotpA7D9ra-XZJqqxOeoTeAgAAAxxSAAAAbGgBB5kCrj-BlKdfa38vgRAIEJRS_zLEPxLAfm3fW-5G9sK5MJ5JHbiDCULJFUHQrF9l0aFqdPBgF3b6V3HAfs9fbOrSL4LTUWt6Pupb2aQQbZ1Gc8F2iVs6GCbGw0VqXEQM3AskDb2KkU8uAgym-p9ut0twwe7nl67W1YhJ6wI0GL2dg-XTJcBl0At0p8PPhqONyIpi8Xe4qQ2LBBlDAwFE64Nz4-yNiI6llCEq1gszDXH6kHG_bYb2GbZ-pEgnofsCgBnVyRx-ek6jj73YJw44tKfiOwxFiSPuHR3kln-x4ff5Z4enwOs20KBTXo1FX6238MNuJ257k_O-ka2HP7fpaEKRnhXA_D9yfpNaa7X2M5vWUKYczVPWzsShgrek4Ff9JNnU6QXVaTw9Beh6Q7OKCceaV-48Jo5vaHjJB8A2t3Od-jcA9wECBLj1wq9CRdqpHZ9GzIiJNvI5HesElvWizqE8spWFB1BW7_qBBJKXJ6H3inE26e5lk3vzfxmX9R5u1WfGY5KIHDdx-4B14_HHEQaoa5t4aV1px0h0d0vYUEBAddyFiSfDeuRWA-BBtgCrK8dOgj42WT2RJ1FpXpO3l4yc5jNL7SYo-OIMLTXWhFEmhwm9Ll0OKIbNXfGFKEAu3IhZeH3p98VP13VL__WpWNL_OAi95eB0uoLryjFvzbVklwb2ZQn4vMpbjgauDDqJNo-m5T2VVwDnyojcDz_Ndn7XLUqbU4w4Q9Vd1U3qi-77Z2kFMVXHGqUkk09BoFLSAKEk7JMyniNFSK1WOr6rkhGb2oT3cNfpLYyty0KKaq-vOBJoMT2F_55g-PT_UeVscvYikHVk0Lei05qbr48SIbIQ0C1WAI2FWr-OdwGp3gcT5BgANiuPJgo4uQOZ7wqaurwAzYQWiX6oAW2HP29SQIq2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5751 37 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 09:32:25 GMT

GET
H2 200 6144.js Show response
go.trvdp.com/init/ 6 KB
6 KB 89ms
15ms Script
binary/octet-stream 18.239.18.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/6144.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1273/6144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-29.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 350a2f81e8b190cf9f684c82b27e1b43f448dadca32ff207d6de89a4bd4884af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 10:14:08 GMT
via: 1.1 0bdea9339f79fea2216fd97b3f7856f2.cloudfront.net (CloudFront)
last-modified: Sun, 01 May 2022 12:06:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 1483139
etag: "4a41d02d974d6dcee4c140a8f534c54b"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: xX-kcCAS0P7dijSgVJO4R5_LehjeJWLL4G5hhf6gUb1s0jFPljOiaw==

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 58ms
41ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ejan.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://www.ejan.co
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 811e80d2d82e39c2-FRA
content-length: 24
content-type: text/plain
date: Fri, 06 Oct 2023 14:13:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YfXXmRGTWeREkg1tUylBUOO0tVnlU%2FSUCDHSFzXiPydxZG0kWLO2g%2BqeifYAmGnTn1q2bV7SJ9YY7p7gxvTvH46oeHjtX11QDT6Q4bDlnm%2F20Uw6%2FxYZrYSQBmGkoVu1dold2A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-jnb0

POST
H3 200 rs Show response
ad4m.at/ Frame 033C 1 KB
1 KB 60ms
42ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e04a6e23b0fd1c18b55ffb7780bb76bf694f0bd18f4a395aee44870967bf851

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87WWbMXvZPAOW04vF2SNq4ZlO%2FY4FbD6ZM5nQF7L9c4hm4eNKd7oMYxYwq6xR61GCR9ATy9zp%2FT28e19f2HZ58skWd%2FXaKNZpQ%2Be7v8I8GHBKQBcylQvQerACkU4xbxXciWSnp4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://www.ejan.co
access-control-allow-credentials: true
cf-ray: 811e80d348a039c2-FRA
x-backend-server: aa-reachservice-group-europe-west1-jnb0
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 56ms
41ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ejan.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://www.ejan.co
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 811e80d2d83039c2-FRA
content-length: 24
content-type: text/plain
date: Fri, 06 Oct 2023 14:13:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2F7VhjEWhXl7u%2BNrjL4L9%2BabWzaTaQ1pYxvjBh1w1I2oIk%2FS1Zw0Ui8a%2FGisUbnHJSwFISjQcJj3Cjcz3jPFPFsnJ9yyIMWrXgnOJNkQGEfOfr7TU1ogaez1d7mqng0yWI80HHA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-494z

POST
H3 200 rs Show response
ad4m.at/ Frame 5418 1 KB
1 KB 58ms
45ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51c6fd55ab30a79102036ab411f616f00448666af83a6bb68003fe869cfd0e8d

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6A0fORNg48UyrCp0nnYjsnTTgNDv6QM2OScAsjG84R%2Br3f%2BpZgixQDjsVwWl4eTXXLoiHgsP3kb%2BQcbZG8xyYq6bx91Mtf%2BUcNMiTG3xGVIwJLhtuGAICADl%2BwADeLJSnwIcX6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://www.ejan.co
access-control-allow-credentials: true
cf-ray: 811e80d348b739c2-FRA
x-backend-server: aa-reachservice-group-europe-west1-494z
alt-svc: h3=":443"; ma=86400

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 199ms
127ms XHR
application/json 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1273&wid=6144&cb=5035.778919153439&pid=4168&url=https%3A%2F%2Fwww.ejan.co%2Fworld%2Fec3to6d7sl%3Ffbclid%3Diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/6144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-19.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 5e370abe957d1bd05c2530597f4611822f5c9b96d42c86be5a9303b9e0817f37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
content-encoding: gzip
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.ejan.co
access-control-allow-credentials: true
x-amz-cf-id: g9tNei4uhU9GjSmnfdVudNpuSoRVPfhJ0eRM8WToXqUp_ouGiOfJ2g==

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B0B 42 B
174 B 85ms
75ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssW-Dv1IN-ApCy_QsFPHsrGkZTAr0P8VA4FgLAv18GrcIAHRT2LrQeTZHuCS-MIQiS1WtGerJ1Nb4QIfP9M9KhPjKELHHajs8vnlaNBoHKMj60mvdNxzg2uT_vavlcP&sig=Cg0ArKJSzH6b8ZqduiQVEAE&id=lidar2&mcvt=1017&p=1145,1599,1146,1600&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1.08&vu=1&app=0&itpl=19&adk=2903755340&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696601586292&rpt=368&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 707A 8 KB
3 KB 59ms
41ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=531119%2C531118%2C515544&b=AD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9%2CgVZH8frfJVddhPHbH8t5t587fmSQT9pUe%2CDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFV&f=MxRUzfrf56m7CWHEHGtQCmmMecBS4TxrF3%2CBj4agfPfEReesxH6H3tgCQDVTjSeT89cM%2CdEbUEfkf4MVwtEHjHwtqCj2prfeS4T59aj&c=300&d=250&e=&g=638f008e69e2de5b9431c6389db578f2%2F12700250455736666309&i=113889%2C29489%2C191774&j=52%2C52%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1696601587685&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3DZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg%3Bcrtbdata%3DZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D-J7TBH6pvzeMeYq4YmaKe_uOUYkRf-NXh-qIgsPGY91WTRGIEMtyFyvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVEM0xGsnPmvbEYgsOR5U9tINLztYcD8OqwYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b66b10f979dbc5d0a4432045e8699e83f780d56478dda72b7f0de1fe0dbd48

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 811e80d3dcce1d86-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:13:07 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 4DEE 9 KB
4 KB 55ms
40ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=19769%2C24723%2C15573&b=zg8ZtRfYfRY9hpHBHMtqtzG2FVSwTQ7KCG1A%2Czg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1A%2Cr58YaQf9fD1RFAH7HjtqtrqKfYS8Tg9MceGQ&f=8WkDFDf8f2qZfgHJHEtqCkZEhGSwTpDBCbGM%2C8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGM%2CP2djaBfbfDEQF9HjHbtgCK7xCJS9TDjJh6zG&c=970&d=250&e=&g=e704cf4b6d030e3461d24c82c65fd478%2F15022844559704838568&i=21630%2C22473%2C26474&j=16%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach01_03&r=1696601587738&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59377243%3Bcrtbwp%3DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%3Bcrtbdata%3D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4df3d934694c90542ba600ca3ad400eb4834320cb6aa14363f09818d7d7c4cf0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 811e80d3dccb1d86-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:13:07 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BBD 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmRTB8hUgZYftCtus9u8P2ZGsuA4AAAAAOAHgBAI&bg=!6Oul66TNAAYMG8UMLBs7ADQBe5WfOMrLQyXQhPONAIPOuP7bYiNdzKsBglchgMFrvdUTQeBsVXaX4sKFJRiuN2t4y1gfAgAAAhBSAAAACGgBB5kDAG1gifgOOoxEgRU8G_l9xCsW5mLklJJxITDIio7GtmgZIQLswpkklo5nxWchE0srJ7lRPGy9yqmK0FqoNqooNqxaXjx5ftHUj-mYW9MblKg4rEBDb73Lzt99GZVe3gQplWNCpAax482Ak2NFVyeZPJ5XyGIjU6pN7TVg7jGuR-2kFxukQn1FVX2v1epvXDbZHESwWeR4YKrWPvsp0MlIeyWZHE2YJzx40HYyh9r8RSIfrOh6Y2YRcbaAejo7XualRhmxWPuDk0XvR7JT2KCxCDKC7m46nhZ5uNFACpM9Cet2aaFh3A0-6IB3AqD61gKB5gBnOBXnemLi-6tK4re2Og5yDebsR4XaSwUHk8Dl_GEoq-7nuztkgOV6uyM2ZOQF9z0HoHNTZQA1b-uuZ2_KA23ZOyFv2IoAVxtJYfRjSl4AGnURZdeIbTKakHIbB1ST5NqeJ5Nf7894O3vnzXy4hjaJgPkosCnNMQScbl5bN1s9OxO7BkSYEbDSvGFnTVFaMLgXyF6wfpdDAFavnhWACBzAkAdG7t21wvDzkCzQ1CGqMGE528iAncHVobicH5xf4YayEYt7Mv2mbkVi9Qmm6vmwIj5C7fQ7H7yDaB4t86ynNa9PUMYhcYqmHGKivyVDXN1QL2SkeQNO94J0xCkjjOe1Ftonjm7RRvNGyGd4-bkNEldSf0SixsO5Ul3m3CWU8vSNd65BOXflzQZuHQm-t1Kmw9Wc04AiVaFQocDi_UAd6vAf5IVe0EJhYNRoJrHs1VDaDqqf74Xe_2Ctq7C7lsP9NiYPrl3vl7bLo8S72Up6hy-EPI6VOQ-S0e5uixybuu-YOZcwWYla83vq70zgOadpGQ8Q19NRxAlTf3vordj3RGjJaVUKQhTUz8ExZp_EerPXq0198P_VZcKBqiCOPyACpVBoC95gThrsdynI2ZAocU_zE3NFjjX_G6dIHyTjSpsM0I2GUh31xnaPeHtFVqCpA9F4u96v2JcLNLp-qN-vv74VSn5bix8MUy2ppojtzw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 4DEE 115 KB
14 KB 23ms
23ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C24723%2C15573&b=zg8ZtRfYfRY9hpHBHMtqtzG2FVSwTQ7KCG1A%2Czg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1A%2Cr58YaQf9fD1RFAH7HjtqtrqKfYS8Tg9MceGQ&f=8WkDFDf8f2qZfgHJHEtqCkZEhGSwTpDBCbGM%2C8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGM%2CP2djaBfbfDEQF9HjHbtgCK7xCJS9TDjJh6zG&c=970&d=250&e=&g=e704cf4b6d030e3461d24c82c65fd478%2F15022844559704838568&i=21630%2C22473%2C26474&j=16%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach01_03&r=1696601587738&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59377243%3Bcrtbwp%3DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%3Bcrtbdata%3D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=19769%2C24723%2C15573&b=zg8ZtRfYfRY9hpHBHMtqtzG2FVSwTQ7KCG1A%2Czg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1A%2Cr58YaQf9fD1RFAH7HjtqtrqKfYS8Tg9MceGQ&f=8WkDFDf8f2qZfgHJHEtqCkZEhGSwTpDBCbGM%2C8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGM%2CP2djaBfbfDEQF9HjHbtgCK7xCJS9TDjJh6zG&c=970&d=250&e=&g=e704cf4b6d030e3461d24c82c65fd478%2F15022844559704838568&i=21630%2C22473%2C26474&j=16%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach01_03&r=1696601587738&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59377243%3Bcrtbwp%3DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%3Bcrtbdata%3D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1694166205
age: 15792
cf-polished: origSize=118430
x-guploader-uploadid: ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
x-goog-generation: 1694166236174866
content-type: text/css
x-goog-hash: crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jCovlrRWWHpDi72sX8qHlkStJEdyGVhOz95t9lqkQI3xgZh0q%2F1%2F2EemsYP5W77G7lYoIbGntd0SHKpNbss04zsw%2BTJO00pzXBOF8IbhOKgZEHEQ2f9B34y5HkRObb5Za%2BuRzVhFIE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 118430
cf-ray: 811e80d42d35bb9b-FRA
expires: Fri, 06 Oct 2023 15:13:07 GMT

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 4DEE 36 KB
36 KB 52ms
31ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C24723%2C15573&b=zg8ZtRfYfRY9hpHBHMtqtzG2FVSwTQ7KCG1A%2Czg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1A%2Cr58YaQf9fD1RFAH7HjtqtrqKfYS8Tg9MceGQ&f=8WkDFDf8f2qZfgHJHEtqCkZEhGSwTpDBCbGM%2C8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGM%2CP2djaBfbfDEQF9HjHbtgCK7xCJS9TDjJh6zG&c=970&d=250&e=&g=e704cf4b6d030e3461d24c82c65fd478%2F15022844559704838568&i=21630%2C22473%2C26474&j=16%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach01_03&r=1696601587738&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59377243%3Bcrtbwp%3DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%3Bcrtbdata%3D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1265564
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBPA2klff2DiU7kyHu083x8iqYrXBwjFFTPF01ZILr%2F51P0ZfSq7i1gfExopc%2Fp8h7nLYVno7TQX4R7bhp0afkhWR4R6LcD9b5ejVMLs8AdJgiEYGwh6NOVgmxcYGwQzxlTBP7v2q7Kiersp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 811e80d45d831d86-FRA
expires: Sat, 07 Oct 2023 14:13:07 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 4DEE 28 KB
28 KB 63ms
47ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C24723%2C15573&b=zg8ZtRfYfRY9hpHBHMtqtzG2FVSwTQ7KCG1A%2Czg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1A%2Cr58YaQf9fD1RFAH7HjtqtrqKfYS8Tg9MceGQ&f=8WkDFDf8f2qZfgHJHEtqCkZEhGSwTpDBCbGM%2C8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGM%2CP2djaBfbfDEQF9HjHbtgCK7xCJS9TDjJh6zG&c=970&d=250&e=&g=e704cf4b6d030e3461d24c82c65fd478%2F15022844559704838568&i=21630%2C22473%2C26474&j=16%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach01_03&r=1696601587738&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59377243%3Bcrtbwp%3DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%3Bcrtbdata%3D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2226713
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1B%2FG3cb%2B9SKHbRCfQhBYobF472hif0ZtGI1MHiVqaJMvB3RNIxfd6DwYiBwgZGIEKe1WMgRZm1pwQ7s2GyMGVG9jBI63A04iPoDcHcn1Qk1OZ4z%2BwZznCKO8AR8TTVlWJWb62e%2BW7uOAQN6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 811e80d45d851d86-FRA
expires: Sat, 07 Oct 2023 14:13:07 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 4DEE 43 B
702 B 2278ms
117ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidzg8ZtRfYfRY9hpHBHMtqtzG2FVSwTQ7KCG1Aoneid__adf_Netmix_Reach01_03&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C24723%2C15573&b=zg8ZtRfYfRY9hpHBHMtqtzG2FVSwTQ7KCG1A%2Czg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1A%2Cr58YaQf9fD1RFAH7HjtqtrqKfYS8Tg9MceGQ&f=8WkDFDf8f2qZfgHJHEtqCkZEhGSwTpDBCbGM%2C8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGM%2CP2djaBfbfDEQF9HjHbtgCK7xCJS9TDjJh6zG&c=970&d=250&e=&g=e704cf4b6d030e3461d24c82c65fd478%2F15022844559704838568&i=21630%2C22473%2C26474&j=16%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach01_03&r=1696601587738&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59377243%3Bcrtbwp%3DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%3Bcrtbdata%3D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:13:10 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 DD764190D6CE80910BC7AF0AB42A0D01A58B48D68E5B29FB01F10153A3070E664C184E4393DFE49B8B93C06F8C00EC83A0ED0915E62BC1292EC3D266B795FB4D
assets.ad4m.at/logo/ Frame 4DEE 15 KB
16 KB 48ms
32ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DD764190D6CE80910BC7AF0AB42A0D01A58B48D68E5B29FB01F10153A3070E664C184E4393DFE49B8B93C06F8C00EC83A0ED0915E62BC1292EC3D266B795FB4D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C24723%2C15573&b=zg8ZtRfYfRY9hpHBHMtqtzG2FVSwTQ7KCG1A%2Czg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1A%2Cr58YaQf9fD1RFAH7HjtqtrqKfYS8Tg9MceGQ&f=8WkDFDf8f2qZfgHJHEtqCkZEhGSwTpDBCbGM%2C8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGM%2CP2djaBfbfDEQF9HjHbtgCK7xCJS9TDjJh6zG&c=970&d=250&e=&g=e704cf4b6d030e3461d24c82c65fd478%2F15022844559704838568&i=21630%2C22473%2C26474&j=16%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach01_03&r=1696601587738&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59377243%3Bcrtbwp%3DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%3Bcrtbdata%3D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a8c55e2a65ab16a22b95904c1e8853cc86c6794f55bb398b58b0cdb42f7d7e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1458892
cf-polished: origFmt=png, origSize=37262
alt-svc: h3=":443"; ma=86400
content-length: 15752
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 May 2020 23:04:25 GMT
server: cloudflare
etag: "a89fa17c218240e5a9f82c47ff6f59a4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FfGl37BVnKINebmotEZ%2FmPDIAq8ssVtnJhS3J2Rh2QyDQVuP7x%2Fwe8lyCZhnXJdQRUUp9T9ev%2FIlBy98NRu%2FI5ggcH64Co6f8X3dyPAL%2BK5W19jSsK%2BBG4mN94Tn%2F3Qqv3toxDniu6Ldcm1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 811e80d45d861d86-FRA
expires: Sat, 07 Oct 2023 14:13:07 GMT

GET
H2 200 BFA660F4C579A67BFC4FEC1F0BE3FDC649D3AE4EFD32521BEE7E5D753BA8C7AFEF86E209C94227BB718C2AA92E9C7120DB942BD7F9D9EC000E243B6917E8EAFE
assets.ad4m.at/product_image/ Frame 4DEE 50 KB
50 KB 62ms
46ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BFA660F4C579A67BFC4FEC1F0BE3FDC649D3AE4EFD32521BEE7E5D753BA8C7AFEF86E209C94227BB718C2AA92E9C7120DB942BD7F9D9EC000E243B6917E8EAFE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C24723%2C15573&b=zg8ZtRfYfRY9hpHBHMtqtzG2FVSwTQ7KCG1A%2Czg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1A%2Cr58YaQf9fD1RFAH7HjtqtrqKfYS8Tg9MceGQ&f=8WkDFDf8f2qZfgHJHEtqCkZEhGSwTpDBCbGM%2C8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGM%2CP2djaBfbfDEQF9HjHbtgCK7xCJS9TDjJh6zG&c=970&d=250&e=&g=e704cf4b6d030e3461d24c82c65fd478%2F15022844559704838568&i=21630%2C22473%2C26474&j=16%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach01_03&r=1696601587738&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59377243%3Bcrtbwp%3DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%3Bcrtbdata%3D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2ebf6b894adb91b35cd1135329e9390d36768d4430b538a2df087a4f5bc31b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238879
cf-polished: degrade=85, origSize=112842, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 51046
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 May 2020 13:22:15 GMT
server: cloudflare
etag: "7778098ecd14772f2698109849e1c874"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZnw%2FWwg%2FkpZGAejdI0F9kqyhpd%2FJCnYUDvIuZSJNHjx0JdNpIRHkgJ0bNK%2F%2BAF6Mu0k4U7GHvL1V8mKgP95UHglCSWn0vXiw7Xi%2B5jubSIHwoz%2FvNSV5BcnavoWnklnLDRpK%2BazmLt9L8S9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 811e80d45d871d86-FRA
expires: Sat, 07 Oct 2023 14:13:07 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 4DEE 10 KB
10 KB 61ms
45ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C24723%2C15573&b=zg8ZtRfYfRY9hpHBHMtqtzG2FVSwTQ7KCG1A%2Czg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1A%2Cr58YaQf9fD1RFAH7HjtqtrqKfYS8Tg9MceGQ&f=8WkDFDf8f2qZfgHJHEtqCkZEhGSwTpDBCbGM%2C8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGM%2CP2djaBfbfDEQF9HjHbtgCK7xCJS9TDjJh6zG&c=970&d=250&e=&g=e704cf4b6d030e3461d24c82c65fd478%2F15022844559704838568&i=21630%2C22473%2C26474&j=16%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach01_03&r=1696601587738&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59377243%3Bcrtbwp%3DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%3Bcrtbdata%3D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240459
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400
content-length: 9782
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnVqeQQsRAIOpT9XA7VT8Eviaqw%2Fpemb5ekyVduv%2FE%2FB0RMHsU5GhgQFEZBbFRHJBvfj1QJvquj5w%2B%2BnORYGDPzbKg%2Ft3KAejfgy0n2BwLuZX4zt%2FRiBPZv1lhga6qmpGwzka%2B%2FY4h6Y0LIF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 811e80d45d8f1d86-FRA
expires: Sat, 07 Oct 2023 14:13:07 GMT

GET
H2 200 7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame 4DEE 58 KB
58 KB 63ms
48ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C24723%2C15573&b=zg8ZtRfYfRY9hpHBHMtqtzG2FVSwTQ7KCG1A%2Czg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1A%2Cr58YaQf9fD1RFAH7HjtqtrqKfYS8Tg9MceGQ&f=8WkDFDf8f2qZfgHJHEtqCkZEhGSwTpDBCbGM%2C8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGM%2CP2djaBfbfDEQF9HjHbtgCK7xCJS9TDjJh6zG&c=970&d=250&e=&g=e704cf4b6d030e3461d24c82c65fd478%2F15022844559704838568&i=21630%2C22473%2C26474&j=16%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach01_03&r=1696601587738&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59377243%3Bcrtbwp%3DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%3Bcrtbdata%3D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d38282ac0c1816553a3a1c9b74f00bcf0b60aad1b473bc58b1403c67ba5c8048

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 690256
cf-polished: degrade=85, origSize=128978, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 59304
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 May 2022 12:16:42 GMT
server: cloudflare
etag: "aa8c145ca1b6cb2be4e511f8f6f2685d"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zj6hfczwfxAOCjvJ2%2F5pfLcyHmiqcRQkzDrKKIo0DKBxfy%2FWgdAvPouvkaZzKIJX4tqrdcxG6Y3mig5WIuPtk7x4hqzYawpZrfsNahzNNIQZvAp9Osm62JkkbZcFkLaiTCSXeWiG79yKCHUH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 811e80d45d8d1d86-FRA
expires: Sat, 07 Oct 2023 14:13:07 GMT

GET
H/1.1 200
OK 2aed39855b5f46b72660fe7fe4b2634f
pv.medialead.de/trck/epv/ Frame 4DEE 0
465 B 130ms
64ms Image
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidr58YaQf9fD1RFAH7HjtqtrqKfYS8Tg9MceGQoneid__adf_Netmix_Reach01_03&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
strict-transport-security: max-age=15768000
server: nginx
host: pv.medialead.de
x-iplb-request-id: B9D59BA1:C11E_91EFC182:01BB_652015F3_70BCF5:1D8B7
x-iplb-instance: 40027
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 707A 115 KB
14 KB 28ms
28ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=531119%2C531118%2C515544&b=AD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9%2CgVZH8frfJVddhPHbH8t5t587fmSQT9pUe%2CDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFV&f=MxRUzfrf56m7CWHEHGtQCmmMecBS4TxrF3%2CBj4agfPfEReesxH6H3tgCQDVTjSeT89cM%2CdEbUEfkf4MVwtEHjHwtqCj2prfeS4T59aj&c=300&d=250&e=&g=638f008e69e2de5b9431c6389db578f2%2F12700250455736666309&i=113889%2C29489%2C191774&j=52%2C52%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1696601587685&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3DZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg%3Bcrtbdata%3DZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D-J7TBH6pvzeMeYq4YmaKe_uOUYkRf-NXh-qIgsPGY91WTRGIEMtyFyvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVEM0xGsnPmvbEYgsOR5U9tINLztYcD8OqwYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=531119%2C531118%2C515544&b=AD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9%2CgVZH8frfJVddhPHbH8t5t587fmSQT9pUe%2CDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFV&f=MxRUzfrf56m7CWHEHGtQCmmMecBS4TxrF3%2CBj4agfPfEReesxH6H3tgCQDVTjSeT89cM%2CdEbUEfkf4MVwtEHjHwtqCj2prfeS4T59aj&c=300&d=250&e=&g=638f008e69e2de5b9431c6389db578f2%2F12700250455736666309&i=113889%2C29489%2C191774&j=52%2C52%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1696601587685&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3DZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg%3Bcrtbdata%3DZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D-J7TBH6pvzeMeYq4YmaKe_uOUYkRf-NXh-qIgsPGY91WTRGIEMtyFyvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVEM0xGsnPmvbEYgsOR5U9tINLztYcD8OqwYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1694166205
age: 15792
cf-polished: origSize=118430
x-guploader-uploadid: ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
x-goog-generation: 1694166236174866
content-type: text/css
x-goog-hash: crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO0mvgQsqEJELY4T3TK5%2BlQH4zJce5br9gNhhS7qpftcINCghpeonhcUmim1tffnsQd%2B%2BRcdSVOM%2FaLOS5E7V3V3fFFPOkIs%2BvofnZP16jQ8xg99ENv1zYDKXzVrc3LubNvK4OREMDM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 118430
cf-ray: 811e80d42d42bb9b-FRA
expires: Fri, 06 Oct 2023 15:13:07 GMT

GET
H2 200 6E2CB7C544D1D9FE5CDF08D6AA255C95D394594AD838A035FF43F2E7D2B4FCC8D733074F5AF715D87B4976CDE2CB354153C306B8686F2B70722726772C15FF2E
assets.ad4m.at/logo/ Frame 707A 21 KB
21 KB 52ms
34ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/6E2CB7C544D1D9FE5CDF08D6AA255C95D394594AD838A035FF43F2E7D2B4FCC8D733074F5AF715D87B4976CDE2CB354153C306B8686F2B70722726772C15FF2E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=531119%2C531118%2C515544&b=AD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9%2CgVZH8frfJVddhPHbH8t5t587fmSQT9pUe%2CDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFV&f=MxRUzfrf56m7CWHEHGtQCmmMecBS4TxrF3%2CBj4agfPfEReesxH6H3tgCQDVTjSeT89cM%2CdEbUEfkf4MVwtEHjHwtqCj2prfeS4T59aj&c=300&d=250&e=&g=638f008e69e2de5b9431c6389db578f2%2F12700250455736666309&i=113889%2C29489%2C191774&j=52%2C52%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1696601587685&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3DZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg%3Bcrtbdata%3DZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D-J7TBH6pvzeMeYq4YmaKe_uOUYkRf-NXh-qIgsPGY91WTRGIEMtyFyvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVEM0xGsnPmvbEYgsOR5U9tINLztYcD8OqwYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10bd27153e01cd9d3daa2db21b352dd00bfc0a839a3523dc7efa20e7e0e0f5f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41021
cf-polished: origFmt=png, origSize=42358
alt-svc: h3=":443"; ma=86400
content-length: 21418
cf-bgj: imgq:85,h2pri
last-modified: Fri, 25 Aug 2023 11:16:19 GMT
server: cloudflare
etag: "199618d19e26e7ca3a2a1e8b3ef0311f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRGlm0yvCm0qBNBt7cfnJHIpOkiJjqXpirm%2BItUvXgxHxAy2L94QwLO%2BAd8sZkCV7NhnNG0F5xPXhqOS5W%2B%2FAaQxy7YKyBmSfB1C1AerFZezpDRkel4YI3zv%2F50M5BYtbj7kgKlFBdjd7OPv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 811e80d45d841d86-FRA
expires: Sat, 07 Oct 2023 14:13:07 GMT

GET
H2 200 213A9B8C2BC7CE892E86558B2BE72821B79EE54786870CF55366D6E077EF41F7B4532C8F02D883113390B1965B854B35FB2523810C5C7F9AA26CBF0C9C6947DA
assets.ad4m.at/ Frame 707A 352 KB
353 KB 62ms
47ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/213A9B8C2BC7CE892E86558B2BE72821B79EE54786870CF55366D6E077EF41F7B4532C8F02D883113390B1965B854B35FB2523810C5C7F9AA26CBF0C9C6947DA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=531119%2C531118%2C515544&b=AD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9%2CgVZH8frfJVddhPHbH8t5t587fmSQT9pUe%2CDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFV&f=MxRUzfrf56m7CWHEHGtQCmmMecBS4TxrF3%2CBj4agfPfEReesxH6H3tgCQDVTjSeT89cM%2CdEbUEfkf4MVwtEHjHwtqCj2prfeS4T59aj&c=300&d=250&e=&g=638f008e69e2de5b9431c6389db578f2%2F12700250455736666309&i=113889%2C29489%2C191774&j=52%2C52%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1696601587685&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3DZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg%3Bcrtbdata%3DZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D-J7TBH6pvzeMeYq4YmaKe_uOUYkRf-NXh-qIgsPGY91WTRGIEMtyFyvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVEM0xGsnPmvbEYgsOR5U9tINLztYcD8OqwYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a0581d979a68cc21ae8e42917177dc7a7f85a7935477e48afe1c3c6ff21c31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1366222
cf-polished: origFmt=png, origSize=556347
alt-svc: h3=":443"; ma=86400
content-length: 360500
cf-bgj: imgq:85,h2pri
last-modified: Fri, 25 Aug 2023 11:23:07 GMT
server: cloudflare
etag: "19e7bf761afbfa83c2bab3980f2808e8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJ2eOpcvk%2FCMBJ5A3%2F5F5t06CfbshxWEtcSDx8aq%2BdlIRzG8y7lT%2Fzr%2F8JcKaF2lA%2FC2Xdhd%2BqMdFSljNU7Em5S%2Fet1VLlrgoALfoUxdyqyc6vL%2FKvtfvO7pIjNRuKjltJUJknjqQkVGp0vY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 811e80d45d891d86-FRA
expires: Sat, 07 Oct 2023 14:13:07 GMT

GET
H2

200

cr_fe9b659b-1228-40f7-96d2-f24be3eb62d5
res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1667899543/prod_creatives/net_253/adv_93696/ Frame 707A
Redirect Chain

https://jdswhq.helmexpress.com/ts/i5047736/tsv?amc=dis.blbn.455799.471580.CRTw5ZW3v7L&smc1=oneidAD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9oneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1667899543/prod_creatives/net_253/adv_93696/cr_fe9b659b-1228-40f7-96d2-f24be3eb62d5

622 B
1 KB

71ms
13ms

Image
image/webp

2a02:26f0:480:588::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1667899543/prod_creatives/net_253/adv_93696/cr_fe9b659b-1228-40f7-96d2-f24be3eb62d5

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=531119%2C531118%2C515544&b=AD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9%2CgVZH8frfJVddhPHbH8t5t587fmSQT9pUe%2CDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFV&f=MxRUzfrf56m7CWHEHGtQCmmMecBS4TxrF3%2CBj4agfPfEReesxH6H3tgCQDVTjSeT89cM%2CdEbUEfkf4MVwtEHjHwtqCj2prfeS4T59aj&c=300&d=250&e=&g=638f008e69e2de5b9431c6389db578f2%2F12700250455736666309&i=113889%2C29489%2C191774&j=52%2C52%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1696601587685&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3DZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg%3Bcrtbdata%3DZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D-J7TBH6pvzeMeYq4YmaKe_uOUYkRf-NXh-qIgsPGY91WTRGIEMtyFyvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVEM0xGsnPmvbEYgsOR5U9tINLztYcD8OqwYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Protocol

Server

2a02:26f0:480:588::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

6be7f07f56e31fda4633b114da3ac159be83ff2e86e76449ee217940ac381221

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:08 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="cr_fe9b659b-1228-40f7-96d2-f24be3eb62d5.webp"
server-timing: cld-akam;dur=5;start=2023-10-06T14:13:08.061Z;desc=hit,rtt;dur=6,content-info;desc="width=88,height=31,owidth=88,oheight=31,obytes=3683"
content-length: 622
last-modified: Sun, 08 Jan 2023 10:50:07 GMT
server: Cloudinary
etag: "8b3e67efa9bf8a1b571d3f9241c32245"
vary: Accept,User-Agent,DPR,Sec-CH-DPR,Sec-CH-DPR,Width,Sec-CH-Width
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
last-modified: Fri, 06 Oct 2023 14:13:07 GMT
server: IGT/2018 2.0
location: https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_50,w_auto/v1667899543/prod_creatives/net_253/adv_93696/cr_fe9b659b-1228-40f7-96d2-f24be3eb62d5
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 52BE304BC34A482844D2E96F489B56B8A1A39AE446049BFD6540B67CBBDADEF275799B46CC7F4B2EF4A6F1E1B7F274FE005136210D6A5923CC3F0ECCC6C70F38
assets.ad4m.at/logo/ Frame 707A 3 KB
3 KB 62ms
48ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/52BE304BC34A482844D2E96F489B56B8A1A39AE446049BFD6540B67CBBDADEF275799B46CC7F4B2EF4A6F1E1B7F274FE005136210D6A5923CC3F0ECCC6C70F38
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=531119%2C531118%2C515544&b=AD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9%2CgVZH8frfJVddhPHbH8t5t587fmSQT9pUe%2CDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFV&f=MxRUzfrf56m7CWHEHGtQCmmMecBS4TxrF3%2CBj4agfPfEReesxH6H3tgCQDVTjSeT89cM%2CdEbUEfkf4MVwtEHjHwtqCj2prfeS4T59aj&c=300&d=250&e=&g=638f008e69e2de5b9431c6389db578f2%2F12700250455736666309&i=113889%2C29489%2C191774&j=52%2C52%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1696601587685&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3DZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg%3Bcrtbdata%3DZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D-J7TBH6pvzeMeYq4YmaKe_uOUYkRf-NXh-qIgsPGY91WTRGIEMtyFyvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVEM0xGsnPmvbEYgsOR5U9tINLztYcD8OqwYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9491cc876eb496dffc90ff68cef9432414ebde990f12dce53c47d4189ca33e95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 954159
cf-polished: origFmt=png, origSize=10201
alt-svc: h3=":443"; ma=86400
content-length: 2894
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Aug 2023 11:23:29 GMT
server: cloudflare
etag: "fac0ef26cdcc4b0d8fcdb5d5ef69943d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZX5hlR%2FhKaVwEn8zAqgNV%2FqHghiZZQEV6u16hdqibZAE3LvuFDyQim1hMHvqEQyE8A1fV%2F0nhNemcXrUcCwARvFW4ppGxHO7UvgsX0osNyVZvSA%2Bun26dIINHU1IZ26%2FiRDxYxAtOBRAd%2BQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 811e80d45d921d86-FRA
expires: Sat, 07 Oct 2023 14:13:07 GMT

GET
H2 200 D06129BF8CAE1FA03D876FAAEDB92ABAD98B1B416E87A78A70FF3FF068C05EFADDFE00590E67B6C9922A18833A6D26C045B39D5B37EA1F2A04B8D1509A4A1CE2
assets.ad4m.at/ Frame 707A 323 KB
324 KB 62ms
47ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/D06129BF8CAE1FA03D876FAAEDB92ABAD98B1B416E87A78A70FF3FF068C05EFADDFE00590E67B6C9922A18833A6D26C045B39D5B37EA1F2A04B8D1509A4A1CE2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=531119%2C531118%2C515544&b=AD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9%2CgVZH8frfJVddhPHbH8t5t587fmSQT9pUe%2CDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFV&f=MxRUzfrf56m7CWHEHGtQCmmMecBS4TxrF3%2CBj4agfPfEReesxH6H3tgCQDVTjSeT89cM%2CdEbUEfkf4MVwtEHjHwtqCj2prfeS4T59aj&c=300&d=250&e=&g=638f008e69e2de5b9431c6389db578f2%2F12700250455736666309&i=113889%2C29489%2C191774&j=52%2C52%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1696601587685&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3DZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg%3Bcrtbdata%3DZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D-J7TBH6pvzeMeYq4YmaKe_uOUYkRf-NXh-qIgsPGY91WTRGIEMtyFyvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVEM0xGsnPmvbEYgsOR5U9tINLztYcD8OqwYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d79bfd904179e9e82fb3697e4be1e91dbe127feb57c7441cc275116c3a5c07e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2543768
cf-polished: origFmt=png, origSize=527756
alt-svc: h3=":443"; ma=86400
content-length: 330896
cf-bgj: imgq:85,h2pri
last-modified: Fri, 25 Aug 2023 11:10:58 GMT
server: cloudflare
etag: "76ff1c2e99c4510de9fff05beb9f5b6d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zfs973sFTswTbPW28imYfe6y%2Fyg7Gn8fsuKpuXy2WcYnPLpG2tpRX4bLpgg5w06CuDRJLqWeTOjh%2BihHr5MZ11nYhVFVwkh0xaNS0Hoxfzi2jjBnl98eIp0nEjCEqBTVYgo5VYS8vbtyQi%2FV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 811e80d45d901d86-FRA
expires: Sat, 07 Oct 2023 14:13:07 GMT

GET
H/1.1

200
OK

pixel.gif
webservice.belboon.com/www1/media/ Frame 707A
Redirect Chain

https://neso.r.niwepa.com/ts/i5034370/tsv?amc=dis.blbn.455799.471580.CRTdjlTVF8-&smc1=oneidgVZH8frfJVddhPHbH8t5t587fmSQT9pUeoneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www1.belboon.de/media/pixel.gif
https://webservice.belboon.com/www1/media/pixel.gif

43 B
288 B

63ms
15ms

Image
image/gif

89.58.7.59
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webservice.belboon.com/www1/media/pixel.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=531119%2C531118%2C515544&b=AD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9%2CgVZH8frfJVddhPHbH8t5t587fmSQT9pUe%2CDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFV&f=MxRUzfrf56m7CWHEHGtQCmmMecBS4TxrF3%2CBj4agfPfEReesxH6H3tgCQDVTjSeT89cM%2CdEbUEfkf4MVwtEHjHwtqCj2prfeS4T59aj&c=300&d=250&e=&g=638f008e69e2de5b9431c6389db578f2%2F12700250455736666309&i=113889%2C29489%2C191774&j=52%2C52%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1696601587685&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3DZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg%3Bcrtbdata%3DZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D-J7TBH6pvzeMeYq4YmaKe_uOUYkRf-NXh-qIgsPGY91WTRGIEMtyFyvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVEM0xGsnPmvbEYgsOR5U9tINLztYcD8OqwYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 89.58.7.59 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS: v2202202117212178004.quicksrv.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 14:13:08 GMT
Server: Apache/2.4.38 (Debian)
Content-Type: image/gif
Upgrade: h2
Cache-Control: no-cache, private
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 43

Redirect headers

Location: https://webservice.belboon.com/www1/media/pixel.gif
Date: Fri, 06 Oct 2023 14:13:08 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Length: 259
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 F2C52DC38D2926E3A6765AB2F4E7A8EE637893EC346512D16F5CDBC0738660BEFFADBC18B616B226E1CC93B888BA18DCD8134B1E57D4EA9433B2DA9C0E8AF085
assets.ad4m.at/logo/ Frame 707A 15 KB
16 KB 73ms
59ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F2C52DC38D2926E3A6765AB2F4E7A8EE637893EC346512D16F5CDBC0738660BEFFADBC18B616B226E1CC93B888BA18DCD8134B1E57D4EA9433B2DA9C0E8AF085
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=531119%2C531118%2C515544&b=AD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9%2CgVZH8frfJVddhPHbH8t5t587fmSQT9pUe%2CDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFV&f=MxRUzfrf56m7CWHEHGtQCmmMecBS4TxrF3%2CBj4agfPfEReesxH6H3tgCQDVTjSeT89cM%2CdEbUEfkf4MVwtEHjHwtqCj2prfeS4T59aj&c=300&d=250&e=&g=638f008e69e2de5b9431c6389db578f2%2F12700250455736666309&i=113889%2C29489%2C191774&j=52%2C52%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1696601587685&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3DZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg%3Bcrtbdata%3DZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D-J7TBH6pvzeMeYq4YmaKe_uOUYkRf-NXh-qIgsPGY91WTRGIEMtyFyvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVEM0xGsnPmvbEYgsOR5U9tINLztYcD8OqwYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5afdbf1120a729958d869bdfa9def4593099402a287e860e06254c13ea929d04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9395
cf-polished: origFmt=png, origSize=29355
alt-svc: h3=":443"; ma=86400
content-length: 15602
cf-bgj: imgq:85,h2pri
last-modified: Mon, 17 Jul 2023 15:33:13 GMT
server: cloudflare
etag: "d0c9359ebd15bf59a7926628a069f190"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttHhr4nNgS6Y14a9HK93MG8zWjLShOZGkUS5LXjpTZelNXs4%2FLA7Mq2uPqI4%2BOnNiayW%2B%2BWqKbAcDC6HxxcyTawFR8lt2c%2BPz4ygb7t1S1uAALagviQtr4RyROs8tvox8XyidKwRbc5bCm2P"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 811e80d46daf1d86-FRA
expires: Sat, 07 Oct 2023 14:13:07 GMT

GET
H2 200 8AE64A0AD4C612E1A57A21581373109E6BD899F708ADCB9C2B237F7F647BB41AAD857CEB7F9186E152300A2289DEB757796A4C597F549B9E326E813F093FBFC1
assets.ad4m.at/ Frame 707A 38 KB
38 KB 62ms
48ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/8AE64A0AD4C612E1A57A21581373109E6BD899F708ADCB9C2B237F7F647BB41AAD857CEB7F9186E152300A2289DEB757796A4C597F549B9E326E813F093FBFC1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=531119%2C531118%2C515544&b=AD4uYfqfbjZ6cAHRH4tktxxR1uRS4TRrF9%2CgVZH8frfJVddhPHbH8t5t587fmSQT9pUe%2CDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFV&f=MxRUzfrf56m7CWHEHGtQCmmMecBS4TxrF3%2CBj4agfPfEReesxH6H3tgCQDVTjSeT89cM%2CdEbUEfkf4MVwtEHjHwtqCj2prfeS4T59aj&c=300&d=250&e=&g=638f008e69e2de5b9431c6389db578f2%2F12700250455736666309&i=113889%2C29489%2C191774&j=52%2C52%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1696601587685&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3DZSAV8AAAAACN-AWOmQhM0s1GfkXnID5LczkMPg%3Bcrtbdata%3DZC5IS7hTs1WrgP7Ia7ImceiAyUBqkejAmwBQ7AtU08Mt9xuRuC_GsQS7Y2KOCGpV5Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RJFuQ2DsMGH6JB1rET0v812_YDS-qe4hG7MVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVXylGVnZBdBUomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D-J7TBH6pvzeMeYq4YmaKe_uOUYkRf-NXh-qIgsPGY91WTRGIEMtyFyvZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVEM0xGsnPmvbEYgsOR5U9tINLztYcD8OqwYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baac35923c0f52bb0e87570c6de9726d08b8d8e16763687e460ae091337f7c23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9395
cf-polished: origFmt=png, origSize=68791
alt-svc: h3=":443"; ma=86400
content-length: 38704
cf-bgj: imgq:85,h2pri
last-modified: Mon, 17 Jul 2023 15:41:47 GMT
server: cloudflare
etag: "c3f15382c8b6119626e2bf328ca1d22d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zwtVxU6oRx%2FmSAjlFF8p0PHW5q%2BVZJl1QjAC7MYcBL%2BSE77vC8sEf63bOZ86synepp%2ByEXKUO%2BcPw%2BG1RMuXE8YYkcwG2TQGZGXIWztTQpQmASgxG7yfWtjvHu1mt9uucC66y%2F90qsaXRA6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 811e80d46dac1d86-FRA
expires: Sat, 07 Oct 2023 14:13:07 GMT

GET
H2 200 view
t.adcell.com/p/ Frame 707A 42 B
440 B 76ms
35ms Image
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.adcell.com/p/view?promoId=344120&slotId=46690&pv=1&subId=oneidDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFVoneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:07 GMT
strict-transport-security: max-age=15768000
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
server: myracloud
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 004D 0
0 95ms
93ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CpPNT8RUgZbLkK9nj3wP3goP4DZ6hoa5cofno_p8DwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwHIAwKqBMACT9Bei6SathFHaVbpdHyU7mhPI8P6bbo9HweIcw9AROysa1zBv53At-DLwgcHoVPBfhAtU3IiIWRXFGLGWDANYyGRnnZWMBaD-8g_PmPoi1QX2VZAKuU4GN87yEn_Wh5xYQ9eWGxiPKO9NzeefRX7YZEwP44y9eUINHkpckUJm-7EraW2MFkXckpR7r57ingDsAkO8Jnb-5HwpZc6pz5KEQnEKo4Ctngjs-J3VCGM0jPd8ggEqp0q_DYdyzHc3qwIFpf_-LkNE8bwlJS0C85ziSvp26DWvU8xiaXFmKP23er31qg7FYqWnRJGRP0A96Ty-3vKwzZk9767q9rxG-a1xX0w-TJtm67RuC-i5Gdd4ktyEQ97hzjxh2lWsTO7hSqLrCd-zAVnjeqodIoYv6FuYZBGhX9v-23AcBJ-WbuZyJngBAGABtKO_IPW06fXmwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTEyMzY5OTMyNDA3NjAzNzKACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=-b8zK47ddRc&uach_m=[UACH]&cid=CAQSOwDICaaNTTietQMo1ZpcDxk9SqbILmDX3r3Q0epu4g-eRSUlAy5r7Q53y9UqTxCRgy8aN5vuGGwfL_1LGAE&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 429 link.html
track.webgains.com/ Frame 4DEE 0
0 121ms
29ms Script
text/html 18.135.175.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2045165&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gpab2m5ewy87cnnrq9013x9mh0mhb7nxd3y82kmq0hhcfj0zetq5he6yhy6bxzdge9195vzfkh1s136wtyr8pg6wa4x83ammsx2a05egn5fkfm80nb1zcawx7kexy09nns5av21dn8s7jhm6tmt62kdhmztrtnetaqxt7bepxrsn5q0kee6bsxqj8swxg62h8r507mz955a8ver47j211jg56m03j226ngm31eemp8d82gv0sqf2aqm4wsrde9vgykke%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59377243%253Bcrtbwp%253DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%253Bcrtbdata%253D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%253Badfibeg%253D0%253Bcdata%253Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.ejan.co%25252fworld%25252fec3to6d7sl%25253ffbclid%25253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%253BC%253D1%253Bcpdir%253D&clickref=oneid8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGMoneid__adf_Netmix_Reach01_03&viewref=oneidzg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1Aoneid__adf_Netmix_Reach01_03
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C24723%2C15573&b=zg8ZtRfYfRY9hpHBHMtqtzG2FVSwTQ7KCG1A%2Czg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1A%2Cr58YaQf9fD1RFAH7HjtqtrqKfYS8Tg9MceGQ&f=8WkDFDf8f2qZfgHJHEtqCkZEhGSwTpDBCbGM%2C8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGM%2CP2djaBfbfDEQF9HjHbtgCK7xCJS9TDjJh6zG&c=970&d=250&e=&g=e704cf4b6d030e3461d24c82c65fd478%2F15022844559704838568&i=21630%2C22473%2C26474&j=16%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach01_03&r=1696601587738&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59377243%3Bcrtbwp%3DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%3Bcrtbdata%3D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.ejan.co%252fworld%252fec3to6d7sl%253ffbclid%253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.175.58 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-175-58.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:08 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.827/ 469 KB
129 KB 53ms
10ms Script
application/javascript 13.32.99.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.827/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/6144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 947ea0259f58d0d3fa8f9d6f87ba299d4cc4379be52886936c56f358da9a5787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:19:40 GMT
content-encoding: br
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jul 2023 12:00:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 2076808
etag: W/"6d4b82c5e77085c209494ce7e5eca2fa"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: zHjKPByUt_y1cPtVBLLJpiM88p7Rk05YbiHFdG54Nk7g_pPw39uAVw==

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 52 B
598 B 513ms
128ms XHR
text/plain 35.208.216.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.ejan.co&l1=6144&l2=ejan.co&l3=DE&l4=desktop&l5=5.827&cb=0.5597459851573052
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.827/float.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:13:08 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.ejan.co
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5751 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYetA8hUgZf3vJIetjuwPk4Ou2AsAAAAAOAHgBAI&bg=!x8SlxIvNAAYMG8UMLBs7ADQBe5WfOAiHncmugbN3jDYnBTauWEsqXY7rMfKhAEE8q6UjYtbNP1zXhCmJzA5wSb3rpR_gAgAAAX9SAAAACWgBB5kDCSsLWSck6pSwVV3_j2YFzCSJb9wTIs5NHLtat46WfCBmU-v31VDv0EKVK-k8ci3A9krrl_-Z63_kfYv8v9k9_cU0H0k5OVFNnoq068b0qkjS0tU8g3U6WbkGzDfXYFlF20nV6B0GX9HIsJdoSK5Jaoce_Qer1BuRuKKXTCeLdLREjwxk4K9_uNQd-GDglmrj_dOE3oIGSF0lmY4JQmDs0ZPl4gqlkgkqZS26NeBHf-J5WvKnljuXavpgEnnXMwXYxVj1UYt3ckRxeX7SyYw87yI82nR32yV2wG5qXvF3SRPMlax-Kr4Qcl35kOygLEKqw7oJPLPXNf1-G7uwxTDD6Tixs3FYkwl_q6gZz0YO4aMN0_RIbrPNLfbQWMknh6iESQ3zICy_REuyh2psNBmr6iYNgOrd16eBv5HJTMyFFd3bzw5SpcgYoJohgArcLIb54ku3E5pRW4HqssKPSCvgQ_7LkFMMNNLdezqz7IMOF8s74jOKpbWIcChVB7pl_pBXX4YiVcRcLz_FGXYsLzkkux0X2x4gi6zubffpkbLIFHoitSkJTwtlTXLnTHbA7-y561ArXuYyVyhuWXTlsMO8HW9p6sZIzMKnGMiXVvN3xoWS2ZGVtZgjpydV_lUGudZeEo6u-E3rjqhkzji-2J1J50LAtxjD12RQ2GNi_YOVZgiptllk34xJhRviW4Ihl-PqprcH7_IN3AcULPbM8kZusplS5jhiQmVLYbsoz9XZY5MVutczMDqOdsoBzOU7XbVJzj9BeXspPu36Ywkrv8URW5qEGRhwbYIARMamOCQb6QzvBRlF70_NibDVLER633My6SRBpD2nmwTfrgLdz9dCBZEHlJjXK2xqkr8yqgdVIKhRGqBmM3dIhYUHcxVnUYQz7C_R3qZ_r52RxyO2AwrU_nc5rBckh2YYwxN6wzVfzZ5IlwS8zbIFGT8lV70Nm1S-QEdNYMPp1WCVRsLgtSemVVHinOxn1HLWt9vw4ZmG8I26IrxzwsePqBFanoss15ZLs9ZsSTav68vhnQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 004D 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvh75A7uSJCiiwgcOaUM2_9Xz4VTrioDQPWWyKUEC9Bh2VRk5C__QkKYMMS-0V3IFwxnXBBRym4LGMNJuzlNAdOjPOMNto4PbJMZ5k_CO5DWqUnACyuiQ&sig=Cg0ArKJSzNND1pLp2OmLEAE&id=lidar2&mcvt=1000&p=1110,435,1200,1163&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4159779603&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696601586047&rpt=1160&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 004D 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss48UbhO9cTGDmnS89yKPOKl5HYZLl9S6G_dlwSBPZl9TgIJo4WBIuAU-2RoZpS4_GOERy4R26SIereX6zJHiYpZPSwIE-7KF-ZIbs8s4jjn6Q&sig=Cg0ArKJSzAUba1wsdlMqEAE&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=1980819454&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696601586047&rpt=1168&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC88 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=224337728841&version=m202309260101&ct=2&x=13&cor=11921399005681920000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5418 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv58n7jP2FbHGVIAllr1Cn4SzvWDu429mxzkWzwSH-cw7AqpeX9tN5-P8OMVIyc3XWGYYD9xXU5pRdGwIsPhLZAxMObKxZjhQHPYzTEwpLG7C8k7-_hwurhQFtTSKQW&sig=Cg0ArKJSzDtlGrtcQ6QpEAE&id=lidar2&mcvt=1000&p=183,315,433,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1830099629&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696601585842&rpt=1602&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ejan.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 004D 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9255791059177&version=m202309260101&ct=2&x=13&cor=16747566082251256000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 5418 35 B
589 B 21ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4077027165501584801@@59377243,952697987468263907,100|1100|0|0|0|0|0|0|0||139|0|||||1|0|0|bddWzb5VG_RX7EYoWZQhUTVgeerhG8mwEJ48FXf4B6wJzXTdAIsQABhpnBRkvb3lA7z_uuw_WOM1||1|11|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://www.ejan.co
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
993 B 76ms
68ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696601590379&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1558&pt=520519896&tz=120&viewable=true&ddast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3135285&dpubid=552925&abtst=eidc_vB!expl_vE!nonrv_vA!ufm_vG!uftchrwf_vC!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fwww.ejan.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 654990faec659cb334b671fea5b9bd4d6cbf607cf14066744673600c04391296

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:10 GMT
content-encoding: gzip
server: nginx
machineid: 1431
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
369 B 20ms
15ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ejan.co%2F&domain=www.ejan.co&bundle=bX8G8F9KeW9tQ2duRGd3TWZOZnVIbzBBRzJiZ2VhWWlVSjY4JTJGRVpRSDZhM1I5a0dHRFRHVlgwJTJGVkZyV05vaCUyQndGSWg0aWJ1clBxODhPSjB0eDBvMlN6YkpHYTRVYlpuZ1BsVmxIb3NPaDI2aGo4Q0Frc1dyZTBzSGhLazY4Q2FkdTJQVnh5ZVdFTDU4dmF6Z0tZV3pzUWdOQkElM0QlM0Q&cw=1&pbt=1&lsw=1

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 226935
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CF5C 52 KB
17 KB 88ms
10ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 15465
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 06 Oct 2023 14:13:11 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 01 Oct 2023 09:55:16 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1458, 124626
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230039-FRA
X-Timer: S1696601591.312274,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0B1A 15 KB
6 KB 9ms
9ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=36220
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 06 Oct 2023 14:13:11 GMT
expires: Sat, 07 Oct 2023 00:16:51 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 0C85 24 KB
8 KB 97ms
22ms Document
text/html 23.218.208.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C2099%2C3020%2C173%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C345%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

76c66945ab85eebdf7fa7bec3348285b18cf6ca03ac5027390ec72f31277f0ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8451
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 14:13:11 GMT
expires: Sun, 08 Oct 2023 14:13:11 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame B788 3 KB
2 KB 23ms
23ms Document
text/html 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 798
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 811e80e94bc85c38-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 14:13:11 GMT
expires: Fri, 06 Oct 2023 18:13:11 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 84ms
11ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ejan.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 06 Oct 2023 14:13:10 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 244369
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 93E7 281 B
554 B 36ms
22ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 06 Oct 2023 14:13:11 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 pd Show response
adasia-d.openx.net/w/1.0/ Frame 1216 0
71 B 63ms
19ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/pd
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 06 Oct 2023 14:13:11 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 012B 37 B
139 B 36ms
1ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/359/prebid_2023_9_15_10_34_31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ejan.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 06 Oct 2023 14:13:11 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0B1A 3 KB
3 KB 23ms
14ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77901733&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 4111edf2be010b2909f305bc7d3735e1428da4431e7ece5b38f2857946902413

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 14:13:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 7EC5 2 KB
1 KB 32ms
31ms Document
text/html 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ejan.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58ee8091a0dc85463daf2218653fc096ebaa9424994aec2694ba90774321eec0

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 811e80e9cc1c35fa-FRA
content-encoding: br
content-type: text/html
date: Fri, 06 Oct 2023 14:13:11 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TiRDJA3zqbNmiN5DO%2Blf0TB%2BTgD06Z2WRALzTjGUh0f1T%2FyAfBWr6I8LBLsnxqV6YQwl75LhrmBDujUDnxYJVeDfYZELv9FAS%2FBocVMnaPaK2z5tKujA9OLrdxe4kl9wfog%2F8seC%2FTFYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 93E7 36 KB
11 KB 16ms
15ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 14:13:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 22:01:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=27958
Connection: keep-alive
Content-Length: 10539
Expires: Fri, 06 Oct 2023 21:59:09 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame CF5C 0
598 B 23ms
23ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
an-x-request-uuid: a8717510-3ff5-460b-b61c-9ee455d65bed
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.161; 185.213.155.161; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7EC5
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=omlKSaVpHk65ahwco2xVSfVvG0G5akpJpD9pgzf9

43 B
733 B

43ms
40ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=omlKSaVpHk65ahwco2xVSfVvG0G5akpJpD9pgzf9
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ejan.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wEqZCPRyf6IJYY%2BuSI3lbTjkX0lg8GjVzLKqb6dd32dct4D2n5%2B%2BQ4OqszorSa7hXUdho6pnrvxFNbkyf6mP1s2chG0V9qXqdvCPJ%2BjFWy7Q48FNRHtDTlEgMTcSQYlhXNrFN0Ehs60vg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80eb0dec35fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=omlKSaVpHk65ahwco2xVSfVvG0G5akpJpD9pgzf9
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 7EC5
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1712412791&external_user_id=7d0ab8b3-79ec-4ebe-8de1-030d177ab3e9

43 B
738 B

32ms
32ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1712412791&external_user_id=7d0ab8b3-79ec-4ebe-8de1-030d177ab3e9
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ejan.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rRcy9b5%2FSDMCBNNNdu3%2B1yVX8q%2FR%2BZLtsRyJNKGue1MkaSTrrF%2Fp1ch4sRhZIzEFWK8A9lG2AF33zTgEt%2FoXAYMhO6pKrfxD4Dkb5cIgeR%2FKDG8tidTOwdog3fghm6W%2BKsiuZtT0y25Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80ec4fc535fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Fri, 06 Oct 2023 14:13:11 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1712412791&external_user_id=7d0ab8b3-79ec-4ebe-8de1-030d177ab3e9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H3

200

rum
dsum.casalemedia.com/ Frame 7EC5
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1696687991

43 B
725 B

31ms
30ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1696687991
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ejan.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9gq2Pc%2FkfwuFCf%2FW1sQDynrKQEv5sKJMQaZazTxXIrq%2BeuGG1oM6BXb%2FGaWsQsec6%2BwIL0HdzT5cRl5ViBpjJmA0AiPFf4ykvZR8U5z3gBI6IXolX6HQL3acOhZdypbvsgNUGJR"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80eb9ebd35fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1696687991
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 7EC5
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=10101D4331404DA5BD5B392E2E87E2D2

43 B
734 B

42ms
35ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=10101D4331404DA5BD5B392E2E87E2D2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ejan.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTGQCSvAtmFzFaObUj528bZttb92DvesBeKoUvZ%2Fa%2BlDrxRjXLOTB%2FQ%2FIhaTPUhjsMgvUUjjM3Uy790EfQ6LN%2BtlnEMQaFyCiYmtqEjea2Rmc2pXtRhFE6C%2BcGAgiw5WJuK2DoVdO2P8mw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80eb1e0235fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Fri, 06 Oct 2023 14:13:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=10101D4331404DA5BD5B392E2E87E2D2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 05 Oct 2023 14:13:11 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 7EC5
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4077027165501584801&expiration=1697811191

43 B
732 B

41ms
35ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4077027165501584801&expiration=1697811191
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ejan.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rvJKaKzSoY0hHCClxStdTGaAKoi0XAMqsek%2FcpNZCK8Oz1u7aelBoD2PXPAfqEwGre6VlhsfqCuEMQDdbSmKAHDF%2BW8gp20D%2FxsXSh569VG42pbbYfn69jZtoUFYUrhyx%2BKd1cR4xridA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80eb1e0535fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4077027165501584801&expiration=1697811191
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 7EC5
Redirect Chain

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSAV8gZmdfs.1VHdiARoMQAA%262185
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSAV8gZmdfs.1VHdiARoMQAA%262185&tc=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Dd8TvBbMNF00IGZDMcjR&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSAV8gZmdfs.1VHdiARoMQAA%262185&tc=1

43 B
732 B

35ms
34ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Dd8TvBbMNF00IGZDMcjR&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSAV8gZmdfs.1VHdiARoMQAA%262185&tc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ejan.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDJO59o6vW0Ntrauj860CUHLwN%2B3PjbY%2BZWlcg9LDLh0mNauK%2BkS0K0tEQPbV7ZUdL3h%2B27U5FdvX9OdQN6eXRj7b1p9puQbrE5lRBzl77tapf813wC2PhNWf0dXdy63R5rJBmzkJH2Oag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80eb9ebe35fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=Dd8TvBbMNF00IGZDMcjR&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSAV8gZmdfs.1VHdiARoMQAA%262185&tc=1
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT, Fri, 06 Oct 2023 14:13:11 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 7EC5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QJKdUedA1QOLzJ5

43 B
738 B

42ms
35ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QJKdUedA1QOLzJ5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ejan.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5Bu5PvYcx%2BjrF6%2B3V6bp7q3SJM6aEycE10X8vTY%2Bj7j33QSIAxVPNWSmqXiVAohlZoWE96FRFWn99cmn%2BOUDHQsppcxvMZRsrRR%2FcwV7IrdAo1%2BXU5oDmNGISEyNjKXFLpi%2FVLA3XEf6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80eb1e0135fa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:13:11 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e647d20a74bb4317@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QJKdUedA1QOLzJ5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

crum
dsum.casalemedia.com/ Frame 7EC5
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6232296708868768635

43 B
548 B

58ms
49ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6232296708868768635
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ejan.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLO0uHy1UNlOotLd8rXsKqGb0RZMulx72fgIorRqmmF30aoiqfMt%2BqUG5NKtU5KuL55b0nbAsvCnG7LPYbmOwIBRAIvwzaJMDfFXLu5olviIMm717jgelUnH9dzdI%2FaPr%2F3IF5rd"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e80eb18279249-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
an-x-request-uuid: d25cb6ea-e54c-416e-8c33-eb424abff321
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6232296708868768635
x-proxy-origin: 185.213.155.161; 185.213.155.161; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 7EC5 43 B
148 B 47ms
13ms Image
image/gif 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZSAV8gZmdfs.1VHdiARoMQAA%262185
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ejan.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:11 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 57424
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 811e80eb0d7f5c38-FRA
content-length: 43
expires: Sat, 07 Oct 2023 14:13:11 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3509
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

49ms
14ms

Document
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 06 Oct 2023 14:13:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:13:10 GMT
expires: Fri, 06 Oct 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 698644
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame D523
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D91E9B06-5502-4251-8820-766BA79C1A70&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D91E9B06-5502-4251-8820-766BA79C1A70&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

189ms
189ms

Document
image/gif

54.239.33.159

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D91E9B06-5502-4251-8820-766BA79C1A70&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.33.159 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 06 Oct 2023 14:13:11 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 0E04JKN7VF5APGFXK28M

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 06 Oct 2023 14:13:11 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D91E9B06-5502-4251-8820-766BA79C1A70&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 46EK4EZG9K97YWS5MEZN

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 65C8
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6232296708868768635&gdpr=0&gdpr_consent=

42 B
448 B

104ms
11ms

Document
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6232296708868768635&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 06 Oct 2023 14:13:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 36e5bd29-d121-417f-b2fe-031541644dea
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 06 Oct 2023 14:13:11 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6232296708868768635&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 185.213.155.161; 185.213.155.161; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A855
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ki-cLy0vyCgxLMp8fiuDJyh8yisxKJsoLS1eTx4e

42 B
565 B

90ms
17ms

Document
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ki-cLy0vyCgxLMp8fiuDJyh8yisxKJsoLS1eTx4e
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 06 Oct 2023 14:13:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Fri, 06 Oct 2023 14:13:11 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Ki-cLy0vyCgxLMp8fiuDJyh8yisxKJsoLS1eTx4e
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 222E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7286848347700918416&gdpr=0&gdpr_consent=

42 B
219 B

72ms
15ms

Document
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7286848347700918416&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 06 Oct 2023 14:13:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Fri, 06 Oct 2023 14:13:11 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7286848347700918416&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F085
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8dd73b8f-cc37-4ab0-9e65-3d0137c1eb85&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=4dfa486b-bfb1-4415-a571-ada863ff2749&expires=1&user_group=2&ssp=pubmatic&bsw_param=8dd73b8f-cc37-4ab0-9e65-3d0137c1eb85&gdpr=0&gdpr_consent=&gdpr_pd=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8dd73b8f-cc37-4ab0-9e65-3d0137c1eb85&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

1 B
185 B

16ms
15ms

Document
text/html

198.47.127.205

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8dd73b8f-cc37-4ab0-9e65-3d0137c1eb85&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Fri, 06 Oct 2023 14:13:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 06 Oct 2023 14:13:11 GMT
location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8dd73b8f-cc37-4ab0-9e65-3d0137c1eb85&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6044
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zsGBOlCEXwlScAw6TiDIQbnVm6E&gdpr=0&gdpr_consent=

42 B
300 B

15ms
14ms

Document
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zsGBOlCEXwlScAw6TiDIQbnVm6E&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 06 Oct 2023 14:13:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Fri, 06 Oct 2023 14:13:11 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zsGBOlCEXwlScAw6TiDIQbnVm6E&gdpr=0&gdpr_consent=

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0B1A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2R6bBlUCQlGIIHZrp5wacA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

21ms
12ms

Image
text/html

23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:11 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=36220
accept-ranges: bytes
content-length: 5606
expires: Sat, 07 Oct 2023 00:16:51 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 0B1A 49 B
265 B 139ms
32ms Image
image/gif 99.80.190.120

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D91E9B06-5502-4251-8820-766BA79C1A70&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.190.120 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.17
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 0B1A
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3733892751
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D91E9B06-5502-4251-8820-766BA79C1A70

0
284 B

76ms
20ms

Image
text/plain

34.111.131.239

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D91E9B06-5502-4251-8820-766BA79C1A70
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 34.111.131.239 -, , ASN (),
Reverse DNS
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
via: 1.1 google
last-modified: Fri, 06 Oct 2023 14:13:11 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D91E9B06-5502-4251-8820-766BA79C1A70
date: Fri, 06 Oct 2023 14:13:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame 0B1A
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=D91E9B06-5502-4251-8820-766BA79C1A70
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmNnRUp6eS02cExUbW1SbVV2eWowQ3BlUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=4077027165501584801&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

103ms
102ms

Image
image/png

54.152.59.28

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: HTTP/1.1
Server: 54.152.59.28 -, , ASN (),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 14:13:12 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 06 Oct 2023 14:13:12 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0B1A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDkxRTlCMDYtNTUwMi00MjUxLTg4MjAtNzY2QkE3OUMxQTcw&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

27ms
17ms

Image
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 06 Oct 2023 14:13:10 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0B1A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE0Ogfh0je4YzV50uSRgkfE&google_cver=1

42 B
345 B

27ms
18ms

Image
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE0Ogfh0je4YzV50uSRgkfE&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 06 Oct 2023 14:13:11 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE0Ogfh0je4YzV50uSRgkfE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 0B1A 43 B
409 B 36ms
31ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 05 Oct 2023 14:13:11 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0B1A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4077027165501584801

42 B
321 B

25ms
16ms

Image
image/gif

198.47.127.205

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4077027165501584801
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 198.47.127.205 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 06 Oct 2023 14:13:11 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4077027165501584801
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0B1A 70 B
148 B 44ms
40ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:11 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame 0B1A 0
38 B 16ms
12ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D91E9B06-5502-4251-8820-766BA79C1A70&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 D91E9B06-5502-4251-8820-766BA79C1A70
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0B1A 43 B
602 B 45ms
41ms Image
image/gif 2a05:d018:d29:3601:bf41:b326:fa86:2937
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/D91E9B06-5502-4251-8820-766BA79C1A70?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:bf41:b326:fa86:2937 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0B1A 0
187 B 27ms
23ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 06 Oct 2023 14:13:11 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 93E7 7 B
380 B 17ms
10ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame 5418 35 B
589 B 23ms
23ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4077027165501584801@@38735235,543339070044985627,0|0|0|0|0|0|0|0|0||0|0|||||1|0|0|NlmW-JwvWRdX7EYoWZQhUQzTEayc-a9sRiCw5HlT20g0vO1hwPw6rBhpnBRkvb3lA7z_uuw_WOM1|||11|0|0|0|@@59377243,952697987468263907,100|4099|0|0|0|0|0|0|0||518|0|||||1|0|0|bddWzb5VG_RX7EYoWZQhUTVgeerhG8mwEJ48FXf4B6wJzXTdAIsQABhpnBRkvb3lA7z_uuw_WOM1||1|01|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://www.ejan.co
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame CF5C 0
598 B 14ms
14ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:12 GMT
an-x-request-uuid: 51cb64cb-1999-40b0-a43e-f643fcc39f33
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.161; 185.213.155.161; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
1022 B 93ms
93ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1696601593297&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1558&pt=520519896&tz=120&viewable=true&ddast=V8PvkCLAagvnYUMhOY1BJAfe0oZCYwqS0AAABgYID-AAmNnLuRx2JYi3wrl1u0cM3cCovDsNaYBrvZyDgarIwrIyChkXM38lgMa5Fv5XKLFq6ZW2FxGNYa02A3GxlHg5VxZQUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG5Cg6XT4XPd63e93V1kddrvG79f9LWeTX-XxjP62kW9ztgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDgs3MvpdVk-R5fT7Q8AAAAAIAAAAABIACC8dZcAeLmuOfH_________H2OAPvNGxv____8Ngx4ADz4AHoQAAAB8DPH6GC8ehzttIlJwWoQRAAAAgNzqzdAjk3SCikWV____fisAVwAAAhYLql5RsugOSryFAQAAEBizQA-L32922DV-t8v8_________5v5P_OPRqhI-DFNkEdPnJpfQACANb-AAABs1A0AwBsBOEGHoBWDweoExOwAAAAA3Pn____XA5KL2WI0mGxcK89suRmZRivTbrgZeZabjcPmsCy3h3ck9JfbTVGvT4iwzH7fQUE5PT1ml0FUdL0tdofT7DmIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvdAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphYbXajhW20lowsFrdoOZq5FcbVZi3b2JYT02Y1my1cbtHrY_o4lsuJbeZFggEne5E8LdKJaDlzjoyzlXHl8VgWu81i5ljtFsuNcbQwDBazyUQs0Zws0onssm8uZovRYLJxrTyz5WZkGq1Mu-Fm5FluNg6bw7LcN1ab3WhhG60lI4vFLVqOZm6FcbVZyza25cS0Wc1mC5db9PqYPo7lcmKb-Ruz5Ww2WKyGm31jtpzNBovVcLPv0Bm-q8_ZaHys1B6fRHIsHr83p0HhMli8P4lpMe3ODp6z7-i0if3O7s7o9_v9fr_f7_f7_Qat52A2KHzHnerwWd4mw8pPdxAbDIpYIrhIJyqrw-5WWR12j98ilihNF-lEr_tbzia_yuMZ_W0j3-ZsEUsEp4t0InoZTxf1Hz3EcDWXLDZzxWo1V8wWqwQAAAAAAAAAYAmmmW4CAAAA4GRQq8lyslqng1lsVpPharkALMJSdP3UB4B-wxAK7_p6LzbgHeFXL9bYYwtlddjdKqvD7vFbGYBFmAizzT4jiLVaLWsAAAAC2AAAAAK46cabgPAq7v___38cAAAAGTn0AAAA6PcBHWmFH7lS7PEjyOFstH8AKsRarVa3G2u1WgELcLIZTCbw____Hw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3135285&dpubid=552925&abtst=eidc_vB!expl_vE!nonrv_vA!ufm_vG!uftchrwf_vC!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fwww.ejan.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.8/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a501abbf6bbfce3a1e93b331b6adae644844588569dfb0a7a85717c9007863a7

Request headers

Referer: https://www.ejan.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:13:13 GMT
content-encoding: gzip
server: nginx
machineid: 1401
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ejan.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 0B1A 0
260 B 64ms
17ms Script
text/plain 185.64.190.81

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158497&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:13:11 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

356 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

106 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ejan.co/world	1970-01-20 15:16:46	Name: qtype-session Value: 3a354f3d-042b-40b6-8c94-5ecdc4fc4a19
www.ejan.co/world	1969-12-31 23:59:59	Name: verify Value: test
.ejan.co/	1970-01-20 17:26:17	Name: _gcl_au Value: 1.1.83484479.1696601582
.ejan.co/	1970-01-21 00:52:41	Name: _ga_0LPCX7QHXD Value: GS1.1.1696601582.1.0.1696601582.0.0.0
.ejan.co/	1970-01-21 00:02:17	Name: _ym_uid Value: 1696601583783280194
.ejan.co/	1970-01-21 00:02:17	Name: _ym_d Value: 1696601583
.www.ejan.co/	1970-01-21 00:02:17	Name: cf_clearance Value: 2FF90gNahbY9HxiI8oHaNotB11jla.Q0TpthXVSy1qc-1696601582-0-1-d06a5648.63d96cff.b34d85e0-0.2.1696601582
.ejan.co/	1970-01-20 15:18:07	Name: _gid Value: GA1.2.968438074.1696601583
.ejan.co/	1970-01-20 15:16:41	Name: _gat_UA-106597280-1 Value: 1
.mc.yandex.com/	1970-01-20 15:16:42	Name: sync_cookie_csrf Value: 1744311017fake
.doubleclick.net/	1970-01-21 00:38:17	Name: IDE Value: AHWqTUnRg3xYk3RjmVUWU6ThKHn5wgFmZ9drKzo0BC9pu7_drh6_6-rT73TEwDcM
.ejan.co/	1970-01-21 00:52:41	Name: _ga_NC32QW73J2 Value: GS1.1.1696601582.1.0.1696601582.60.0.0
.ejan.co/	1970-01-21 00:52:41	Name: _ga Value: GA1.1.156981466.1696601582
.ejan.co/	1970-01-20 15:17:53	Name: _ym_isad Value: 2
.ejan.co/	1970-01-20 17:26:17	Name: _fbc Value: fb.1.1696601582957.iwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw
.ejan.co/	1970-01-20 17:26:17	Name: _fbp Value: fb.1.1696601582958.2125418184
.mc.yandex.ru/	1970-01-20 15:16:42	Name: sync_cookie_csrf Value: 340731988fake
.ejan.co/	1970-01-20 15:16:41	Name: lotame_domain_check Value: ejan.co
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2201557601696601583
.yandex.com/	1970-01-21 00:52:41	Name: i Value: hOBX3SQYncVBLtVdtSCZRdrSaYHpAkzP/30wvYHsmEnCSUPI/ZDARspvLo/VxAOOkn6J5R6GIaaQFmMlGMhP57BP204=
.yandex.com/	1970-01-21 00:52:41	Name: yandexuid Value: 1823963091696601583
.yandex.com/	1970-01-21 00:02:17	Name: yuidss Value: 1823963091696601583
.yandex.com/	1970-01-21 00:02:17	Name: ymex Value: 1728137583.yrts.1696601583#1728137583.yrtsi.1696601583
.yandex.com/	1970-01-21 00:02:17	Name: bh Value: KgI/MA==
.criteo.com/	1970-01-21 00:38:17	Name: uid Value: 0c9c70ee-2921-4c72-89d1-0558790e2f82
.openx.net/	1970-01-21 00:02:17	Name: i Value: 7df78786-004c-41ba-97f1-2c76d2124fa8\|1696601583
.ejan.co/	1970-01-20 15:16:43	Name: _ym_visorc Value: b
.ejan.co/	1970-01-21 00:38:17	Name: __gads Value: ID=4d870ea52b25bfb2:T=1696601583:RT=1696601583:S=ALNI_Ma7qP0j1CppjPg9F_htzuJLOjXkog
.ejan.co/	1970-01-21 00:38:17	Name: __gpi Value: UID=00000c8f9d3f354b:T=1696601583:RT=1696601583:S=ALNI_MY3BkZ3zUcWQDMtbIyMXDOWwQGieg
.qlitics.com/	1970-01-21 00:52:41	Name: thinmint Value: 081e1541-3f7c-46b1-bc7b-8b7288681059
www.ejan.co/	1970-01-21 00:52:41	Name: thinmint Value: 081e1541-3f7c-46b1-bc7b-8b7288681059
.ejan.co/	1969-12-31 23:59:59	Name: _cbclose Value: 1
.ejan.co/	1969-12-31 23:59:59	Name: _cbclose61286 Value: 1
.ejan.co/	1970-01-21 00:02:17	Name: _uid61286 Value: E52BDF75.1
.ejan.co/	1970-01-20 15:16:42	Name: _ctout61286 Value: 1
www.ejan.co/	1970-01-21 00:02:17	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D15374a64-2dbb-494f-a853-6c69b43566ae-tuctc199b6f
www.ejan.co/	1970-01-20 15:59:53	Name: _pbjs_userid_consent_data Value: 3524755945110770
.rubiconproject.com/	1970-01-21 00:02:17	Name: khaos Value: LNEOS15B-M-4PWU
.rubiconproject.com/	1970-01-21 00:02:17	Name: audit Value: 1\|naVuGyos1qoRr/FOpHeNbj5APvdogVCbaTd6KyMQnas9gLr7Yht2fU3BJVPJmCWiNMucJzHTsZ4rWC2sHaWSSjm05Xhm+qskM62wvE84cxG+xUA9sgf/4bKpUjWTmmg0
.adform.net/	1970-01-20 16:01:23	Name: C Value: 1
.doubleclick.net/	1970-01-20 19:35:53	Name: APC Value: AfxxVi5RHIpxiG5Z0Ly7Z6ubsUgDT6KkABmmm9UNMmhbB84resKh0g
.adnxs.com/	1970-01-20 17:26:17	Name: uuid2 Value: 6232296708868768635
.casalemedia.com/	1970-01-21 00:02:17	Name: CMID Value: ZSAV8gZmdfs.1VHdiARoMQAA
.casalemedia.com/	1970-01-20 17:26:17	Name: CMPS Value: 2185
.casalemedia.com/	1970-01-20 17:26:17	Name: CMPRO Value: 2185
.adnxs.com/	1970-01-20 17:26:17	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In5LKd%Q!@wnfH8K6pQK`!5=E<L5?%K50V)a5]QV6[aB%Pb19fb`hU^(.AqDhtP9_Uk%nugO%v4VB%noWWEMp3
.adform.net/	1970-01-20 16:43:05	Name: uid Value: 4077027165501584801
.adform.net/	1970-01-20 15:26:46	Name: TPC Value: 1696601586583
.yahoo.com/	1970-01-21 00:02:39	Name: A3 Value: d=AQABBPIVIGUCEMGgvaa3FxwJcPh7laVU6tsFEgEBAQFnIWUpZQAAAAAA_eMAAA&S=AQAAAvjQqiZvXQpFyKQMWn32DOY
.ctnsnet.com/	1970-01-21 00:02:17	Name: cid_e9ab459a0f2d4339ad6df3fb484d8db1 Value: 1
.3lift.com/	1970-01-20 17:26:17	Name: tluid Value: 3527529971922756455538
.1rx.io/	1970-01-21 00:02:17	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a1cb47af-b083-4c22-a2cd-bfc48821f446-003%22%7D
.pubmatic.com/	1970-01-21 00:02:17	Name: KADUSERCOOKIE Value: D91E9B06-5502-4251-8820-766BA79C1A70
.targeting.unrulymedia.com/	1970-01-21 00:02:17	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a1cb47af-b083-4c22-a2cd-bfc48821f446-003%22%7D
.rfihub.com/	1970-01-21 00:38:17	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjUzNDA0NTE2MhTiM9QtCE3J80p0zzJxyUkHAAZwT3slAAAA
.rfihub.com/	1970-01-21 00:38:17	Name: eud Value: H4sIAAAAAAAA__vFyGtoZmlmZmBoamFuYmQAAJzsgBQQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjUzNDA0NTE2MhTiM9QtCE3J80p0zzJxyUkHAAZwT3slAAAA
.ads.stickyadstv.com/	1970-01-20 15:59:53	Name: UID Value: 85dc96382db7b7834ac1852b6c600
.ads.stickyadstv.com/	1970-01-20 15:59:53	Name: uid-bp-34673 Value: ZSAV8gZmdfs-1VHdiARoMQAACIkAAAAB
.ejan.co/	1970-01-21 00:38:17	Name: cto_bundle Value: tDfa7l9KeW9tQ2duRGd3TWZOZnVIbzBBRzJSYkxMQjk3bE9HMjdaM0pHZmJVRjhHYjh3VFlzalJmaWlubjRVeXpjQ3lqdGpiZ3FpbEhZUUVOUHFaUGN1QnN6WHZkandmSlVSV1cxcDlPNzhSY1hMazBBOTY1alFyaG9GQlVFd2paNTJRJTJGZXdyckM4cjR5ZUFnRDhra291MXFaZyUzRCUzRA
.w55c.net/	1970-01-21 00:48:22	Name: wfivefivec Value: QJKdUedA1QOLzJ5
.simpli.fi/	1970-01-21 00:03:43	Name: suid Value: 10101D4331404DA5BD5B392E2E87E2D2
.w55c.net/	1970-01-20 15:59:53	Name: matchgoogle Value: 5
.bidr.io/	1970-01-21 00:45:15	Name: bito Value: AADP_k7KQCwAABhx4-TyRQ
.bidr.io/	1970-01-21 00:45:15	Name: bitoIsSecure Value: ok
t.adcell.com/	1970-01-20 15:21:00	Name: ADCELLvpid11538 Value: 344120-46690-oneidDjYa3fwfb3kVH3HmH9t1tmB5JFxSmTYEFVoneid__adf_Netmix_Reach05_DC%23%23%23%23%40%40%40%401696601587
.helmexpress.com/	1970-01-21 00:02:17	Name: tsv Value: kCQ!IA78na_xFW0!AQ\|C6eA!A!~BFM4T_HA*36
.r.niwepa.com/	1970-01-21 00:02:17	Name: tsv Value: kGo!IA78na_6tps!AQ\|CGQg!A!~BDyGgwug*3g
.awin1.com/	1970-01-20 15:19:34	Name: awpv14702 Value: 412871\|1696601590\|7a8868c0-6452-11ee-8502-226591661de6
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 365825:2531885
.ads.pubmatic.com/	1970-01-20 15:18:07	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 17:26:17	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 15:18:07	Name: pi Value: 158497:3
.pubmatic.com/	1970-01-20 17:26:17	Name: DPSync3 Value: 1697760000%3A201_245_241_235
.pubmatic.com/	1970-01-20 17:26:17	Name: SyncRTB3 Value: 1697846400%3A35%7C1697155200%3A223%7C1697760000%3A13_55_54_3_8_71_21_56_220_251_233%7C1699142400%3A203%7C1697414400%3A63
.bidswitch.net/	1970-01-21 00:02:17	Name: tuuid Value: 8dd73b8f-cc37-4ab0-9e65-3d0137c1eb85
.bidswitch.net/	1970-01-21 00:02:17	Name: c Value: 1696601591
.bidswitch.net/	1970-01-21 00:02:17	Name: tuuid_lu Value: 1696601591
.quantserve.com/	1970-01-20 17:26:17	Name: d Value: EF4BDQGPKrjvsQA
.quantserve.com/	1970-01-21 00:46:55	Name: mc Value: 652015f7-6de70-0a3c8-6200c
.adfarm1.adition.com/	1970-01-20 17:26:17	Name: UserID1 Value: 7286848347700918416
.w55c.net/	1970-01-20 15:59:53	Name: matchcasale Value: 5
.pubmatic.com/	1970-01-20 17:26:17	Name: KRTBCOOKIE_57 Value: 22776-6232296708868768635&KRTB&23339-6232296708868768635
.pubmatic.com/	1970-01-20 15:59:53	Name: KRTBCOOKIE_1101 Value: 23040-7286848347700918416&KRTB&23369-7286848347700918416
.pubmatic.com/	1970-01-20 15:59:53	Name: KRTBCOOKIE_391 Value: 22924-4077027165501584801&KRTB&23263-4077027165501584801&KRTB&23481-4077027165501584801
.pubmatic.com/	1970-01-20 17:26:17	Name: KRTBCOOKIE_153 Value: 1923-Ki-cLy0vyCgxLMp8fiuDJyh8yisxKJsoLS1eTx4e&KRTB&19420-Ki-cLy0vyCgxLMp8fiuDJyh8yisxKJsoLS1eTx4e&KRTB&22979-Ki-cLy0vyCgxLMp8fiuDJyh8yisxKJsoLS1eTx4e&KRTB&23403-Ki-cLy0vyCgxLMp8fiuDJyh8yisxKJsoLS1eTx4e
.pubmatic.com/	1970-01-20 17:26:17	Name: KRTBCOOKIE_80 Value: 22987-CAESEE0Ogfh0je4YzV50uSRgkfE&KRTB&23025-CAESEE0Ogfh0je4YzV50uSRgkfE&KRTB&23386-CAESEE0Ogfh0je4YzV50uSRgkfE
.weborama.fr/	1970-01-21 00:42:36	Name: AFFICHE_W Value: 9uthTb8vyej275
.nrich.ai/	1970-01-21 00:52:41	Name: _nauid Value: 4dfa486b-bfb1-4415-a571-ada863ff2749
.creativecdn.com/	1970-01-21 00:02:17	Name: u Value: Dd8TvBbMNF00IGZDMcjR
.creativecdn.com/	1970-01-21 00:02:17	Name: ts Value: 1696601591
.pubmatic.com/	1970-01-20 17:26:17	Name: KRTBCOOKIE_466 Value: 16530-8dd73b8f-cc37-4ab0-9e65-3d0137c1eb85
.company-target.com/	1970-01-21 00:52:41	Name: tuuid Value: 7d0ab8b3-79ec-4ebe-8de1-030d177ab3e9
.company-target.com/	1970-01-21 00:52:41	Name: tuuid_lu Value: 1696601591\|ix:0
.amazon-adsystem.com/	1970-01-20 21:44:03	Name: ad-id Value: AzL4twE5fURFjHqu5RHzl1M
.amazon-adsystem.com/	1970-01-21 00:52:41	Name: ad-privacy Value: 0
sync.srv.stackadapt.com/	1970-01-21 00:02:17	Name: sa-user-id Value: s%3A0-cec1813a-5084-5f09-5270-0c3a4e20c841.mQhhRHx%2BpBD3hmeVWfF8oWFF5c7xIgRG8zkCFiEyTH4
.srv.stackadapt.com/	1970-01-21 00:02:17	Name: sa-user-id Value: s%3A0-cec1813a-5084-5f09-5270-0c3a4e20c841.mQhhRHx%2BpBD3hmeVWfF8oWFF5c7xIgRG8zkCFiEyTH4
sync.srv.stackadapt.com/	1970-01-21 00:02:17	Name: sa-user-id-v2 Value: s%3AzsGBOlCEXwlScAw6TiDIQbnVm6E.HuC4es9%2BnYnX5Ev9ou5tZ3jrXpBX%2BjCW6kABo%2FU5pOo
.srv.stackadapt.com/	1970-01-21 00:02:17	Name: sa-user-id-v2 Value: s%3AzsGBOlCEXwlScAw6TiDIQbnVm6E.HuC4es9%2BnYnX5Ev9ou5tZ3jrXpBX%2BjCW6kABo%2FU5pOo
sync.srv.stackadapt.com/	1970-01-21 00:02:17	Name: sa-user-id-v3 Value: s%3AAQAKINH6hGrledGPW4dR3lqixNJd8l4vdWsnppafZhhwp159EHwYBCD3q4CpBjABOgSAjA8ZQgQc8U1Z.y6VsMUbIvlKdYFzsJlIdIUZzZ8YqUsTvYdpyjoMQx2s
.srv.stackadapt.com/	1970-01-21 00:02:17	Name: sa-user-id-v3 Value: s%3AAQAKINH6hGrledGPW4dR3lqixNJd8l4vdWsnppafZhhwp159EHwYBCD3q4CpBjABOgSAjA8ZQgQc8U1Z.y6VsMUbIvlKdYFzsJlIdIUZzZ8YqUsTvYdpyjoMQx2s
.audrte.com/	1970-01-20 15:38:17	Name: arcki2 Value: bcgEJzy-6pLTmmRmUvyj0CpeQ!20220908!1696601591822!ip#185.213.155.161
.audrte.com/	1970-01-20 15:38:17	Name: arcki2_pubmatic Value: D91E9B06-5502-4251-8820-766BA79C1A70!20220908!1696601591825
.pubmatic.com/	1970-01-20 17:26:17	Name: KRTBCOOKIE_860 Value: 16335-zsGBOlCEXwlScAw6TiDIQbnVm6E&KRTB&23334-zsGBOlCEXwlScAw6TiDIQbnVm6E&KRTB&23417-zsGBOlCEXwlScAw6TiDIQbnVm6E&KRTB&23426-zsGBOlCEXwlScAw6TiDIQbnVm6E
.pubmatic.com/	1970-01-20 15:59:53	Name: PugT Value: 1696601591

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=2045165&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gpab2m5ewy87cnnrq9013x9mh0mhb7nxd3y82kmq0hhcfj0zetq5he6yhy6bxzdge9195vzfkh1s136wtyr8pg6wa4x83ammsx2a05egn5fkfm80nb1zcawx7kexy09nns5av21dn8s7jhm6tmt62kdhmztrtnetaqxt7bepxrsn5q0kee6bsxqj8swxg62h8r507mz955a8ver47j211jg56m03j226ngm31eemp8d82gv0sqf2aqm4wsrde9vgykke%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59377243%253Bcrtbwp%253DZSAV8AAAAABx0b9cDouIbCEZOcD_M26baMYT0w%253Bcrtbdata%253D-tyE_VEosu4NdKfYwYyBQ4rB4jIh_OnHyWeoIL6loJ2gS9t_2l9Xr6h-Z5go3ET45Q9x3KzSb3nzR2Yg3mBnfkjyVMOFCZarPsEZmHx1hsoCyq9KruF6LOtQEK8gyZMz76hWQyBR41loTAfFX4G0RDFmkh8sZ7Ip6b5UAL5SK8TVrAg0jzH-VLMVIMv8FLGGc5IDb72q_1PMDb6PahX-kUi4u9nOGNHEEXbV-ZJC4-XjNvcFCN8sVZG2OVatNIIkomN1-c6UvUo1%253Badfibeg%253D0%253Bcdata%253Di8D-eTwXkziMeYq4YmaKezq9dn2CFLzmxPxtKpqNg_WNaBfrJz99bCvZhEBkHI_cvQfBlXgAX8t7bdp-DsExYsX4De8FoXoTV-xGKFmUIVE1YHnq4RvJsBCePBV3-AesCc103QCLEAAYaZwUZL295WT0lQkXAT8x0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.ejan.co%25252fworld%25252fec3to6d7sl%25253ffbclid%25253diwar1fqdn_i-jomtxy2qhvhx29uzzjvii6flxzc8bexlguyjqbhwi2tz-l_iw%253BC%253D1%253Bcpdir%253D&clickref=oneid8WkDFDf8fKw4hgHJHEtqCd9dcGSwTpDBCbGMoneid__adf_Netmix_Reach01_03&viewref=oneidzg8ZtRfYfb4QHpHBHMtqt161CVSwTQ7KCG1Aoneid__adf_Netmix_Reach01_03 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D91E9B06-5502-4251-8820-766BA79C1A70&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Strict-Transport-Security

max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

37b979bfb65a269e285c43ff1db84656.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a237.casalemedia.com
a4393.casalemedia.com
a5161.casalemedia.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.yieldlab.net
ad4m.at
adasia-d.openx.net
ads.pubmatic.com
ads.stickyadstv.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
anymind360.com
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
bs.yandex.ru
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn-ima.33across.com
cdn.gumlet.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.ocmhood.com
cdn.prod.uidapi.com
cdn.taboola.com
cds.taboola.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
cnt.trvdp.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
creativecdn.com
d.adroll.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fea.assettype.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
gumlet.assettype.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.assettype.com
images.taboola.com
imprammp.taboola.com
jdswhq.helmexpress.com
js-sec.indexww.com
lvs.truehits.in.th
match.adsrvr.org
match.prod.bidr.io
mc.yandex.com
mc.yandex.ru
mug.criteo.com
neso.r.niwepa.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-sync.sitescout.com
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prebid.media.net
prg-apac.smartadserver.com
prod-analytics.qlitics.com
pv.medialead.de
region1.analytics.google.com
region1.google-analytics.com
res.cloudinary.com
rt.ad-score.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.trvdp.com
s0.2mdn.net
s1.adform.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
static.ejan.co
stats.g.doubleclick.net
stg.truvidplayer.com
sync.1rx.io
sync.crwdcntrl.net
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adcell.com
tag.adbro.me
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
webservice.belboon.com
wf.taboola.com
www.awin1.com
www.ejan.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www1.belboon.de
x.bidswitch.net
104.18.24.18
104.18.27.193
104.18.35.167
108.138.9.235
13.32.99.40
141.226.224.32
141.226.228.48
142.250.185.194
142.250.185.226
142.250.186.98
143.204.215.19
145.239.193.130
151.101.129.108
151.101.129.44
151.101.65.44
151.101.65.55
162.19.138.82
173.231.181.122
178.250.7.11
178.250.7.13
18.135.175.58
18.159.182.232
18.193.237.199
18.239.18.29
18.66.110.17
185.170.62.165
185.184.8.90
185.64.189.112
185.64.190.81
185.80.36.187
185.86.139.58
185.86.139.94
185.89.210.46
193.0.160.130
198.47.127.19
198.47.127.205
2.21.20.200
2001:4860:4802:34::36
2001:4860:4802:36::178
203.154.91.181
209.54.182.161
23.218.208.23
23.32.184.192
23.35.237.75
23.56.205.163
2600:9000:211e:4600:1b:5138:8a40:93a1
2600:9000:2250:8000:1c:71c5:c3c0:93a1
2600:9000:2250:ce00:a:e047:753:6381
2600:9000:225e:e400:11:c3fe:5b00:93a1
2602:803:c003:200::43
2606:4700:10::6816:30fd
2606:4700:10::6816:3556
2606:4700:10::ac43:1be8
2606:4700:20::681a:6e4
2606:4700:20::681a:ad1
2606:4700::6810:3865
2606:4700::6810:5714
2606:4700::6812:5bc6
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:801::200a
2a00:1450:4001:806::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9a
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::2
2a02:26f0:480:588::523
2a02:6b8::1:119
2a02:6b8::90
2a02:cb40:200::242
2a02:fa8:8806:20::2040
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:cc3:fe05:6646:86d3:d57a:3a46
2a05:d018:d29:3601:bf41:b326:fa86:2937
2a06:98c1:3120::3
3.33.220.150
3.75.62.37
3.83.71.62
34.102.146.192
34.111.129.221
34.111.131.239
34.120.135.53
34.120.63.153
34.77.79.66
34.91.62.186
34.96.71.22
34.98.64.218
35.157.117.145
35.186.193.173
35.186.253.211
35.208.216.174
37.157.5.72
37.157.6.233
37.157.6.243
45.83.104.71
46.228.174.115
46.228.174.117
51.255.68.171
51.89.9.253
52.18.11.220
52.208.23.16
52.7.13.39
54.152.59.28
54.239.33.159
54.77.82.203
64.74.236.127
65.9.66.104
65.9.66.43
69.173.144.139
76.223.111.18
85.114.159.93
85.91.45.75
89.58.7.59
95.101.149.233
95.101.149.35
98.98.134.243
99.80.190.120
99.86.4.71
03b7408e2d9bcfdb98511ff6bfdff230f88131bb392de3cdedc29e5a69547d3b
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05c8f92be3dfe29b4cbe1ec304117f7161c5ab7bcc8127abde16b56851d148e1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06dbd194f8dd1ea2dada8e73f5c7ad05157e3821ca00ce6a4cd65845014763c3
07484cc5c4459104a809bfb7d227ac3beaaf0424da333e640669339201943e66
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08e53442748a876d664005ea82f14fe894211f54adab26f33e9eb4e332c68b0d
08e602a6b0a07ac6522783a06dd7fc0e8e948edb7bf16521e2f8d108a1400f9e
0a1d30dfa791e1125588bddca1eb3d05b4bdb3ce840765bad8c08b9ba7d28b69
0a3478d9e6ef73503c4ece3ee4938a10baf831283999b23d558e5c38949d92bd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb1a25926ad58e37f5ac9b8e4164d29eee9c03ce16a7f7bafdeaa34c7634674
0c18a7096d8615e2b30d7fbaccb64fe00b6cffccf671c3c4ca53244640722202
0c553891c301f7759acdbce7a5f04d2671a16406a960710d2e23e87e1123bec4
10a59f50b8d253cc34381b086b946a5f677b44600b248c8d84421165b0d4b7a4
10bd27153e01cd9d3daa2db21b352dd00bfc0a839a3523dc7efa20e7e0e0f5f3
10c335b61ae6e19fce7663076580ea6c9cab1a03164d3b9632891c214fa0255e
122bbb82786de45f899024e30ba46be0ffe396c5db6d68060671ffd83ab6c76f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13a0581d979a68cc21ae8e42917177dc7a7f85a7935477e48afe1c3c6ff21c31
13df2bb7aaa7526f48a0135ce43c27dcedd42b1c10bd4f8da2d7965b62b50102
13ecf8b655a13c535040f5780fc05749d95940f5084c39dab4faf88517fbf0ce
144f00d0275151ffcc291cb3b0d5ec284e374f06e5b16f5e701f0eea455c9d60
16f97878909c2763c2d7c1219472c3d3130a8007a6ea852049e388ea752fb697
16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1871094f9e890357a2867e967397fd342d3be0ba8fe4f69806bb5d54a7cbb055
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
193851be4b21cb5abd35752d000f4e44ed8c09e2ea3880458e69c780d935398e
1afdfc6363556a7d73b664670e526edfff5d96b7cb780f5da3f9456f834fa1bf
1e35d8452970a4282fd8474243ff33e59b7c1f4b24fd9c0843d868b08efe1a1a
22448f459d343be586255d8f7f412d32ac59a854ee4a193e037170a55c7bccac
2260074041e8fd0d66221a864f90c5e6946fd01f8043bdd96fed3587ccebce86
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
243b8004bbad8b11b4235f5dc0573154eea524d731755a600742cc98faa74932
24cc8864e7c0821b962d3e578a391602e9cff9107ccbd750fe294a74226a931b
25b4942d314ab273d50fb197a90e4b37c9faa2c3f8b27f8da575cedba4395310
2666d821e6b53e7bc5d7dd513f07b4081cbe859c04c86541b556375b56262042
267a73528e91abce7c69204ea5f8b3598d1d03bba8a3e65b62b16be385239be3
28dcdc76e8bd86d238f0a19f7292cb3305909339d7b584d018e57c8299221c5f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bbdea1641907d8624ed5fff410ac82a57e6328332422a0118067115a0c92af7
2c0a978b042decc10d2e9f74826d12357e713afcf68ffe84cab1a1d3a2bb421c
2c1b4ffd3d6aae45c5e5ae3fde9374daf632286062b7cda71f5ebd893cada986
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e04a6e23b0fd1c18b55ffb7780bb76bf694f0bd18f4a395aee44870967bf851
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30577f62fe67e604326b95b6b6faa9f4ff9833c382d63c9bdbc1d0ba19f0252e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d1acc0c288903c49aaf73efd6403c6778cb78a180ba3c16e1c45fc38840764
33406ec7b140b95b3ad6980aa476febefe3063532e97d051610cb411f60a227b
350a2f81e8b190cf9f684c82b27e1b43f448dadca32ff207d6de89a4bd4884af
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ddf454a513421b70b6f0e6b97913e9d59b01b46bf92b79ba2af4b62ab42cdf6
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401b5d6e2c79408dc653ac852ce0463a60e90777708b017ccd0ebf3032cc3b5d
4111edf2be010b2909f305bc7d3735e1428da4431e7ece5b38f2857946902413
43b66b10f979dbc5d0a4432045e8699e83f780d56478dda72b7f0de1fe0dbd48
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447a14153bb1e6f9debb360b1fab448a9905d88eff4a6ca2cd248daeece706cd
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
45a38360b6021d586489273c7efebe913190b9af6496dc3963fb78981aff1b51
45cb21569883b705efac003f713e3dcd819ac50cf548d98ec25083f91c10fda0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47dd0c4ec56f11d0b658ae2333d48d02a52ee4ead61edd6373955e1c8729d7b9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c9863c2c63fe93ac666e7be3b7f101807014da5b04de1fcd19976a7e041bb9
49f3da2a329101c3cf4cc54429360ab860a918faa9e8c7761b70a3416bc34503
4a8c55e2a65ab16a22b95904c1e8853cc86c6794f55bb398b58b0cdb42f7d7e8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4df3d934694c90542ba600ca3ad400eb4834320cb6aa14363f09818d7d7c4cf0
4e03d7b0025c81a76175e08b83f61726ea3327f9ec554a829f20f0c9fef46661
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
51c6fd55ab30a79102036ab411f616f00448666af83a6bb68003fe869cfd0e8d
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550403ec5b85233f3d21f4755f6ad1fc4934e698d3274c352574e81d88d529fe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bb634245b7b25ecb78ab1639e9d916c097684096acffb4b8d02e3fcd99557d
58ee8091a0dc85463daf2218653fc096ebaa9424994aec2694ba90774321eec0
5afdbf1120a729958d869bdfa9def4593099402a287e860e06254c13ea929d04
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5daf17273fc1289a5615a1b1fa4a3b9d94a05111e5d39fabb0373f0a83cda440
5e370abe957d1bd05c2530597f4611822f5c9b96d42c86be5a9303b9e0817f37
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5f83e36b12b7b05a4e352f21d75c5dfb1a79475f6ca90da45a3761e2f24e83e4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e24cfb1db42a4fc82c8c6016616ea06f8fc5430af9e4291e2d44468aa6bef3
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
654990faec659cb334b671fea5b9bd4d6cbf607cf14066744673600c04391296
6904b4f866006c5acf394688ee283752b3faf4ade43e6babca1d0cb3abfe3b68
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aafc687db99b5f3a12bc91ca14ea365d38770d307f4fa8b3bf7952367cde286
6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5
6be7f07f56e31fda4633b114da3ac159be83ff2e86e76449ee217940ac381221
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d79bfd904179e9e82fb3697e4be1e91dbe127feb57c7441cc275116c3a5c07e
704a5f2b4f32eb60f9477464cb4fb81b57b0ea9c92c208781911ac08a45af496
70da12299f133d98f5510a500241db971ddb087fb09194f5e774a7b63b150cb1
7123bf381b698da33cfdbdf02dc3a6f51d92e942434b3f2225984595bb5aee95
7255a0ff175fc2330ee58fb2e55efc5edbc54d2f4546220b7b639c1fe601b443
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
76c66945ab85eebdf7fa7bec3348285b18cf6ca03ac5027390ec72f31277f0ca
78c26fbe1e16602c2cf5b553ac1a61d9bd239a07eabb47551ccfa3caec147652
79eb553cdf325afc736fcb1366cbfa4aa8062caea51cd82c78df2c681ec99a39
79f410be57db3c00ec346c5aa396fe53983fde192b05496c68342133b4cb8276
7b91bfb76990accab2e438f0099269a80825ca79588ecd2b76c363f1c5972681
7e3311831d7557cf7f32febf9d39f51312007b0df2e34ddcfe0164b701806107
7fead0910087c78ad231902e6d9d2d4dcf28c256ba43056ba8b79abe3f29acf9
804e0ec8c5c264ab21ce96fdd7b96dabcaa9e292d25a8b871aa9c563951c9a02
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
80f3723c75c4f0f70ebb6439d14a9a6dfae6e4efd831c86e515c7eddc9cfa033
80f540ebbdbf3adf72102ca48f8351143a6f8ac7c1de87450a879169f8c053c5
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8256a3552d7b5718e1893c202df5514114c7f824a817a566bd90341e1329585d
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b3125a195efad653d60987bbebbb1d99b9e3e8a53963c238fae109f3c1a780
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8668afd73945e6a30161612643f31d840797d6226a1ffaffdec6cd3ecae791f2
886b115f1ef6d3bc03b906ed909d6b20300f54cfb52297eba451c0ac11e4ad72
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
89bacd854a2f11eb86ec41b110efee7db37c9681f70a3d6209f79c2491d76709
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e13b990ba95d19746bb5ba999bb22823ecaa39f5964725795eb589985d4d496
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8f977ebdb963f24af72b97b9a0289aff65c52f56e294ca2a1205bfe4edb2bfd1
902c8c28436e30bc5f2315c28ad0b380fbf0de2c49efa0f1fcf02d7e98b2e64d
90371c9e9138171bf8c7801eb07b60fb5cf5633da2e57ab8cd4fa3f1c57f0cb6
910d07ea08d88e63965fd6188c9f20736b5b81a9d2a9ad45fc74b240287c2b7e
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8
92ceade1800b58d9c09144ba0391f90f9146c49a51d781a2bc22f60604fd2694
932b15881c734b61b5efb4ccac47222b4e50a733a6ec8acb4791804e00a8efad
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
947ea0259f58d0d3fa8f9d6f87ba299d4cc4379be52886936c56f358da9a5787
9491cc876eb496dffc90ff68cef9432414ebde990f12dce53c47d4189ca33e95
949583012bfeece683594da39182edcad915015fcbc568e722a522eda2b39be2
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9791d39e69ea6e53854706f62279abba14659b6df8130a8f79ef2bffaa894207
991531fbdbfe7549cf09e365d6b3f61cc5fcf47df1c021b975d5678ea3f81b30
991eaacdca85b1d9273437c6601aa63e2cfd026573f33767a46d00431037bc06
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6f7d604b0b9b29e61a0e105b0b793c5f634af5135b9afd8c8c58f06d5b2745
9ce58bd865caaa866b09ebd63ebaafff6ffcacbc4acfc7e941d6eea98a83086b
9ee0cd43140a2e81a4e98e5f334e8b9a9c09daf2ab093241e09c896d53b42432
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0589eb7b6da262f6588f368af3fcf1acbbfbbeb7e89665e329990a9a824da44
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0f555ee0442bb7d0d1a3cb1e623ccc45895bf8a0496368d139e32c4b7b169c3
a1ee0c79db25c137a3693b98a703ae543161776cebc6e7cc19321aab31c24eb3
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a2c21334654c980aa9ef139dd302c732bb43c0476daf6f21aab18b7cd8ba904c
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a501abbf6bbfce3a1e93b331b6adae644844588569dfb0a7a85717c9007863a7
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a7812bca8bf0d9df5b2199769913c443bb1949ed9344fab1e832e5269564ea82
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
ad4e2d51cf7f8cad0b33fcae853656fa79fa2da3e9828bdf50895a88d9463259
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3a0b2a8b1ee977665c6deaac4be3b91b2f9fd6610221ca1ae31e6cb44199f6c
b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
baac35923c0f52bb0e87570c6de9726d08b8d8e16763687e460ae091337f7c23
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfbf1436bf452e5623d63496ca8ec4fecd68b518f2b8f461f4a62d3c8f1cd55c
c1d416ffb20b1dfb9121f4af859dbb64c228f66580192c6352c55cbd82fbbc4d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c550961c64fcfc26e556c028ef9747b25f32e5eb0fc45a20a2ef0d87ee52e8e9
c6d8f1bb211f1cc56c2d65ef97b49e27407c581b9d030be87ed80788634b269a
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c930218a7329f9a602afceefc667804448908afb5048d9db9bbb31ea85486562
cbb010f36768b2a8cb6096aef10033ccf6d70a547052d3b0bed3d981dfe180a9
cc75d8881e88abd0132cde9eee726aaac4905d70fd2a096092ac66845e1ec27f
cd117ed0147f012bb7bb746136ed360739d69d896335755d7675d0a1b8544ac1
ce2b5c8723b180ca163cdb56dcc80043c3a2649efc85003257aed8256f84fdb1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe460529f92c891a61aa7e73d3c57a9825425abfe2c76342ff98ad4766d5534
d035d0f6310f07013d1df230958dcbaba0f2cf280423b78218a4f4501405743e
d2ebf6b894adb91b35cd1135329e9390d36768d4430b538a2df087a4f5bc31b7
d2fdd6091846f289b6ab419232a60af5684a36f45478263e03b029d24de0455e
d38282ac0c1816553a3a1c9b74f00bcf0b60aad1b473bc58b1403c67ba5c8048
d5114460588fbbcabf495ce05187f1cbbdd10afdc7776511b17046e068e053c0
d511767ff05f2d7004326f00e946d4a3a3e26e6e8aeac5c0f73e8893bddf9ba1
d5906fda1523048cd72d527a5d0b6c6fa336603abcec23dfc77481c7fb7a3cec
d644ec48b51b6014608ab60060300c6269877c11b464adccffd286929f7ecab3
d6480fac0a8635b0d043ee642d391b018d91d598c7294132c8579f622ee497dc
d65d30a2e5c1cd30d1c5e4f0cdb81fa910f1eadf948c2897ea8bf9496c43ec7c
d69ba931bbefdb8e8bf212a49fbf3c1b636b0461ebdc8bd8051a3ea37e1f3a1d
d6a18ca00dbf796e7887014bb2b6b4e0d659019ebc014eba46e539e43235c473
d7c3e7eecb70ea923cc59daebe6fa7c4300e46064df42f0eb089540270cd96a6
d7c688c42ab7b521ec860e4aa65a27d1597ef8f8b1f53921ae38f94e3a61ec26
d9ea25116dc893d7aa59abe5ac6e9035ff1e3172746c8e86e996e123d4321b03
d9fd273ed44f001ca26bd90c3e9581e8ed7e7d674adf586a4b7b24ecd6d89bb9
db99ae5a9f5a65d36dd75855a654598f78bb5f15887ebcf1ef3a758d84ad652c
dd3a8d6dcb3f3c1036cb795d42f70999ce3fa29113b12d0961592f0b52b7a332
dd4102d7206a9d7f98696da9fce360a2851ca7fb710a4bdc2a6d47c5d4402edf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea68ee80eb0ee1eecf08e86a8a31dbfa74e6cb5a7645205c853f3e0c4749d6b
df091271ed69f3fbccf5ede90de760579dba3a8d93cadf8dd1b31c29d2060486
e0161237accae5795027e9d86b460a67d5cde41645336638f324569a71292b4d
e15d6204a47457a4287f3c014d9400c7213337d35f06dec9c35d777f1c034a54
e2e7a7c2a152864f33589e50c187a322bfe85e4e43cf120f5d4a15cb598b75a3
e2e83e51075604c1fade85f589f18d050e711d5626ac02ae040e2cb4762b97b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4208432ab62e4e5a5e5901bbc6db5ca3119001facc45108f137e9c5b5370352
e56fdcd617a7ea8cb87a178ba63b8a9674eb811ee4c1940f1fa24c835e5aae99
e84039aeb7551b1972450604774da18b771f360c1de3709951c4bbc85d730794
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e98411f0ef293c650626dfb58775f4c0d6b0b14032252166b15a131046c55c26
e9b982da4eef4d216a5664812c9b324727558ea9e0bed1b2e00a838f05817628
ec0f73bfe4075ae257effe70749797a4fb02d717ad637358ebc02663cf12844e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1dcaf299e01d8c9274e7640eaba287bbb24be138d81d59a4377883f9c1512c
f028f694053d9d222b2c8c8aff6af8d4b343ceb049b431ed224210f849012da3
f11966cdba6f15433c7f2b44182120f34ca2992a38f8115dffa54d1fc1c65b91
f1d5c3e415dc05009b4bb6c9b8565dd48fa6d5561f6d462e2ff433995fb479fa
f329e63c5354c535a0e6b2c17941e027987a896f3b9a6c82ac956201f33bafb6
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6cd2df99c9367e7233a24ed68b0cb715333272d9a46a9e1fb479b4e680ccaa4
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc5037dbf74ae3f9d36e4a0eeb8bba7e31a9288e23ab86859c0803c281adb0e2
fd1599ae8205fe15abfe4f0d1df05f2660f0523dd2bc9a88957340072c991945
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

www.ejan.co Open in urlscan Pro 2606:4700::6812:5bc6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

443 Requests

89 %HTTPS

32 %IPv6

85 Domains

154 Subdomains

111 IPs

12 Countries

5932 kBTransfer

15283 kBSize

106 Cookies

36 Outgoing links

Redirected requests

443 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.ejan.co Open in urlscan Pro
2606:4700::6812:5bc6 Public Scan

Screenshot
Live screenshot

Full Image

443
Requests

89 %
HTTPS

32 %
IPv6

85
Domains

154
Subdomains

111
IPs

12
Countries

5932 kB
Transfer

15283 kB
Size

106
Cookies

443 HTTP transactions
8 data transactions