urlscan.io logo urlscan.io
SecurityTrails logo

www.weny.com Open in urlscan Pro
151.101.194.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://weny.com/
Effective URL: https://www.weny.com/
Submission: On November 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 6 countries across 69 domains to perform 437 HTTP transactions. The main IP is 151.101.194.133, located in United States and belongs to FASTLY, US. The main domain is www.weny.com.
TLS certificate: Issued by R3 on October 6th 2021. Valid for: 3 months.
This is the only time www.weny.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.145.205.131 14618 (AMAZON-AES)
1 12 151.101.194.133 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
22 151.101.130.133 54113 (FASTLY)
9 199.232.194.110 54113 (FASTLY)
2 151.101.66.133 54113 (FASTLY)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:2800:233... 15133 (EDGECAST)
2 3 151.101.2.110 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 35.190.62.199 15169 (GOOGLE)
2 52.160.40.218 8075 (MICROSOFT...)
11 2a00:1450:400... 15169 (GOOGLE)
1 23.37.42.132 16625 (AKAMAI-AS)
1 27 142.250.186.130 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 14 185.33.221.15 29990 (ASN-APPNEX)
4 147.75.61.140 54825 (PACKET)
4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 54.77.19.59 16509 (AMAZON-02)
4 2602:803:c002... 26667 (RUBICONPR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 35.156.78.196 16509 (AMAZON-02)
19 34.98.64.218 15169 (GOOGLE)
7 216.52.2.30 29791 (VOXEL-DOT...)
4 52.4.158.112 14618 (AMAZON-AES)
3 23.37.38.181 16625 (AKAMAI-AS)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 34.149.20.76 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:215... 16509 (AMAZON-02)
14 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
19 20.60.80.2 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 35.179.11.203 16509 (AMAZON-02)
21 213.254.244.18 36062 (DOUBLE-VE...)
4 34.192.127.138 14618 (AMAZON-AES)
8 52.57.26.239 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
16 28 142.250.181.226 15169 (GOOGLE)
3 24 2.18.234.21 16625 (AKAMAI-AS)
2 142.250.184.226 15169 (GOOGLE)
3 4 2620:116:800d... 16509 (AMAZON-02)
2 2 52.57.110.162 16509 (AMAZON-02)
7 7 185.29.132.245 30419 (MEDIAMATH...)
1 2 66.155.71.149 13768 (COGECO-PEER1)
3 6 18.193.230.138 16509 (AMAZON-02)
2 2 99.80.151.46 16509 (AMAZON-02)
2 34.235.147.241 ()
6 21 76.223.111.18 16509 (AMAZON-02)
4 2.18.233.180 16625 (AKAMAI-AS)
3 2.18.232.130 16625 (AKAMAI-AS)
1 67.202.105.22 ()
2 23.79.143.124 16625 (AKAMAI-AS)
6 7 37.157.6.251 ()
10 35.71.131.137 ()
3 2620:119:50e1... ()
4 6 2a05:d018:d29... ()
3 2620:1ec:c11:... ()
6 12 52.46.133.124 ()
3 3 64.74.236.159 ()
3 3 2001:678:cb4:... ()
1 198.47.127.19 ()
4 6 52.208.103.128 ()
1 34.241.163.173 ()
2 2 52.215.68.151 ()
1 1 52.20.156.159 ()
2 2 54.236.220.178 ()
1 185.33.221.50 ()
2 4 52.45.237.203 ()
2 2 213.155.156.181 ()
4 185.64.189.110 ()
1 178.250.2.151 ()
1 185.64.190.81 ()
2 3 51.210.112.236 ()
2 2 34.254.143.3 ()
1 159.122.14.34 ()
4 69.173.144.165 ()
3 3 69.173.144.138 ()
1 2a00:1288:80:... ()
2 2 151.101.66.49 ()
1 35.244.174.68 ()
1 198.47.127.20 ()
1 142.250.186.98 ()
437 86
1    54.145.205.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-205-131.compute-1.amazonaws.com
weny.com
12    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
www.weny.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
22    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
ngw-static.franklyinc.com
weny.images.worldnow.com
9    199.232.194.110 (United States)

ASN54113 (FASTLY, US)
ftpcontent.worldnow.com
images.worldnow.com
2    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
clientcontent.franklyinc.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
3    151.101.2.110 (United States)

ASN54113 (FASTLY, US)
content.worldnow.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    35.190.62.199 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 199.62.190.35.bc.googleusercontent.com
begintrain.com
2    52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.cityspark.com
11    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
27    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2156:f400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    2606:4700:3030::6815:5183 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csp.azureedge.net
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
14    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
4    54.77.19.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
g2.gumgum.com
4    2602:803:c002:200::52 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
4    35.156.78.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-78-196.eu-central-1.compute.amazonaws.com
tlx.3lift.com
19    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
frankly-d.openx.net
eu-u.openx.net
us-u.openx.net
7    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
4    52.4.158.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-158-112.compute-1.amazonaws.com
brightcombid.marphezis.com
3    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:2156:9400:10:ce97:9fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tag.durationmedia.net
14    2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
19    20.60.80.2 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
citysparkstorage.blob.core.windows.net
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
19    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    35.179.11.203 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-179-11-203.eu-west-2.compute.amazonaws.com
api.pbxai.com
21    213.254.244.18 (United States)

ASN36062 (DOUBLE-VERIFY, US)
tps.doubleverify.com
tps20225.doubleverify.com
tps20229.doubleverify.com
tps20240.doubleverify.com
tps20239.doubleverify.com
tps20231.doubleverify.com
tps20228.doubleverify.com
tps20230.doubleverify.com
4    34.192.127.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-127-138.compute-1.amazonaws.com
be.durationmedia.net
8    52.57.26.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
13    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
17    2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
28    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
24    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
2    52.57.110.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-110-162.eu-central-1.compute.amazonaws.com
pm.w55c.net
7    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
6    18.193.230.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-230-138.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    99.80.151.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-151-46.eu-west-1.compute.amazonaws.com
r.scoota.co
2    34.235.147.241 (None, )

ASN- ()
sandbox-api.britepool.com
21    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    67.202.105.22 (None, )

ASN- ()
ssc-cms.33across.com
2    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    37.157.6.251 (None, )

ASN- ()
c1.adform.net
10    35.71.131.137 (None, )

ASN- ()
match.adsrvr.org
3    2620:119:50e1:101::6cae:b25 (None, )

ASN- ()
px.ads.linkedin.com
6    2a05:d018:d29:3605:5ad:a774:ca1b:74c5 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
3    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
12    52.46.133.124 (None, )

ASN- ()
s.amazon-adsystem.com
3    64.74.236.159 (None, )

ASN- ()
b1sync.zemanta.com
3    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
1    198.47.127.19 (None, )

ASN- ()
image6.pubmatic.com
6    52.208.103.128 (None, )

ASN- ()
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    34.241.163.173 (None, )

ASN- ()
dpm.demdex.net
2    52.215.68.151 (None, )

ASN- ()
match.prod.bidr.io
1    52.20.156.159 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
2    54.236.220.178 (None, )

ASN- ()
sync.extend.tv
1    185.33.221.50 (None, )

ASN- ()
secure.adnxs.com
4    52.45.237.203 (None, )

ASN- ()
um2.eqads.com
2    213.155.156.181 (None, )

ASN- ()
d5p.de17a.com
4    185.64.189.110 (None, )

ASN- ()
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.2.151 (None, )

ASN- ()
dis.criteo.com
1    185.64.190.81 (None, )

ASN- ()
image4.pubmatic.com
3    51.210.112.236 (None, )

ASN- ()
pixel.onaudience.com
2    34.254.143.3 (None, )

ASN- ()
loada.exelator.com
1    159.122.14.34 (None, )

ASN- ()
um.simpli.fi
4    69.173.144.165 (None, )

ASN- ()
pixel.rubiconproject.com
3    69.173.144.138 (None, )

ASN- ()
token.rubiconproject.com
1    2a00:1288:80:800::7001 (None, )

ASN- ()
ads.yahoo.com
2    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    35.244.174.68 (None, )

ASN- ()
id.rlcdn.com
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
1    142.250.186.98 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
59 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
262 KB
35 doubleverify.com
cdn.doubleverify.com
tps.doubleverify.com
tps20225.doubleverify.com
tps20229.doubleverify.com
tps20240.doubleverify.com
tps20239.doubleverify.com
tps20231.doubleverify.com
tps20228.doubleverify.com
tps20230.doubleverify.com
667 KB
35 googlesyndication.com
6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
ade.googlesyndication.com
405 KB
26 worldnow.com
ftpcontent.worldnow.com
weny.images.worldnow.com
content.worldnow.com
images.worldnow.com
3 MB
25 3lift.com
tlx.3lift.com
eb2.3lift.com
10 KB
22 rubiconproject.com
ads.rubiconproject.com
fastlane.rubiconproject.com
prebid-a.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
147 KB
21 casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
23 KB
19 windows.net
citysparkstorage.blob.core.windows.net
898 KB
19 openx.net
frankly-d.openx.net
eu-u.openx.net
us-u.openx.net
5 KB
18 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
61 KB
17 2mdn.net
s0.2mdn.net
222 KB
15 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
35 KB
13 weny.com
weny.com
www.weny.com
348 KB
12 amazon-adsystem.com
s.amazon-adsystem.com
6 KB
10 adsrvr.org
match.adsrvr.org
3 KB
10 franklyinc.com
ngw-static.franklyinc.com
clientcontent.franklyinc.com
1 MB
9 googletagservices.com
www.googletagservices.com
323 KB
7 yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
6 KB
7 adform.net
c1.adform.net
3 KB
7 mathtag.com
sync.mathtag.com
4 KB
7 lijit.com
ap.lijit.com
3 KB
6 crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
2 KB
6 indexww.com
js-sec.indexww.com
6 KB
6 bidswitch.net
x.bidswitch.net
3 KB
6 durationmedia.net
tag.durationmedia.net
be.durationmedia.net
41 KB
6 google.com
adservice.google.com
www.google.com
2 KB
6 4dex.io
script.4dex.io
mp.4dex.io
24 KB
5 33across.com
ssc.33across.com
ssc-cms.33across.com
743 B
5 fontawesome.com
kit.fontawesome.com
ka-f.fontawesome.com
100 KB
4 eqads.com
um2.eqads.com
1 KB
4 quantserve.com
cms.quantserve.com
pixel.quantserve.com
1 KB
4 marphezis.com
brightcombid.marphezis.com
389 B
4 gumgum.com
g2.gumgum.com
4 KB
4 dotomi.com
web.hb.ad.cpe.dotomi.com
2 KB
4 a-mo.net
prebid.a-mo.net
219 B
4 google-analytics.com
ssl.google-analytics.com
www.google-analytics.com
38 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 turn.com
ad.turn.com
1 KB
3 zemanta.com
b1sync.zemanta.com
903 B
3 bing.com
c.bing.com
1 KB
3 linkedin.com
px.ads.linkedin.com
1 KB
3 begintrain.com
begintrain.com
30 KB
3 cityspark.com
cdn.cityspark.com
p.cityspark.com
28 KB
2 everesttech.net
sync-tm.everesttech.net
632 B
2 exelator.com
loada.exelator.com
2 KB
2 de17a.com
d5p.de17a.com
637 B
2 extend.tv
sync.extend.tv
1 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 britepool.com
sandbox-api.britepool.com
880 B
2 scoota.co
r.scoota.co
1 KB
2 sitescout.com
pixel-sync.sitescout.com
490 B
2 w55c.net
pm.w55c.net
2 KB
2 pbxai.com
api.pbxai.com
291 B
2 google.de
adservice.google.de
957 B
2 googleapis.com
imasdk.googleapis.com
fonts.googleapis.com
124 KB
2 cloudflare.com
cdnjs.cloudflare.com
6 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com
31 KB
1 rlcdn.com
id.rlcdn.com
1 simpli.fi
um.simpli.fi
617 B
1 criteo.com
dis.criteo.com
334 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
376 B
1 demdex.net
dpm.demdex.net Failed
1 gstatic.com
fonts.gstatic.com
44 KB
1 azureedge.net
csp.azureedge.net
61 KB
1 adsafeprotected.com
static.adsafeprotected.com
481 B
1 googletagmanager.com
www.googletagmanager.com
45 KB
1 jquery.com
code.jquery.com
29 KB
0 adotmob.com Failed
sync.adotmob.com Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
437 69
Domain Requested by
28 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
www.weny.com
eu-u.openx.net
eb2.3lift.com
27 securepubads.g.doubleclick.net 1 redirects www.weny.com
www.googletagservices.com
securepubads.g.doubleclick.net
21 eb2.3lift.com 6 redirects ads.rubiconproject.com
eb2.3lift.com
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
19 citysparkstorage.blob.core.windows.net www.weny.com
17 s0.2mdn.net www.weny.com
s0.2mdn.net
6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
14 cdn.doubleverify.com securepubads.g.doubleclick.net
www.weny.com
14 ib.adnxs.com 2 redirects ads.rubiconproject.com
googleads.g.doubleclick.net
acdn.adnxs.com
ssum-sec.casalemedia.com
14 weny.images.worldnow.com www.weny.com
weny.images.worldnow.com
13 pagead2.googlesyndication.com 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.weny.com
securepubads.g.doubleclick.net
www.googletagservices.com
12 s.amazon-adsystem.com 6 redirects eb2.3lift.com
ssum-sec.casalemedia.com
12 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
um2.eqads.com
12 www.weny.com 1 redirects ngw-static.franklyinc.com
10 match.adsrvr.org eu-u.openx.net
eb2.3lift.com
ssum-sec.casalemedia.com
9 eu-u.openx.net ads.rubiconproject.com
eu-u.openx.net
9 www.googletagservices.com content.worldnow.com
securepubads.g.doubleclick.net
6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
8 prebid-a.rubiconproject.com ads.rubiconproject.com
8 ftpcontent.worldnow.com www.weny.com
content.worldnow.com
8 ngw-static.franklyinc.com www.weny.com
ngw-static.franklyinc.com
7 c1.adform.net 6 redirects ads.pubmatic.com
7 sync.mathtag.com 7 redirects
7 tps.doubleverify.com cdn.doubleverify.com
7 ap.lijit.com ads.rubiconproject.com
6 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
6 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
6 us-u.openx.net eu-u.openx.net
6 js-sec.indexww.com ads.rubiconproject.com
ssum-sec.casalemedia.com
6 x.bidswitch.net 3 redirects eb2.3lift.com
4 pixel.rubiconproject.com
4 um2.eqads.com 2 redirects ssum-sec.casalemedia.com
4 bcp.crwdcntrl.net 2 redirects ssum-sec.casalemedia.com
4 ads.pubmatic.com ads.rubiconproject.com
ads.pubmatic.com
4 be.durationmedia.net tag.durationmedia.net
4 www.google.com securepubads.g.doubleclick.net
6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 ssc.33across.com ads.rubiconproject.com
4 hbopenbid.pubmatic.com ads.rubiconproject.com
4 brightcombid.marphezis.com ads.rubiconproject.com
4 frankly-d.openx.net ads.rubiconproject.com
4 tlx.3lift.com ads.rubiconproject.com
4 mp.4dex.io ads.rubiconproject.com
4 fastlane.rubiconproject.com ads.rubiconproject.com
4 g2.gumgum.com ads.rubiconproject.com
4 web.hb.ad.cpe.dotomi.com ads.rubiconproject.com
4 prebid.a-mo.net ads.rubiconproject.com
4 ka-f.fontawesome.com kit.fontawesome.com
www.weny.com
3 token.rubiconproject.com 3 redirects
3 pixel.onaudience.com 2 redirects ads.pubmatic.com
3 image2.pubmatic.com ads.pubmatic.com
3 ad.turn.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 c.bing.com eb2.3lift.com
3 px.ads.linkedin.com eb2.3lift.com
3 pixel.quantserve.com 3 redirects
3 acdn.adnxs.com ads.rubiconproject.com
3 htlb.casalemedia.com ads.rubiconproject.com
3 begintrain.com www.weny.com
begintrain.com
3 content.worldnow.com 2 redirects weny.images.worldnow.com
2 sync-tm.everesttech.net 2 redirects
2 loada.exelator.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.extend.tv 2 redirects
2 match.prod.bidr.io 2 redirects
2 eus.rubiconproject.com ads.rubiconproject.com
eus.rubiconproject.com
2 sandbox-api.britepool.com ads.rubiconproject.com
2 tps20230.doubleverify.com cdn.doubleverify.com
2 tps20228.doubleverify.com cdn.doubleverify.com
2 tps20231.doubleverify.com cdn.doubleverify.com
2 tps20239.doubleverify.com cdn.doubleverify.com
2 tps20240.doubleverify.com cdn.doubleverify.com
2 tps20229.doubleverify.com cdn.doubleverify.com
2 tps20225.doubleverify.com cdn.doubleverify.com
2 r.scoota.co 2 redirects
2 pixel-sync.sitescout.com 1 redirects 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 googleads4.g.doubleclick.net www.weny.com
2 googleads.g.doubleclick.net 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
www.weny.com
2 api.pbxai.com ads.rubiconproject.com
2 tag.durationmedia.net securepubads.g.doubleclick.net
tag.durationmedia.net
2 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 script.4dex.io ads.rubiconproject.com
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 p.cityspark.com cdn.cityspark.com
2 ssl.google-analytics.com content.worldnow.com
www.weny.com
2 cdnjs.cloudflare.com www.weny.com
cdn.cityspark.com
2 clientcontent.franklyinc.com www.weny.com
2 maxcdn.bootstrapcdn.com www.weny.com
1 ade.googlesyndication.com
1 simage4.pubmatic.com ads.pubmatic.com
1 id.rlcdn.com
1 ads.yahoo.com
1 simage2.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 secure.adnxs.com ssum-sec.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 dpm.demdex.net ssum-sec.casalemedia.com
1 ssc-cms.33across.com ads.rubiconproject.com
1 cms.quantserve.com 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
1 images.worldnow.com www.weny.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com client
1 csp.azureedge.net cdn.cityspark.com
1 static.adsafeprotected.com www.weny.com
1 kit.fontawesome.com code.jquery.com
1 ads.rubiconproject.com content.worldnow.com
1 www.googletagmanager.com www.weny.com
1 imasdk.googleapis.com content.worldnow.com
1 cdn.cityspark.com www.weny.com
1 code.jquery.com www.weny.com
1 weny.com 1 redirects
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 google2waycm.netmng.com Failed 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
437 117

This site contains no links.

Subject Issuer Validity Valid
www.weny.com
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.franklyinc.com
R3		 2021-11-06 -
2022-02-04		 3 months crt.sh
*.worldnow.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.images.worldnow.com
R3		 2021-11-05 -
2022-02-03		 3 months crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-23 -
2022-10-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
begintrain.com
R3		 2021-09-25 -
2021-12-24		 3 months crt.sh
*.cityspark.com
Go Daddy Secure Certificate Authority - G2		 2020-02-13 -
2022-04-13		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.azureedge.net
DigiCert SHA2 Secure Server CA		 2020-11-21 -
2021-11-30		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.a-mo.net
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
marphezis.com
Amazon		 2020-12-30 -
2022-01-28		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-09-28 -
2021-12-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.durationmedia.net
Amazon		 2021-08-23 -
2022-09-21		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2021-08-28 -
2022-08-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
pbxai.com
Amazon		 2021-07-20 -
2022-08-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
sandbox-api.britepool.com
Go Daddy Secure Certificate Authority - G2		 2019-10-09 -
2021-10-09		 2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh

This page contains 52 frames:

Primary Page: https://www.weny.com/
Frame ID: 71D77F6A6E886C2253AD9E5F05BD044C
Requests: 175 HTTP requests in this frame

Frame: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3757CFF2AAFED23CF9E2F2D77F4EFEE2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK8A4yeyV87p3IX_q4VM2OfTosFOKqcxyF8zIhFu53bLJUDRvZ1y_6BFqW0h5wwF17e1gwbGS1WFgZj4GNT8p8yn8zTmq27ETCryXg-JLYdyiHsU1W5XqmQDE_AV9ghdKI7hBNDTc5JOiqdRWSGthpZ_Ec22VaaKn4FUoHeUFzCRM1Wn2MHWtXMtNuYpwiCHATqFYDSAzl2-bJghkKxRbGy1kj60WTv7OC9_TZMJunn_PQZ5H9xMDt_3hDV6KtP8H0eMHb9uffFmqCZQHaWgKOPPIKB172vSgONPAcymotFYtn87tTOMq6hUMOTfcu5Iy6x_YI_CyohmfRhIk&sai=AMfl-YR8irInsjVUqqyrYzra8uFC7_LoCvmq-rlTbLUVkITxcZ5Cgds09hbA5O3Cgiy6EySIVolowTT1nmetLWKqHvYRwtsKj4Nlj0rdVE_wasauGnTKhv9YJa3pec4hBBw&sig=Cg0ArKJSzBc3YBuR8AZaEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8643D57BBAE155473BD1AB6A20451CBD
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ48SeshJWFJtyrlWWIuFiaqmTBGFLsS45rqM3TxADIOSiBjXSYasd96cNHSNOnwBvJ0RTngEdD58LHENtW3lZFad-0yNQKrcTVkJlUivJuSdpUH60r0DGy8A9PhFVvnD7pZoSrlPQsHaxWBOs1sdcMWbiDrA3Mp2cq8d9gMPwFjVUlWb2SyLY6RjEti4Uh8ScTd-ndtCs4DcHW6dJRmcw_D5zFSTBuUcoiiWu2NOaqKcJ_zeR4A3cznMK7TNHVZQm3srHyCtEmaEUB8EZnYEmxMMHtAGPefjXzTdHahr4hVZ4nzRuSMWEiRoaqVmPdF7v7gZETnY&sai=AMfl-YSAWCvOgWqFWlhCM02YHaZeYuczOL2l6AtKQREdL2hb_fHhmi8ZxYMvsRFRw90Wifxm5uC7svPh7thxSapsm1nTd7TABtKnBMPhnUxcLQjNrqd_Hft1gzK69iGHLAU&sig=Cg0ArKJSzHv7ufaV0AL4EAE&uach_m=[UACH]&adurl=
Frame ID: 8104A722E02D385E875FE901EA239CC2
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh4imFCPAFOouX_xJaHQL0lFSyWqy7OkyGYT_NL26gJXi2CUiTowl1YfyA1XZRfIr8Po4CvZW3tnG2ASKbh1V6-KHy2IRw1LdwD1vE-f5a_T5otvbRxAGiWLKVHJ7Fhi0z-3dGPgcf1V7YbtOSfKuIr_ga9xxNmrChNqedqV4SySgQo40TUuX7K7XLRlDcxKqqv8hNtMKfmC3eB7en3L6kk8ck4L1W176aBVO8gEpsZ_WzVMxqOuxZW72QVEokc9Dc4HHL4cD0kjnhBQVueCW42am7cWdXDzomzLFpdVFebG7ScS8_sXx5z75dWE_-jVpPjq0-H4d-Duk&sai=AMfl-YSEneyxLaULoZTO3YuAe_Aq5Mq-wxdvTLKJ2kXIGv_MaYsyW82St1tHePp_g_poWTqRdjaD4lL5H24C8SlQYiXyBa9OsEmk7U9z87YSGmFgtw5fq-1i4jeHsRE8E70&sig=Cg0ArKJSzA1u0kHai27GEAE&uach_m=[UACH]&adurl=
Frame ID: 2E9563B82458F7B0EDF796AA0CC9A442
Requests: 6 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: 84B1D52ABEFEDDF33C3C654E7AE63581
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: F8A2BEDAAF055B033C357DFF8D8779A6
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: D95EB2A07F8E5B4FAF2892CB1E7307CD
Requests: 4 HTTP requests in this frame

Frame: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D2F04B62580C97F06E78BD8393905ABD
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxMj_KOeRi-3DqtIi6sNnIsd3zayblxNhlVVy2mzgPsduDcqknI4NpHucs-_zFPJ7Z21r5iwLIFDgUCeSTQ4P6bTUco7OqSM_AHBZhZaf90-56MdnIPlxXjt4mAHkxNHXgvnJ3dJYDyQqAbV2Ts2c978-qGmXrw4vyyvL_Yq0AEixeTBdkyNBxPl1ezGSdefKopqxonR2B77Gf4KfNFjt9UJ-slToxJh50RwBze8cR37IQF50uuaWw4EuDCMUVlyBL7ZKR3HzE6Wc9pzYOi9vBDavlgm_UiEuh8WkHbdhRSKLuugdnxRLLlVcSeAXKFOFyhJO3GvQ&sig=Cg0ArKJSzBrstQtpvGCCEAE&uach_m=[UACH]&adurl=
Frame ID: 29847557F65B6913696BBCD24E77A57D
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZzXBt7n2hBtfnK7oPFuV0-BPh9O6bMqeVs5hvaq7DDron5H7wlTk25Ay7cvpYpRi8r12qzQ2avLzEEFylzFUWfaGU0iiql9Whl_fJ_aw1lu6oqxTpjqACK0kYQ21WIXTWyJeljia-D2sAYy_NVOTnf1s9-6zf9rxgzYbNYHeD5x0ZfvPY3WaBHQh047_sw_mo6xqZiuDipIJsDkDv6wHm2vUA7cwYytIMcwUiw32WnAY4ZCfTjyzcg87AaDR1MGwB9nuAU8p4JLeeFaLxuSu-o8NST2W_DDP2PhEl9tffKoq_Zy5UoKrPU6h03LftZvbTHoboWM-bk0I&sig=Cg0ArKJSzALrYU9Ew5qKEAE&uach_m=[UACH]&adurl=
Frame ID: 44C19E074B440BC8EC34E171EACF9A3E
Requests: 8 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: 1FDBB7A55EBD734AC38E6983775777BB
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBs3-HfiDYFFMzcM7IJY4wWjA2FbSOLRTMPTYiY8Eiih7Tl_tgq3kf9dBEWi3lkvMcbswQrB2ZmKQ6iXGiutkxpgy7LfgAz8FfZa9Gz7po3mdDpzqHGEjBWe4Ny8ldDuhNXQgS8-VZnGLgJlyXeXnkzm5YcLgV7jpfwEYpHtnIuNZ7G1i8JeezcIud_jocYdLY6pj1nZhpyCaYcvVb2Cy1ko2qzD37E4DMskR15ZchJDhdajeoH3OcrUMmYCL-FWde7zl2EcLx-J97EEnO8xNsNw-a6WOsB4TQ2AqMvWes4YpuPf5hwKhPJXaULXuI70-IbILiSGWL7ZA&sig=Cg0ArKJSzDmDm9rHm9xKEAE&uach_m=[UACH]&adurl=
Frame ID: 61394B84D19CB60EA23290FB2CE2AB18
Requests: 7 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: 1F729067C124B7148F5309D911156BD0
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARir_oG5ATAB&v=APEucNXb4jUN1wBmAQHvHZRxH722pOuRAHtwO-2HwZ9Gk7s9cManK-FPFjDeRiIWbRaXQ8EoD2TXYbJmPYpmkVo0HsmUOX0765FV-f0uUNp9a2TrRnO7vbBNKizbqAftIvqw_hePCGcJ3kgs9T5H4TOs70L-Pijs2Zt1SUjlXMlGEZ17PRa9L4M
Frame ID: 62CE210BD22635F04FB0B252A418B929
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: EF8A31C9841743AFA666C8BF9BA9ED1C
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGbPbpV3SZIw6GBh2yEeO3oiBt9BOtyJVz3vlgv67k1aoKAKZ1rV9sAnjtvgId9aarxfOpV6cupdVnyj0yv-dGIAncsdUjiowdGiyf7lRx3xv017qZMAU-KAJ7a0Ah6f3Aun-DWXwZvjmiy3ppArAc37IP3YeDAHwMB3ob8MbOhM10RHfXXak7MFLucMoeWMYkIRhwYc8ERgSEXG_32GbTnANWgPg-wCNP4EQXKd8ZI5q-kzX8gx4nEo757w0Kmfx_vis9S7FVapfMDX0-JhH2khxHw3VzdnIsYV9rT3mZZG-jgo1dd4Hj5wbY3Zw-eAd1iCQCYY8bDXA&sig=Cg0ArKJSzMz12w5z8-ZjEAE&uach_m=[UACH]&adurl=
Frame ID: EAE92122BA4DDB4275F1294E4B50BE66
Requests: 8 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: A08B61C83E525DF28E643944DBBFBE09
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/index.html?e=69&leftOffset=0&topOffset=0&c=PPE2cfVmYU&t=1&renderingType=2
Frame ID: 9AD3351AB25A64C55D275FD41CCABC76
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 57CBD2653A4FD571DE3E62189D3B8832
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 74AF5722E0B6D9A348A237A300B5DF6D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 43CAAD7FF3E0E776E05E5DF73493F49F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 226484B0D8319D2C525D9A5CA7295BAD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61032A70B49C40E06A436B6B0C111F8F
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 3D80CC6B1D4003BB6780FF453000C359
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Frame ID: D482C89DB7C094B69753295406B85887
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13416131
Frame ID: 4797495E76D912E12EBBBBA324827D4A
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: AAD2C083DC6D8A3F745CA8AB5EB604A4
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5FB2664B034E8F4AAE71B61A73BBCA38
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8A7FF212E109C822086B6FD606A3A59D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9B923A9CEB13D64D841F74E971D8EBB2
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13416131
Frame ID: 64A07BDB522F28E80ABCD617AFE3D6B2
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Frame ID: A11DBC87F160CDC02DA908A44D0CDF13
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Frame ID: EB97E60CFACC676F39BFB9E09B57D517
Requests: 7 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aDjwJ2usOr64kqaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 3EF9CE467FADC5F46D798CD094DC8E2E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 636E532EA924EECF1665A36AE70FEE87
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 93B5D2F6D875EBEB10E265BCC1E94B97
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 646095FD80F72C24627E93CF3D10568C
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13416131
Frame ID: 22D523B93CE86BA9FBFBFCE058526BCE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Frame ID: 37826F46F116544FD166F935BAF42F18
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Frame ID: 29BEB98519129D875443A6246668FD82
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Frame ID: D5BB516446654D3F61EC8D5C33E2E275
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 5F1581B81D113EDEF4D7F62EAB21A047
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DAC9A8BE29D5CB1A5D03BE834606BE92
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 332E38BE7F0C9AB74002C6010249B118
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CC4ED731A8FF95F9036275DDEA068843
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AF9835E58D7D6C582C22BA8AD267BD49
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: AC5DA3CB31547A0E723DBCC797E05999
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=3034F838-4FC4-4015-BBD3-5DFC5D010928
Frame ID: EA0708EF5B4DE36ECB4D926F349E6F30
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8625757600845459465
Frame ID: EB727432C1AF955575E3289FE3417447
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 97401621C49CDE39DD92B1D1F17EF6BD
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 849DE550DA2DC24F6A6465608D253CB0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://weny.com/ HTTP 301
    http://www.weny.com/ HTTP 301
    https://www.weny.com/ Page URL

Page Statistics

437
Requests

84 %
HTTPS

35 %
IPv6

69
Domains

117
Subdomains

86
IPs

6
Countries

8233 kB
Transfer

20739 kB
Size

52
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://weny.com/ HTTP 301
    http://www.weny.com/ HTTP 301
    https://www.weny.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://content.worldnow.com/global/css/_pub/off-platform.min.css?ver=7.15.0-5 HTTP 302
  • https://ftpcontent.worldnow.com/platform-files/latest/css/off-platform.min.css
Request Chain 16
  • https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5 HTTP 302
  • https://ftpcontent.worldnow.com/platform-files/latest/js/off-platform.min.js
Request Chain 31
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js?_=1636387329621 HTTP 301
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGD2m4jpPpKZoc8zkvbA_d4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGD2m4jpPpKZoc8zkvbA_d4&google_cver=1&C=1
Request Chain 242
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYlKA1eBV3CbXTFX04osWgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGD2m4jpPpKZoc8zkvbA_d4&google_cver=1
Request Chain 243
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECOBGP7i9AsQRW69ifrHFtI&google_cver=1
Request Chain 244
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY0MDE1MDkzNzQyNTM4NTE1NA%3D%3D
Request Chain 261
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMOvteLzogMGrZ3K5-RKj4c&google_cver=1&google_push=AYg5qPKQS6tKBfA_C2EkrfXSdn7D4_jpru8oWSwXLQ68dw1lk-v9AdQDx8JfFXV4DQNR4utSiUu2iQY2yo5bomla-UXQk2zk5FA HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMOvteLzogMGrZ3K5-RKj4c&google_cver=1&google_push=AYg5qPKQS6tKBfA_C2EkrfXSdn7D4_jpru8oWSwXLQ68dw1lk-v9AdQDx8JfFXV4DQNR4utSiUu2iQY2yo5bomla-UXQk2zk5FA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NG5vVXZ3cVUxTUs3NjQ1&google_gid=CAESEMOvteLzogMGrZ3K5-RKj4c&google_cver=1&google_push=AYg5qPKQS6tKBfA_C2EkrfXSdn7D4_jpru8oWSwXLQ68dw1lk-v9AdQDx8JfFXV4DQNR4utSiUu2iQY2yo5bomla-UXQk2zk5FA
Request Chain 262
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEE2BJTtrIO-kF3uuW47a3To&google_cver=1&google_push=AYg5qPJ2wAO_nSKwaFmBbCg-qqOfH9nV0x-RQ4nAqw4dOyhYKOkOE2JajBuiJleaaoL6WQ0loq6x7z_AdzLxLwwYsW4ePhqSqO8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ2wAO_nSKwaFmBbCg-qqOfH9nV0x-RQ4nAqw4dOyhYKOkOE2JajBuiJleaaoL6WQ0loq6x7z_AdzLxLwwYsW4ePhqSqO8
Request Chain 264
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPzk4kUwwtUCcKv19GKgUJs&google_cver=1&google_push=AYg5qPJ0G6ZK3zU5Rdyz9w6ixIK-B_E_ym5Mr6_DwUuLntOM6QTOSMilGDTT2a40HwbGRQxRkIfFXpmN7-uVxOt6makgRr1_Hw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPzk4kUwwtUCcKv19GKgUJs&google_cver=1&google_push=AYg5qPJ0G6ZK3zU5Rdyz9w6ixIK-B_E_ym5Mr6_DwUuLntOM6QTOSMilGDTT2a40HwbGRQxRkIfFXpmN7-uVxOt6makgRr1_Hw HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a84b51c9-ec3e-4f1f-b1cf-454b7275bd2d&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ0G6ZK3zU5Rdyz9w6ixIK-B_E_ym5Mr6_DwUuLntOM6QTOSMilGDTT2a40HwbGRQxRkIfFXpmN7-uVxOt6makgRr1_Hw&google_hm=EZEaduWfT5WY10jyOpOJGA==
Request Chain 306
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 309
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 324
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 326
  • https://id5-sync.com/s/441/9.gif?puid=e_5edece26-1556-4deb-a0ab-ded01059e250&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_5edece26-1556-4deb-a0ab-ded01059e250&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=80ec2466-03c1-4648-a4e1-6fd070cf5e21&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=80ec2466-03c1-4648-a4e1-6fd070cf5e21&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=da29ec2e-c6d1-4c8a-a6c4-0b084a77019d&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESENpVc3QiuOvU5YLJJ9f-Icc&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENpVc3QiuOvU5YLJJ9f-Icc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3640150937425385154&opid=apx&ops=&utidl=tech:goo:CAESENpVc3QiuOvU5YLJJ9f-Icc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22333234230&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=197bee36986b3d7d7f9396c230c26e3f&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 327
  • https://id5-sync.com/s/441/9.gif?puid=e_6bf0e067-715e-494f-b526-44f8175ffeb1&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_6bf0e067-715e-494f-b526-44f8175ffeb1&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=80ec2466-03c1-4648-a4e1-6fd070cf5e21&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=80ec2466-03c1-4648-a4e1-6fd070cf5e21&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=da29ec2e-c6d1-4c8a-a6c4-0b084a77019d&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESENpVc3QiuOvU5YLJJ9f-Icc&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENpVc3QiuOvU5YLJJ9f-Icc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3640150937425385154&opid=apx&ops=&utidl=tech:goo:CAESENpVc3QiuOvU5YLJJ9f-Icc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22333316871&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F4%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/160/4/6.gif?puid=35612617524358028648703036678281404084&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 328
  • https://id5-sync.com/s/441/9.gif?puid=e_3b3d2294-ccde-4e1c-aabd-261d93a2be32&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_3b3d2294-ccde-4e1c-aabd-261d93a2be32&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=80ec2466-03c1-4648-a4e1-6fd070cf5e21&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=80ec2466-03c1-4648-a4e1-6fd070cf5e21&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=da29ec2e-c6d1-4c8a-a6c4-0b084a77019d&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESENpVc3QiuOvU5YLJJ9f-Icc&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENpVc3QiuOvU5YLJJ9f-Icc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3640150937425385154&opid=apx&ops=&utidl=tech:goo:CAESENpVc3QiuOvU5YLJJ9f-Icc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22333316871&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=197bee36986b3d7d7f9396c230c26e3f&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 329
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22096189-4a03-4700-865b-c47333c7c36a
Request Chain 330
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1GdOQ9Y3Rk7PZ0Af1WBbTNJkQE3PM0RI2mW8FgCb
Request Chain 331
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2006629915030252444
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMsrH6OvIP1blZnpOJoRgDs&google_cver=1
Request Chain 335
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22096189-4a03-4700-865b-c47333c7c36a
Request Chain 336
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1GdOQ9Y3Rk7PZ0Af1WBbTNJkQE3PM0RI2mW8FgCb
Request Chain 337
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=90761867529434984
Request Chain 340
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMsrH6OvIP1blZnpOJoRgDs&google_cver=1
Request Chain 341
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22096189-4a03-4700-865b-c47333c7c36a
Request Chain 342
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1GdOQ9Y3Rk7PZ0Af1WBbTNJkQE3PM0RI2mW8FgCb
Request Chain 343
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2675972084304443727
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMsrH6OvIP1blZnpOJoRgDs&google_cver=1
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSci6m94GI1aqkcNfifzaA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 349
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4NTk0NzgxNzk5Mjc4Nzk2OTk%3D
Request Chain 351
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/15859478179927879699?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-j0fGFspE2oRR7uGl4kBqArnssxSUvbW_sXQrc5sw6Q--~A&dongle=0883
Request Chain 354
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=15859478179927879699 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15859478179927879699&dcc=t
Request Chain 355
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 356
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7365271393311050287&dongle=d407
Request Chain 358
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSci6m94GI1aqkcNfifzaA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 359
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4NTk0NzgxNzk5Mjc4Nzk2OTk%3D
Request Chain 361
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/15859478179927879699?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-_Qk2CGFE2oQ7EOxB0BkqJagfLff6zsvRa2zJDok4KA--~A&dongle=0883
Request Chain 364
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=15859478179927879699 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15859478179927879699&dcc=t
Request Chain 365
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 366
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3618557978315508271&dongle=d407
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSci6m94GI1aqkcNfifzaA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 369
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4NTk0NzgxNzk5Mjc4Nzk2OTk%3D
Request Chain 371
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/15859478179927879699?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.upUz_xE2oS8PLwg.Vmrd7ORmG1Uq25JPlNQbMq9Ow--~A&dongle=0883
Request Chain 374
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=15859478179927879699 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15859478179927879699&dcc=t
Request Chain 375
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 376
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3546500384277580335&dongle=d407
Request Chain 385
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&dcc=t
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPztLH0Z6893gHW6tf3vl84&google_cver=1
Request Chain 389
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYlKA1eBV3CbXTFX04osWgAA%261138?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYlKA1eBV3CbXTFX04osWgAA%261138?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 390
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638979336
Request Chain 393
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPztLH0Z6893gHW6tf3vl84&google_cver=1
Request Chain 395
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&dcc=t
Request Chain 397
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADxyU7DEpQAABnmTBrE1w&expiration=1637596937&gdpr=1
Request Chain 398
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0ef63eb3-ac65-43ce-9431-7dd9a1d92a68&expiration=1667923337
Request Chain 399
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=6680c5b3-2cd1-4449-bb49-8919621bbc7d
Request Chain 402
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPztLH0Z6893gHW6tf3vl84&google_cver=1
Request Chain 403
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&dcc=t
Request Chain 406
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYlKA1eBV3CbXTFX04osWgAA%261138?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYlKA1eBV3CbXTFX04osWgAA%261138?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 407
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=34e64ba2-8c8f-46dc-ad56-27703b1adaaa
Request Chain 410
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 412
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8625757600845459465
Request Chain 414
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MDT4OE_EQBW70138XQEJKA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 415
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=22096189-4a03-4700-865b-c47333c7c36a
Request Chain 416
  • https://pixel.onaudience.com/?partner=214&mapped=3034F838-4FC4-4015-BBD3-5DFC5D010928 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=197bee36986b3d7d7f9396c230c26e3f HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=3949eaa3e06f154a5c1434d719c7cb33
Request Chain 417
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzAzNEY4MzgtNEZDNC00MDE1LUJCRDMtNURGQzVEMDEwOTI4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 418
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGdUuJHftrkvV6RA7syHL3c&google_cver=1
Request Chain 420
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:22096189-4a03-4700-865b-c47333c7c36a&gdpr=0&gdpr_consent=
Request Chain 421
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 422
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=22096189-4a03-4700-865b-c47333c7c36a&expires=28
Request Chain 424
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ujkCYEIO8aemuejeoUxyO8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7788274991324539317
Request Chain 425
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZRVVJMTjktMTktNTRIUg==
Request Chain 426
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG3OaBlaEOc8M9q3HOfm0f8&google_cver=1
Request Chain 427
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVQURLN9-19-54HR&sigv=1&esig=2~758ef63cec0c2dd34cf93a7c5d98a5547fad8cc4
Request Chain 428
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YYlKCQADC71z6wAz HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYlKCQADC71z6wAz&_test=YYlKCQADC71z6wAz

437 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.weny.com/
Redirect Chain
  • http://weny.com/
  • http://www.weny.com/
  • https://www.weny.com/
3 MB
340 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
730cba4aaf11bdb8de35ef694f6512cbedd754b8a3f50726e8d5cc900719631c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
etag
W/"31bd47-vW6yFiDxbkHiAyBfKpAGZaVo5Rg"
server
nginx/1.16.1
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-response-time
267ms
x-xss-protection
1; mode=block
via
1.1 varnish, 1.1 varnish
access-control-allow-origin
*
accept-ranges
bytes
date
Mon, 08 Nov 2021 16:02:09 GMT
age
260
x-served-by
cache-bwi5130-BWI, cache-fra19177-FRA
x-cache
HIT, HIT
x-cache-hits
1, 1
x-timer
S1636387329.339299,VS0,VE4
vary
Accept-Encoding
content-length
348032

Redirect headers

Server
Varnish
Retry-After
0
Location
https://www.weny.com/
Content-Length
0
Accept-Ranges
bytes
Date
Mon, 08 Nov 2021 16:02:09 GMT
Via
1.1 varnish
Connection
close
X-Served-By
cache-fra19161-FRA
X-Cache
HIT
X-Cache-Hits
0
X-Timer
S1636387329.312682,VS0,VE0
Access-Control-Allow-Origin
*
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617
age
19940415
cdn-cachedat
2021-03-11 11:57:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9c865ab149d3db1d503eb94bbda09a17
cf-ray
6ab00628ba055b62-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
app-764a18e3c8b69fd047ef.css
ngw-static.franklyinc.com/assets/10725/ 		306 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ngw-static.franklyinc.com/assets/10725/app-764a18e3c8b69fd047ef.css
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5ffb6dd0ff8f483214eb680e533536c88c3964fd6f29ebcdcdd9d33b2f82a1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
content-encoding
gzip
age
3597136
x-cache
HIT, HIT
content-length
49946
x-amz-id-2
bHHijD1wmjWdBPvykY81K2Pp1Vr2VYt9YORNaryTfDIgcCzXhgtQfqKcWdxgai07EWHsCt8nqMY=
x-served-by
cache-bwi5144-BWI, cache-fra19129-FRA
access-control-allow-origin
*
last-modified
Mon, 27 Sep 2021 19:18:10 GMT
server
AmazonS3
x-timer
S1636387329.401334,VS0,VE0
etag
"379fa24eeb685aad599ba5d1a001ef97"
vary
Accept-Encoding
x-amz-request-id
9K917VXKFZ1DWF2S
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
1, 169
custom-nextgen-wicu.css
ftpcontent.worldnow.com/professionalservices/clients/wicu/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ftpcontent.worldnow.com/professionalservices/clients/wicu/custom-nextgen-wicu.css
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
43302c15e4cf3bfb27e03ad988b3cfef303d7307ec18624e9819df48353dc89c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish
x-amz-meta-user-agent-id
professionalservices@s-d08b37440bfd4618b
age
16
x-cache
HIT
content-length
6332
x-amz-id-2
dcriDCqLNR98pNIW96DhWNRt/bMSEc+pvulSWUG4BVHoFbqxFH7bZCgUN30Z5nLlHdokOcUdyMI=
x-served-by
cache-fra19128-FRA
last-modified
Mon, 28 Oct 2019 19:22:28 GMT
server
AmazonS3
x-timer
S1636387329.406377,VS0,VE1
etag
"58dd2506e02704175faac20cfe7c4b00"
x-amz-meta-user-agent
AWSTransfer
x-amz-request-id
D57XXE1TSXTJTB8R
accept-ranges
bytes
content-type
text/css
x-cache-hits
1
nextgen.css
ftpcontent.worldnow.com/professionalservices/clients/weny/ 		222 B
413 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ftpcontent.worldnow.com/professionalservices/clients/weny/nextgen.css
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe95bfb377d2095d29d05b8cc21059a05245675ff2b6fe9517484c220da7682b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish
last-modified
Tue, 02 Jun 2020 14:53:07 GMT
server
AmazonS3
age
0
etag
"376b45375c12c0801bea2b2136c4e268"
x-served-by
cache-fra19128-FRA
x-cache
HIT
content-type
text/css
content-length
222
accept-ranges
bytes
x-timer
S1636387329.406500,VS0,VE100
x-amz-request-id
36ZG0FQQAZ5Z000R
x-amz-id-2
ExY/THhFFX3crvuPGHfxw39WXqcIbsOC9xU1FCyuK1Enyebi07LJBRIE831C8K9iTfhy88VoVT0=
x-cache-hits
1
cms-enn-style.css
clientcontent.franklyinc.com/wicu/frankly/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clientcontent.franklyinc.com/wicu/frankly/cms-enn-style.css
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0b9f2ab63d5d0b9facfae89f0dda7c6a8ed0a6e02226e93ab67f3d767c48a43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish
x-amz-meta-user-agent-id
wicu@s-d08b37440bfd4618b
age
12
x-cache
HIT
content-length
5588
x-amz-id-2
a0pjP0Zd7OPmY71d6bmqJIwFh/FOvioiXwtmbh9UpdI4n6wRpWkWEGNpQxxrUcNgkvbJSjyk5ok=
x-served-by
cache-fra19183-FRA
last-modified
Mon, 17 May 2021 20:32:37 GMT
server
AmazonS3
x-timer
S1636387329.397899,VS0,VE0
etag
"6ef06497f1085e38a3876bb794e76c5a"
x-amz-meta-user-agent
AWSTransfer
x-amz-request-id
8VY5HB1RMJBJTPJ9
accept-ranges
bytes
content-type
text/css
x-cache-hits
1
weny-global.css
clientcontent.franklyinc.com/wicu/frankly/ 		75 B
281 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clientcontent.franklyinc.com/wicu/frankly/weny-global.css
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0096f769c4a8f869b355e861247dd3599a34bfeb28c9dac46a5a599511b51e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish
x-amz-meta-user-agent-id
wicu@s-d08b37440bfd4618b
age
0
x-cache
MISS
content-length
75
x-amz-id-2
yOSE4QqEzIhl3HuVnHEdNVzJKFFv2VKvwd/+N1ZXl01QahTHwPG6JlWY0bRKdFQ+3kavK5dTp6o=
x-served-by
cache-fra19183-FRA
last-modified
Wed, 03 Feb 2021 18:30:16 GMT
server
AmazonS3
x-timer
S1636387329.397995,VS0,VE211
etag
"7f490693286e2f48f3eead786b5d7004"
x-amz-meta-user-agent
AWSTransfer
x-amz-request-id
0QSWY4QYM1G8Q74S
accept-ranges
bytes
content-type
text/css
x-cache-hits
0
jquery-2.2.0.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
content-encoding
gzip
last-modified
Fri, 08 Jan 2016 20:03:15 GMT
server
nginx
etag
W/"56901603-14e55"
vary
Accept-Encoding
x-hw
1636387329.dop237.fr8.t,1636387329.cds285.fr8.hn,1636387329.cds107.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29875
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617, 617
age
19938867
cdn-cachedat
2021-03-11 11:57:55
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
fbee2cc04fdd3c5841bb4113b8b31dc1
cf-ray
6ab00628ba0d5b62-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
iframeResizer.contentWindow.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.3/iframeResizer.contentWindow.min.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
914886
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4430
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9f-349a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYi%2BkKi9sNTIGhZRDvgYhUowNx3VE9hB%2B%2BaJ%2FecDHsG%2Blha62OoFs8KzCoeRCEDycwhUdmbRbeerA4%2FANEktCmpWgI32OE9xLj8M53BVMA04PjEcnhYlDxHDG46FXKmzEf9VZ8A6QFkxsXDSGpWvB246"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ab00629d970dfcf-FRA
expires
Sat, 29 Oct 2022 16:02:09 GMT
WNVideo.js
weny.images.worldnow.com/interface/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weny.images.worldnow.com/interface/js/WNVideo.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b31909e6918ca9fd756f89517929aedbd9f977fc7863ca12a92e335e2fe183be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish, 1.1 varnish
age
269006
x-cache
HIT, HIT
content-length
2305
x-amz-id-2
xPwu78e2UV1YHyOMBt0KTJdO3VVnwEpi/buk2gSCMEkwFvblA2A9bnFSYF4njBkmud72NUKWOe4=
x-served-by
cache-bwi5124-BWI, cache-fra19155-FRA
last-modified
Fri, 05 Nov 2021 13:15:20 GMT
server
AmazonS3
x-timer
S1636387329.401313,VS0,VE1
etag
"afe35b43329bf56806f5dff5dbf04c0b"
x-amz-request-id
VMBD1DH7TH27ER28
access-control-allow-origin
*
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
1, 1
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FF7) /
Resource Hash
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 08 Nov 2021 16:02:09 GMT
content-encoding
gzip
content-md5
DgH26NwpVpUJ7mY3mCxUbA==
age
571882
x-cache
HIT
content-length
919
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 07 May 2020 14:25:32 GMT
server
ECAcc (frc/8FF7)
etag
"0x8D7F2927FD84964+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
09cffe28-201e-00a8-2786-cf66a3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
app-3799219fe6f138581641.js
ngw-static.franklyinc.com/assets/10725/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://ngw-static.franklyinc.com/assets/10725/app-3799219fe6f138581641.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4faae12a5a8f1f0439f11330f88444ccdaf7248d55ebc9bca8a1ced6869d1662

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
content-encoding
gzip
age
3597137
x-cache
HIT, HIT
content-length
1121877
x-amz-id-2
UrUGrpCutkc/PvoiF7SC90sMMic8g4NXV7bGghuNTUI//5Jgiw0vqvIJUehq2GXI9w7J3Bdnl68=
x-served-by
cache-bwi5180-BWI, cache-fra19129-FRA
access-control-allow-origin
*
last-modified
Mon, 27 Sep 2021 19:18:10 GMT
server
AmazonS3
x-timer
S1636387329.407272,VS0,VE0
etag
"ee14e3b4f0fd6bcf7abe2d9fae5204f0"
vary
Accept-Encoding
x-amz-request-id
9K9EY0EBGET8Q3DK
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 18740
ccpa.js
ftpcontent.worldnow.com/professionalservices/globalcss/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ftpcontent.worldnow.com/professionalservices/globalcss/ccpa.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish
last-modified
Mon, 29 Jun 2020 18:52:15 GMT
server
AmazonS3
age
3
etag
"0ee412381eea4aba59e8a80ef1b33cb2"
x-served-by
cache-fra19128-FRA
x-cache
HIT
content-type
application/javascript
content-length
1174
accept-ranges
bytes
x-timer
S1636387329.407281,VS0,VE1
x-amz-request-id
XFZB3BCM01G02E5T
x-amz-id-2
gWNtY7kHLEzo0P6wjBz4M7NscP4KXE8znKr0B2nxk304PZKKYjllW74LnCrUmQf03UNya4Dujuo=
x-cache-hits
1
off-platform.min.css
ftpcontent.worldnow.com/platform-files/latest/css/
Redirect Chain
  • https://content.worldnow.com/global/css/_pub/off-platform.min.css?ver=7.15.0-5
  • https://ftpcontent.worldnow.com/platform-files/latest/css/off-platform.min.css
89 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ftpcontent.worldnow.com/platform-files/latest/css/off-platform.min.css
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Server
199.232.194.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce418b1a84c7b43dc9942db3dd4712a7014183680291fa359dbf224e06ed47f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish
last-modified
Mon, 16 Nov 2020 12:57:30 GMT
server
AmazonS3
age
15
etag
"f01f010415e22a21b5bf2dc189e9a38f"
x-served-by
cache-fra19128-FRA
x-cache
HIT
content-type
text/css
content-length
91558
accept-ranges
bytes
x-timer
S1636387330.685524,VS0,VE1
x-amz-request-id
2FBJ2V4TC9YHTCVR
x-amz-id-2
0rdfZhgBsA/o4DBkoksgjOhCe19CdGwjtEcC1YqmsCWW5q4asjUMVD5paIz5vFaDO2l7fNCLj6M=
x-cache-hits
1

Redirect headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish
server
Varnish
access-control-allow-private-network
true
x-timer
S1636387330.670360,VS0,VE0
x-served-by
cache-fra19148-FRA
x-cache
HIT
location
https://ftpcontent.worldnow.com/platform-files/latest/css/off-platform.min.css
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
retry-after
0
x-cache-hits
0
weny.config.js
content.worldnow.com/global/js/_pub/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.worldnow.com/global/js/_pub/weny.config.js?ver=7.15.0-5
Requested by
Host: weny.images.worldnow.com
URL: https://weny.images.worldnow.com/interface/js/WNVideo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/7.0 /
Resource Hash
81dfc926d06fe7b1e13c87ab635c500e698662d087a00eff1947c05627d4593d

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish, 1.1 varnish
fastly-restarts
2
access-control-allow-private-network
true
age
2207676
x-cache
HIT, HIT
content-encoding
gzip
content-length
4997
x-served-by
cache-bwi5161-BWI, cache-fra19148-FRA
wn
IISCOM01
last-modified
Wed, 22 Jul 2020 16:18:02 GMT
server
Microsoft-IIS/7.0
x-timer
S1636387330.670554,VS0,VE1
etag
"0d912ac4360d61:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
7176, 1
wnaffiliateconfig.js
weny.images.worldnow.com/interface/js/ 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://weny.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5
Requested by
Host: weny.images.worldnow.com
URL: https://weny.images.worldnow.com/interface/js/WNVideo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c890f10a781dbc04a4c256303456eda463e9496ae48072c37e7a0c099fa890f

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish, 1.1 varnish
age
330933
x-cache
HIT, HIT
content-length
52051
x-amz-id-2
QvEGBrNV28BnlYLBbokiMdBXJCUyVupAUg6IIgrq4YWn/G/DFH79JYJ/jKKoJOudOPwqAXCpmvw=
x-served-by
cache-bwi5149-BWI, cache-fra19155-FRA
last-modified
Fri, 17 Sep 2021 13:41:14 GMT
server
AmazonS3
x-timer
S1636387330.631417,VS0,VE1
etag
"a7fc9180ee94666413650608af8b323b"
x-amz-request-id
548X1R92G06RG531
access-control-allow-origin
*
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
1, 1
off-platform.min.js
ftpcontent.worldnow.com/platform-files/latest/js/
Redirect Chain
  • https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
  • https://ftpcontent.worldnow.com/platform-files/latest/js/off-platform.min.js
2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://ftpcontent.worldnow.com/platform-files/latest/js/off-platform.min.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Server
199.232.194.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
168ee1d2327265c7e417b9835cae716191fbe3af9c025191a170b0a1868dbeeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish
last-modified
Wed, 11 Aug 2021 13:41:08 GMT
server
AmazonS3
age
15
etag
"7949b226b6bcd8380116ae4d5e7e7e69"
x-served-by
cache-fra19128-FRA
x-cache
HIT
content-type
application/javascript
content-length
1943962
accept-ranges
bytes
x-timer
S1636387330.786431,VS0,VE3
x-amz-request-id
ZFQEJEDGD20Y03KX
x-amz-id-2
DTD5QiznB0GSGkYx4Lc1nUJpVAwZAt+USsuEJ162NGh+2dcWSdiSlcDCAm1Jw8SUEed/RdewuCE=
x-cache-hits
1

Redirect headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish
server
Varnish
access-control-allow-private-network
true
x-timer
S1636387330.670945,VS0,VE0
x-served-by
cache-fra19148-FRA
x-cache
HIT
location
https://ftpcontent.worldnow.com/platform-files/latest/js/off-platform.min.js
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
retry-after
0
x-cache-hits
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cdbb68e93d9fb8a81d427448443a41d21a66c151d4d7ec865e648833f854b2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125171
x-xss-protection
0
expires
Mon, 08 Nov 2021 16:02:09 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
3987
date
Mon, 08 Nov 2021 14:55:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 08 Nov 2021 16:55:42 GMT
gtm.js
www.googletagmanager.com/ 		127 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
edcc1a87d8f9b63ccefb58e73238536f3f973294b257ae4b457144897a8c6554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45916
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Nov 2021 16:02:09 GMT
v2fzm3DO2tSBnI5kkDZqjZj8W1lqqcfCqSwtyIHx3cy-kQdpxdsyBEwX4pZN06XZM
begintrain.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://begintrain.com/v2fzm3DO2tSBnI5kkDZqjZj8W1lqqcfCqSwtyIHx3cy-kQdpxdsyBEwX4pZN06XZM
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
349da1799fdd42956b23baec2d20d6f5c9fe75b8f0fba96250ff3af556132e1d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"57c71b2c6d23b11c709e618742aec188951f416685d867f5ab37590d53193773"
vary
Accept-Encoding, Accept-Language
x-hostname
0f8346e1
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 08 Nov 2021 16:02:10 GMT
timing-allow-origin
*
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
gPgIxzJ.png
ngw-static.franklyinc.com/assets/10725/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngw-static.franklyinc.com/assets/10725/gPgIxzJ.png
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-764a18e3c8b69fd047ef.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26dc4e8a3bf6f660025f26685d625cbc4539a89bb160b15cefa31b4577b16d27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ngw-static.franklyinc.com/assets/10725/app-764a18e3c8b69fd047ef.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish, 1.1 varnish
age
3597133
x-cache
HIT, HIT
content-length
1234
x-amz-id-2
ohaF67K+JBkHXrZCXX6nxw5DgGsujmI2VXc161C/6ZJGHwen9+sgjF8NB9+dpknjjc8Q0dbj9Do=
x-served-by
cache-bwi5125-BWI, cache-fra19129-FRA
last-modified
Mon, 27 Sep 2021 19:18:10 GMT
server
AmazonS3
x-timer
S1636387330.932508,VS0,VE1
etag
"7632e2b3b05f4fe90251573730e62562"
x-amz-request-id
39KG4XCPXM7KMGRX
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/png
x-cache-hits
1, 1
2iO5YNY.woff2
ngw-static.franklyinc.com/assets/10725/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ngw-static.franklyinc.com/assets/10725/2iO5YNY.woff2
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-764a18e3c8b69fd047ef.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://ngw-static.franklyinc.com/assets/10725/app-764a18e3c8b69fd047ef.css
Origin
https://www.weny.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish, 1.1 varnish
age
3552492
x-cache
HIT, HIT
content-length
77160
x-amz-id-2
hGqnhdopUPsj3zaqsFoRUHz6S6NgHaEXCJH4M73j+ri1QoDo6M355bon5wnqEHVSh513IckCklY=
x-served-by
cache-bwi5155-BWI, cache-fra19150-FRA
last-modified
Mon, 27 Sep 2021 19:18:07 GMT
server
AmazonS3
x-timer
S1636387330.951047,VS0,VE0
etag
"af7ae505a9eed503f8b8e6982036873e"
x-amz-request-id
14SQ7KDC3RRHXWAF
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
font/woff2
x-cache-hits
1, 9648
3O-AJ6r.woff
ngw-static.franklyinc.com/assets/10725/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ngw-static.franklyinc.com/assets/10725/3O-AJ6r.woff
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-764a18e3c8b69fd047ef.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
43264eee45c4715993bf08624e216977bbb9f547cacc9d9d6062255de83c0a0a

Request headers

Referer
https://ngw-static.franklyinc.com/assets/10725/app-764a18e3c8b69fd047ef.css
Origin
https://www.weny.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish, 1.1 varnish
age
3552494
x-cache
HIT, HIT
content-length
80028
x-amz-id-2
Jp36J5ZGfZOb3glVqBq+FiCf1VXsNKEfGdVyrdEOhfDs8KoyhuCyRC2Fn+vPA7No+L8n2RBg0UM=
x-served-by
cache-bwi5179-BWI, cache-fra19150-FRA
last-modified
Mon, 27 Sep 2021 19:18:08 GMT
server
AmazonS3
x-timer
S1636387330.951110,VS0,VE0
etag
"2f33e690fea4a3e678394617b40cd48f"
x-amz-request-id
P7ZT35EVKKBDWWY4
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/font-woff
x-cache-hits
1, 114
P4KU09_.woff
ngw-static.franklyinc.com/assets/10725/ 		79 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ngw-static.franklyinc.com/assets/10725/P4KU09_.woff
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-764a18e3c8b69fd047ef.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d212c4e67cb437939d8af0fff3f3d30f58fda432be6f0cd03107855c1b8aa057

Request headers

Referer
https://ngw-static.franklyinc.com/assets/10725/app-764a18e3c8b69fd047ef.css
Origin
https://www.weny.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:09 GMT
via
1.1 varnish, 1.1 varnish
age
2870385
x-cache
HIT, HIT
content-length
80588
x-amz-id-2
7lxC3r9TW2M5wFHktqiuXYf8Ejpw8lv4Pay1ZqrHywqq23qiHQSr8DjDUZiF9QWQaclSOoG9Ejo=
x-served-by
cache-bwi5133-BWI, cache-fra19150-FRA
last-modified
Mon, 27 Sep 2021 19:18:09 GMT
server
AmazonS3
x-timer
S1636387330.951230,VS0,VE0
etag
"42dd505fb0243062f35e1b3b46210151"
x-amz-request-id
ENNX9V8SWDSP9C4W
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/font-woff
x-cache-hits
1, 107
widgetinfo
p.cityspark.com/api/widgets/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cityspark.com/api/widgets/widgetinfo?wid=9805&callback=jsonp1636387526644
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5cca64bdd02d7536cd55db209e5ea08940431ce48d1e6e16d156cbb68a8e19ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
4-3799219fe6f138581641.js
ngw-static.franklyinc.com/assets/10725/ 		145 B
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ngw-static.franklyinc.com/assets/10725/4-3799219fe6f138581641.js
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-3799219fe6f138581641.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbe4296cb4455a0f86c6cc4384465a1edb308b03d26a720442549e3ec6021fb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
age
3597136
x-cache
HIT, HIT
content-length
147
x-amz-id-2
26qckuwMLKaRUXmqTyEjIBBxIyleDHdRKsp9bWOeenSo9xQN/sXFaxC4LxL1qR/ZRFZX+aR1jug=
x-served-by
cache-bwi5167-BWI, cache-fra19129-FRA
access-control-allow-origin
*
last-modified
Mon, 27 Sep 2021 19:18:08 GMT
server
AmazonS3
x-timer
S1636387330.195423,VS0,VE0
etag
"4b826eac3d39abc0be54cb01a03712ba"
vary
Accept-Encoding
x-amz-request-id
RXM1ECPCFYQW2W7C
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 154
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12ccf827ffd5452b891e6219a9d3be8222aea9ab9d2277bfb9cf06e745dc2159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1037 / 250 of 1000 / last-modified: 1636373146"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27113
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 08 Nov 2021 16:02:10 GMT
13140_Frankly_CMS_Wrapper.js
ads.rubiconproject.com/prebid/ 		473 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Requested by
Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b9e07bb9ad4968a1fbe6e7333850431a4d258b4636fab75e946ffdd848ae9f69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Oct 2021 17:22:27 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=12501
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
130491
Expires
Mon, 08 Nov 2021 19:30:31 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1435211709&utmhn=www.weny.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=WENY%20News&utmhid=270671331&utmr=-&utmp=%2F&utmht=1636387330238&utmac=UA-30104345-1&utmcc=__utma%3D1.2103542911.1636387330.1636387330.1636387330.1%3B%2B__utmz%3D1.1636387330.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=459684072&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
Redirect Chain
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js?_=1636387329621
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
a468a35eb24d9586536db019a68c7eece5ea6ea1d154ff7ce4e9dc3f9a600590
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1037 / 492 of 1000 / last-modified: 1636373217"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27114
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 08 Nov 2021 16:02:10 GMT

Redirect headers

date
Mon, 08 Nov 2021 16:02:10 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Mon, 08 Nov 2021 16:32:10 GMT
08341f37df.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/08341f37df.js?_=1636387329622
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91fa1fe4e320d5b987cc982f8d5000a62fd90748f69e322042c63f1d4728457b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
6ab0062f5d3e4aa4-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FrWdm2x40EgpoWdGlyTi
resources
www.weny.com/api/componentInstances/routes[6].body[2].cols[0].components[0],/ 		1 KB
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weny.com/api/componentInstances/routes[6].body[2].cols[0].components[0],/resources
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-3799219fe6f138581641.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b7921156514eac9c7725ef0c6a4f18ca92f7afec6b64473b7fff9b44641cdfca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
HIT, MISS
content-length
770
x-xss-protection
1; mode=block
x-served-by
cache-bwi5136-BWI, cache-fra19177-FRA
x-response-time
207ms
access-control-allow-origin
*
server
nginx/1.16.1
x-timer
S1636387330.451533,VS0,VE89
etag
W/"5a1-8xnO+pAa0KJJvFj4g2pzCSmPz3Q"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
1, 0
resources
www.weny.com/api/componentInstances/routes[6].body[2].cols[1].components[2],/ 		1 KB
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weny.com/api/componentInstances/routes[6].body[2].cols[1].components[2],/resources
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-3799219fe6f138581641.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
294b1ad62a52983c3ba707f0472901fad023bf84ef6b30967d21ba770a3a2c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
HIT, MISS
content-length
770
x-xss-protection
1; mode=block
x-served-by
cache-bwi5180-BWI, cache-fra19177-FRA
x-response-time
473ms
access-control-allow-origin
*
server
nginx/1.16.1
x-timer
S1636387330.467487,VS0,VE87
etag
W/"5a1-n4M2LazCOGjop/+zpuz4TymNn5k"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
1, 0
resources
www.weny.com/api/componentInstances/routes[6].body[2].cols[1].components[3],/ 		1 KB
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weny.com/api/componentInstances/routes[6].body[2].cols[1].components[3],/resources
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-3799219fe6f138581641.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d3826d782eda23ff45cc5339fd856c9eccf9cd057b7c576c387a4cf577edc1f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
HIT, MISS
content-length
769
x-xss-protection
1; mode=block
x-served-by
cache-bwi5139-BWI, cache-fra19177-FRA
x-response-time
457ms
access-control-allow-origin
*
server
nginx/1.16.1
x-timer
S1636387330.468325,VS0,VE89
etag
W/"5a1-i9NElLtLyNTdbXa0xbQNrRAQjvk"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
1, 0
resources
www.weny.com/api/componentInstances/routes[6].body[2].cols[1].components[5],/ 		148 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weny.com/api/componentInstances/routes[6].body[2].cols[1].components[5],/resources
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-3799219fe6f138581641.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
3d88fda7e47f2681de6a750de93dc7c2ede7aabd274f467f8161cd50d3efdb9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
HIT, MISS
content-length
139
x-xss-protection
1; mode=block
x-served-by
cache-bwi5151-BWI, cache-fra19177-FRA
x-response-time
26ms
access-control-allow-origin
*
server
nginx/1.16.1
x-timer
S1636387330.472248,VS0,VE88
etag
W/"94-PEZcu1fVPRnAJDc8kxtFvc5Xl2o"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
1, 0
resources
www.weny.com/api/componentInstances/footer[0].cols[0].components[2],/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weny.com/api/componentInstances/footer[0].cols[0].components[2],/resources
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-3799219fe6f138581641.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
151c12b3ccf32ec5b2fc32f22e26a24b01884e7a387430b964fd013ee3500836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26
x-dns-prefetch-control
off
x-cache
HIT, MISS
content-length
1062
x-xss-protection
1; mode=block
x-served-by
cache-bwi5122-BWI, cache-fra19177-FRA
x-response-time
27ms
access-control-allow-origin
*
server
nginx/1.16.1
x-timer
S1636387330.486361,VS0,VE87
etag
W/"8ec-8jPZOraMl/13BRXRqMNi7hNhInA"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
1, 0
resources
www.weny.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget,/ 		843 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weny.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget,/resources
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-3799219fe6f138581641.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
53bba9f3ca86a5629b06ba6f3b11258378bebeda2a460c7413cca82d8db0a637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
HIT, MISS
content-length
462
x-xss-protection
1; mode=block
x-served-by
cache-bwi5147-BWI, cache-fra19177-FRA
x-response-time
430ms
access-control-allow-origin
*
server
nginx/1.16.1
x-timer
S1636387330.487894,VS0,VE89
etag
W/"34b-eF2S8EE7Wgbg4xl+jNkLuDvC9pA"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
1, 0
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV2QLD&l=franklyDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
64
date
Mon, 08 Nov 2021 16:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 08 Nov 2021 18:01:06 GMT
videojs.ima.1.5.1-3.js
ftpcontent.worldnow.com/platform-files/plugins/ 		85 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ftpcontent.worldnow.com/platform-files/plugins/videojs.ima.1.5.1-3.js
Requested by
Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 varnish
x-amz-meta-user-agent-id
professionalservices@s-d08b37440bfd4618b
age
1
x-cache
HIT
content-length
87290
x-amz-id-2
oH+F8hZx6JZaSekLcDkwhBKGEmKwIDvgd6ZJNaq5ZquQforD8Eky09PDEzJO1M5mdaE2TNp7Fsk=
x-served-by
cache-fra19128-FRA
last-modified
Mon, 28 Oct 2019 19:35:47 GMT
server
AmazonS3
x-timer
S1636387331.520124,VS0,VE1
etag
"8adaa86214cf79d9c87e21aed1384592"
x-amz-meta-user-agent
AWSTransfer
x-amz-request-id
E0ND51RP9PZ2E7BV
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
1
widgetinfo
p.cityspark.com/api/widgets/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cityspark.com/api/widgets/widgetinfo?wid=9805&callback=jsonp1636387665055
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
607d25fcb061b48d9b5b0b123eae21444d9202de0de48e83d20fd18ab9e91b7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
17772051_G.png
weny.images.worldnow.com/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weny.images.worldnow.com/images/17772051_G.png?auto=webp&disable=upscale&dpr=2&height=70&fit=bounds
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2ddec704ef91119ca3a5b33e5e93bfd7b7b0c7dcd6087fdd1f7cc5639980d98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
fastly-io-info
ifsz=99147 idim=1155x569 ifmt=png ofsz=26130 odim=284x140 ofmt=webp
fastly-stats
io=1
content-length
26130
x-amz-id-2
/QHu38DaeU2KmWzkGqq+xCR5flPZMgP952PNQJeclInPvBFtf9jEs/e8VWtc2cMif+rZtTggAco=
x-served-by
cache-bwi5138-BWI, cache-fra19155-FRA
server
AmazonS3
x-timer
S1636387331.564090,VS0,VE87
etag
"VA3trMSVsFEoWDKACeKO4sKsZRLKfFnqgq9pRoW9/F0"
x-amz-request-id
5VMTKYTD56JFMDJE
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
content-type
image/webp
x-cache-hits
4, 0
16458243_G.jpg
weny.images.worldnow.com/images/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weny.images.worldnow.com/images/16458243_G.jpg?auto=webp&disable=upscale&lastEditedDate=1522779746000&width=1058
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c018125c1a5cc37b89cebe560dea5ad408baf81e2f1d8dedf550f812cc4183bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
fastly-io-info
ifsz=53895 idim=640x360 ifmt=jpeg ofsz=45868 odim=640x360 ofmt=webp
fastly-stats
io=1
content-length
45868
x-amz-id-2
hlzmDF5gj/+1lJP4sfzpl7sslXPufrSMTjvTyRTwF+I5UsXYUEVMn+Z2B3hIs8mGKeS4otNltlU=
x-served-by
cache-bwi5176-BWI, cache-fra19155-FRA
server
AmazonS3
x-timer
S1636387331.565121,VS0,VE87
etag
"PsxYxvGSdn8kCU/bxDjX3YfEGqkrGl1IH98vlbQOXv4"
x-amz-request-id
SMCSD1RG7METR8SH
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 0
19819660_G.jpg
weny.images.worldnow.com/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weny.images.worldnow.com/images/19819660_G.jpg?auto=webp&disable=upscale&lastEditedDate=1597795744000&width=470
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
597c40212b7c734670b5fc4507944090254078b9957f3fd776479af12dd5635e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
fastly-io-info
ifsz=304750 idim=1920x1080 ifmt=jpeg ofsz=17952 odim=470x264 ofmt=webp
fastly-stats
io=1
content-length
17952
x-amz-id-2
upFw1CCNcy2jbdnC7lMNa/CS47PqRg3+2v8+/UPWPj7Y2oHrAy532L7RUolCC6PPBywg+a/zIMI=
x-served-by
cache-bwi5130-BWI, cache-fra19155-FRA
server
AmazonS3
x-timer
S1636387331.565788,VS0,VE87
etag
"zYvYKrYSzlcwcat4bV1AQo2+HlYLw9pYNd9TZ73mNWQ"
x-amz-request-id
NK8A315WR0SW3WAF
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 0
20076720_G.jpg
weny.images.worldnow.com/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weny.images.worldnow.com/images/20076720_G.jpg?auto=webp&disable=upscale&lastEditedDate=1605632830000&width=470
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6df246e4fabdf7a9df9f073e82e483baeb8c87b2cbddd4605d7d32744b07a878

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
fastly-io-info
ifsz=131005 idim=1920x1080 ifmt=jpeg ofsz=6520 odim=470x264 ofmt=webp
fastly-stats
io=1
content-length
6520
x-amz-id-2
ffwfyZMEqbIh6ksRETiJfebgSsWa/wU/p2T1V4zTodzXcxO2KSF/4sP/rzS2OC6Ei1tG/v7NeUs=
x-served-by
cache-bwi5149-BWI, cache-fra19155-FRA
server
AmazonS3
x-timer
S1636387331.566074,VS0,VE88
etag
"hkDuzHByC5OxoBnrlqijvEUxwa5CiDd7Wgunr/Ro/l4"
x-amz-request-id
G5S84Z8WEH7HGQMY
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
content-type
image/webp
x-cache-hits
2, 0
21365934_G.png
weny.images.worldnow.com/images/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weny.images.worldnow.com/images/21365934_G.png?auto=webp&disable=upscale&lastEditedDate=1633354327000&width=470
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d718cf85229db24035168ea89d8fe7bbb13c97759b7c5a4f608142eaf0222d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
fastly-io-info
ifsz=1018738 idim=1080x607 ifmt=png ofsz=105412 odim=470x264 ofmt=webp
fastly-stats
io=1
content-length
105412
x-amz-id-2
XR1qf3tIMJ8O5db3+y/H4NL6cerQ+5D8X2G/9oa6RNxPXjxzCSOwKsOqnG52/SMGkcspnftooKU=
x-served-by
cache-bwi5138-BWI, cache-fra19155-FRA
server
AmazonS3
x-timer
S1636387331.566151,VS0,VE87
etag
"/yEl/+KlHseg+kNSWqEd2QN2KQHVCEQYe4t4d3DNGbs"
x-amz-request-id
PFTKT5AFQHQDA96G
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 0
14662471_G.jpg
weny.images.worldnow.com/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weny.images.worldnow.com/images/14662471_G.jpg?auto=webp&disable=upscale&lastEditedDate=1502822576000&width=470
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e2dcf995382bae2a4ea67ef0136dd790196be48b1e4ca147ee7a2e0f1c4b549

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
fastly-io-info
ifsz=271015 idim=1920x1080 ifmt=jpeg ofsz=14228 odim=470x264 ofmt=webp
fastly-stats
io=1
content-length
14228
x-amz-id-2
Vk1S89qNxen4BcU+am7rLYfs4kOKMq5IP+0vxZ5xyFnygjqUd7G6vG0Fytxy/hM/f9VCALPG42k=
x-served-by
cache-bwi5125-BWI, cache-fra19155-FRA
server
AmazonS3
x-timer
S1636387331.566211,VS0,VE87
etag
"A8Xrfi5JQrVWa3RD29wdr2AYAhUMu+5xdBhFb3BWZJ8"
x-amz-request-id
GKRNV5M67ADM480T
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 0
21659616_G.jpg
weny.images.worldnow.com/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weny.images.worldnow.com/images/21659616_G.jpg?auto=webp&disable=upscale&lastEditedDate=1636142242000&width=470
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
981ddcc0833eaf83148de9bb9a3b30eaa0e405e1919b7076d9933671d818fdb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, HIT
fastly-io-info
ifsz=159313 idim=695x900 ifmt=jpeg ofsz=43854 odim=470x609 ofmt=webp
fastly-stats
io=1
content-length
43854
x-amz-id-2
/EnkMtbyc9iYz0X9ts6mEuWZRDjmdwIt+97l6hVbsiNxOODONU4SQGEG9+0DUdaz92yiRbbbY04=
x-served-by
cache-bwi5148-BWI, cache-fra19155-FRA
server
AmazonS3
x-timer
S1636387331.566298,VS0,VE89
etag
"oCgdn8tKWSTT9a5hwcZ8MLPlRYXowW4MQCiLSraST+M"
x-amz-request-id
RZHMX3EE2A6NWZ84
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1
21660298_G.jpeg
weny.images.worldnow.com/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weny.images.worldnow.com/images/21660298_G.jpeg?auto=webp&disable=upscale&lastEditedDate=1636185974000&width=470
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f62cef78a4bb90c983a0384ddb12b1481698738b8c685aa20f8bcf1ee642b4fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
fastly-io-info
ifsz=109034 idim=1000x667 ifmt=jpeg ofsz=28898 odim=470x313 ofmt=webp
fastly-stats
io=1
content-length
28898
x-amz-id-2
j/BGgmbbJvFw3EaoGGrG6CupCwTjeHrExlb0RA0BFD6SCIa+hN1WNC4LU/gOZDIz0WCDcegALB8=
x-served-by
cache-bwi5166-BWI, cache-fra19155-FRA
server
AmazonS3
x-timer
S1636387331.566439,VS0,VE87
etag
"+AYM5+yQNP03w0xRY5cFI1vNsY8JUw7UH2nE5A3EbvY"
x-amz-request-id
ARD10DWX0Z331SVA
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 0
19285498_G.png
weny.images.worldnow.com/images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weny.images.worldnow.com/images/19285498_G.png?auto=webp&disable=upscale&width=auto
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b49a6a2c0ebc6c940b6c76464d4d7bed85e2cd3767d8d2a330c6f16dbd51a972

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, HIT
fastly-io-info
ifsz=80293 idim=328x155 ifmt=png ofsz=55118 odim=328x155 ofmt=webp
fastly-stats
io=1
content-length
55118
x-amz-id-2
jDYF5Brcj/qcu6VAAT0GEFIrxnNSYVtM+Y4BMgW5CjxeVKDhiku6BgQECFY0VlKZtem89V37lz4=
x-served-by
cache-bwi5158-BWI, cache-fra19155-FRA
server
AmazonS3
x-timer
S1636387331.566471,VS0,VE90
etag
"R/e9G8s8SUkPVckOnghOJSssJgznBpiT5Gu7T3JnbR8"
x-amz-request-id
6S4YBZHBR11RB1JX
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
content-type
image/webp
x-cache-hits
2, 1
pubads_impl_2021110201.js
securepubads.g.doubleclick.net/gpt/ 		346 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118932
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 08:34:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 08 Nov 2021 16:02:10 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		148 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.weny.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
908b70b9bad1e47b0fcaec3948d733e2a19aef9d203e309d36935579a8c83844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Mon, 08 Nov 2021 16:02:10 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
age
8120856
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
bh7aRIFtv5978eUdwE-aNcvhWNfCBXVtAo0zULTGNvHRswYb18Y4JQ==
resources
www.weny.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 		843 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weny.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=14901
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-3799219fe6f138581641.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
53bba9f3ca86a5629b06ba6f3b11258378bebeda2a460c7413cca82d8db0a637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
HIT, MISS
content-length
462
x-xss-protection
1; mode=block
x-served-by
cache-bwi5160-BWI, cache-fra19177-FRA
x-response-time
60ms
access-control-allow-origin
*
server
nginx/1.16.1
x-timer
S1636387331.711273,VS0,VE88
etag
W/"34b-eF2S8EE7Wgbg4xl+jNkLuDvC9pA"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
1, 0
resources
www.weny.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 		843 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weny.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=14830
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-3799219fe6f138581641.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
65a01d82c5dcd40bffd1802ad595a1928215886c59eca635d12ca36436bb7032
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
HIT, MISS
content-length
463
x-xss-protection
1; mode=block
x-served-by
cache-bwi5124-BWI, cache-fra19177-FRA
x-response-time
153ms
access-control-allow-origin
*
server
nginx/1.16.1
x-timer
S1636387331.711379,VS0,VE89
etag
W/"34b-uub+P9kuTZkGkY5Si44wsoXEfog"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
1, 0
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=08341f37df
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/08341f37df.js?_=1636387329622
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132015
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDv%2BmNxDH94rzSZEpif53lH1oz0HHAQJxVFC254DN2qkYzYgTteJa%2FUswzZF3ytC78SFlhpUtsKjaEifCG2eu7NZWtRwS5qzhD4d%2FOl4f1QYSCPoB7XkWft6eZSsYGr39tGPi23rk50Xeo28x6Ieq1q8QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA50-C1
cf-ray
6ab006311d794e13-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
G5WFUKaLIU0KEiXAszHXxa4MOy7YCxDe_ylpP1bvdZVRvRKS95sioQ==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=08341f37df
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/08341f37df.js?_=1636387329622
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132015
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0f6GS%2FmwQvMOogbce6ATOOm0p36EgdHDBsvHsRVFIKIiHcT9PIx86tnhNXvf6V4Fxo8gKvwqCaj1Dz5BKTOdip%2BnoMJtaZu33SWZTvUE6KV%2B5gjY7rrkdxGdCg3QIfpD5TnehF0ND%2F2xz6BzhWlXMC3GeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA50-C1
cf-ray
6ab006311d7a4e13-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
OnYobkydxCWpOWCHzP5rqutO1Zg9BjaWIG02w9sX3EAnpnETBOEDqw==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=08341f37df
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/08341f37df.js?_=1636387329622
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132015
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnjCEuZBEAcGPEd%2F3Pn22WBrOzPeTKp9EwrMJWLvuTx3gaOVs%2B298btjYax4Mf5N8NbrxhXUgq2EayLFUhZwhWA%2BFI15NA2KjNjkcSV8%2BYd9QlaiZ78UmeBI%2BN4aHYQB5I7RmyBQ9rOfSqG4FTRZa%2Buakg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA50-C1
cf-ray
6ab006311d7c4e13-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
K_P1VXPdb8ID9fg933BbZt7a5xZkX-xcM7qy9gTYi5ub776YUyObKQ==
can-autoplay.3.0.0-1.js
ftpcontent.worldnow.com/platform-files/plugins/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ftpcontent.worldnow.com/platform-files/plugins/can-autoplay.3.0.0-1.js
Requested by
Host: content.worldnow.com
URL: https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 varnish
x-amz-meta-user-agent-id
professionalservices@s-d08b37440bfd4618b
age
1
x-cache
HIT
content-length
8570
x-amz-id-2
dvG5OLEfKiP4vR9YPA9sOmgwBtdqDV8UB/POtU0CCQByepCrNxLp/Wxg5mDgfdgZedo7oB2AijI=
x-served-by
cache-fra19128-FRA
last-modified
Mon, 28 Oct 2019 19:35:47 GMT
server
AmazonS3
x-timer
S1636387331.715243,VS0,VE1
etag
"cee92fb89ab4f849569bd1354aeb4618"
x-amz-meta-user-agent
AWSTransfer
x-amz-request-id
8TA8PQEJ3DD8ZQBJ
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
1
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:32:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1780
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 08 Nov 2021 16:32:30 GMT
one.js
csp.azureedge.net/cdn/OneCol/ 		138 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 15:51:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d799c9204961e2"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
61870
localstore.js
script.4dex.io/ 		483 B
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29824
content-type
application/javascript
x-amz-request-id
txfb885b5eaead480dbfa2f-00617b9d6a
x-amz-id-2
txfb885b5eaead480dbfa2f-00617b9d6a
last-modified
Tue, 26 Oct 2021 12:44:38 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ye1gUZiUP8%2FFp3E%2FuiIt%2FaM%2BOyYauYixkDg2DcoHfaULtVACG%2FAdxJS92Fr8sg8775mevwWQFFSckEKeAfQSE8zSVil2ILQzIkJgSPZKfzWEmwt5%2FDVunXPGzaTzNAonX04r3IgwlDnC4DaM"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1635252278092292
cache-control
public, max-age=1800
cf-ray
6ab006316dc5695b-FRA
expires
Mon, 08 Nov 2021 16:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
591af985afbb3b3725bb92a711a4ff886ef771f43327f15dc836cc94f5fa3981
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:10 GMT
X-Proxy-Origin
168.119.25.193; 168.119.25.193; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ad4d53bb-5c51-4ee7-bbfb-3fdb617a8edb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Mon, 08 Nov 2021 16:02:10 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.weny.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		212 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
cce471b643225fb35b245b8c383dc6da3af7b2ad6ec5fd6229d3045c48acc10c

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.weny.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
212
expires
0
imp
g2.gumgum.com/hbid/ 		419 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=ghvhu2m5&pi=3&maxw=728&maxh=90&si=95325&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.weny.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.weny.com%2F&ns=10240&gpid=%2F43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
69d65845e3f063c7f6f0187d447d6dc40d02c6cbbddeed908c8bc303caca8d5d

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.weny.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		391 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13140&site_id=359376&zone_id=1935332&size_id=2&rf=https%3A%2F%2Fwww.weny.com%2F&tg_i.aupname=loc-desktop%2Fweny%2F&tg_i.dfp_ad_unit_code=43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage&tg_i.pbadslot=43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage&tk_flint=dmpbjs_v5.11.0&x_source.tid=d02ad857-6707-43b6-b713-54d9851e359c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.13657175284944234
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
84a1d9d260f063b2943578f9eac1a233da7f203fa1484645f31f4ad2e52750e7

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
391
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
mp.4dex.io/ 		99 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e1f2bde115ca87d77c057a039bd8b9fa6ee0dfe062c547857ceb6a6a585b5ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=63072000
cf-ray
6ab006318d7c4abc-FRA
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
auction
tlx.3lift.com/header/ 		19 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.11.0&referrer=https%3A%2F%2Fwww.weny.com%2F&tmax=1000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.78.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-78-196.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
frankly-d.openx.net/w/1.0/ 		171 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://frankly-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.weny.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d02ad857-6707-43b6-b713-54d9851e359c&nocache=1636387330771&aus=728x90&divids=WNAd41&aucs=%252F43459271%252Floc-desktop%252Fweny%252Fweb%252Fhomepage&auid=543851177
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
77a5d9779dcb0be4bbbcbc8cad48b48785bfaf60ec72b748f099e685dc62184d

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.weny.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.11.0
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
971a78824a18f04ed921e851bf9fc37257aeb92f6720d00d58592477a3d215cb

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 08 Nov 2021 16:02:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.weny.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
hb
brightcombid.marphezis.com/ 		0
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.158.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-158-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
access-control-allow-credentials
true
server
nginx
cygnus
htlb.casalemedia.com/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=615539&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2221bea4c6babb9c4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.weny.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.11.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22226e3161941fecb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22615539%22%2C%22dfp_ad_unit_code%22%3A%22%2F43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%7D
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
346fca23852fd8e4cf6311385df61d0811ebc7296b58cf9f681c3d49b0340fe0

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.193], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.weny.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Mon, 08 Nov 2021 16:02:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.weny.com
date
Mon, 08 Nov 2021 16:02:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aDjwJ2usOr64kqaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b86b5353ce6df4744c48587b90a10bb3f034162630dc1978102a53192ef15b5e

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
996cab7e77b5c0168f238c95a5a4fff6baa5a1dea34a124bf422a0bbcfd9e46b

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.weny.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.weny.com
date
Mon, 08 Nov 2021 16:02:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ea36ec6a3749e392d7389f8fe60fdc399520e595763348f33b366d615dc568a9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:10 GMT
X-Proxy-Origin
168.119.25.193; 168.119.25.193; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
435a96a1-0f7f-43e4-ae19-8506f118503b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
brightcombid.marphezis.com/ 		0
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.158.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-158-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
access-control-allow-credentials
true
server
nginx
imp
g2.gumgum.com/hbid/ 		419 B
960 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=ghvhu2m5&pi=3&maxw=970&maxh=250&si=95325&bf=728x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.weny.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.weny.com%2F&ns=10240&gpid=%2F43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ae22c3d9868bbf00ceda3307084254c28c442f84ae801d868f110d640c3b1195

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.weny.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
arj
frankly-d.openx.net/w/1.0/ 		172 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://frankly-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.weny.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9ccb8ecf-fcf0-4130-9cce-1fbbc353e883&nocache=1636387330783&aus=728x90%2C970x250&divids=WNAd46&aucs=%252F43459271%252Floc-desktop%252Fweny%252Fweb%252Fhomepage&auid=543851177
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
0bbff299697c60a85240567e5742bd4ea192dab3fad581fafe0b82baa58b1a39

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.weny.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
mp.4dex.io/ 		99 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29b7e362e502378263e531c3288ad611209396ee7eb174dab2af8c560d6bb8a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=63072000
cf-ray
6ab006318d844abc-FRA
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
fastlane.json
fastlane.rubiconproject.com/a/api/ 		411 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13140&site_id=359376&zone_id=1935332&size_id=2&alt_size_ids=57&rf=https%3A%2F%2Fwww.weny.com%2F&tg_i.aupname=loc-desktop%2Fweny%2F&tg_i.dfp_ad_unit_code=43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage&tg_i.pbadslot=43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage&tk_flint=dmpbjs_v5.11.0&x_source.tid=9ccb8ecf-fcf0-4130-9cce-1fbbc353e883&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7961782359073475
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b7a79131da789330e85d744b628ba1567ef5b5ac3e7060ea1a29c7e8adaeb179

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
411
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ssc.33across.com/api/v1/ 		66 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aDjwJ2usOr64kqaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
00aa0c3fc4214585f5201118ea35ea458a190f4fefe7a10cbc83a8f46db899dc

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bid
ap.lijit.com/rtb/ 		94 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.11.0
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b2e09393d8785e76020c989bdc4f616826f67007f68c18f0855d656dc950a85a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 08 Nov 2021 16:02:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.weny.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
c
prebid.a-mo.net/a/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.weny.com
x-nbr
1
date
Mon, 08 Nov 2021 16:02:10 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.11.0&referrer=https%3A%2F%2Fwww.weny.com%2F&tmax=1000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.78.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-78-196.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=615539&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2253c61b6e76181b1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.weny.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.11.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2254b7cbe54032002%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22615539%22%2C%22dfp_ad_unit_code%22%3A%22%2F43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22615539%22%2C%22dfp_ad_unit_code%22%3A%22%2F43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%5D%7D
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
54d807790bcbf15abe7d489b4fbd7ad1d0f4147da92b5a66e6b33c109348e42a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.193], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.weny.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Mon, 08 Nov 2021 16:02:10 GMT
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aDjwJ2usOr64kqaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d435fb9000f4dad92adc9c32b6e809c84b482aa719becea6ca59584ea0942087

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bid
ap.lijit.com/rtb/ 		94 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.11.0
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
ee68628bef0217951217a5b5377593ba72cfb8f28d1472dad4c95455efbf79b4

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 08 Nov 2021 16:02:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.weny.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
hb
brightcombid.marphezis.com/ 		0
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.158.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-158-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
access-control-allow-credentials
true
server
nginx
prebid
ib.adnxs.com/ut/v3/ 		139 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f40a6451a08dd61aab22d6009d1e63ab3881c30d2f5a5c59dfab2abe76b3ddb6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:10 GMT
X-Proxy-Origin
168.119.25.193; 168.119.25.193; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
86eeb20d-13af-4f4a-b3d9-ad009af1145a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
mp.4dex.io/ 		99 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
961f9c4e2e5c2e288b8c4235bf33bedea79c8a64dab3eec62641ea1225c56ca8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=63072000
cf-ray
6ab006318d874abc-FRA
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
arj
frankly-d.openx.net/w/1.0/ 		171 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://frankly-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.weny.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e3478240-994f-4b4b-9bc2-148954c48665&nocache=1636387330796&aus=300x250%2C300x600&divids=WNAd43&aucs=%252F43459271%252Floc-desktop%252Fweny%252Fweb%252Fhomepage&auid=543851177
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
0156244dc816695c5084dbc2121497b0e25faf6865a076eb3651b81e236cdaf1

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.weny.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
161
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.weny.com
x-nbr
1
date
Mon, 08 Nov 2021 16:02:10 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ 		412 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13140&site_id=359376&zone_id=1935332&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.weny.com%2F&tg_i.aupname=loc-desktop%2Fweny%2F&tg_i.dfp_ad_unit_code=43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage&tg_i.pbadslot=43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage&tk_flint=dmpbjs_v5.11.0&x_source.tid=e3478240-994f-4b4b-9bc2-148954c48665&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.13543364131744218
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
27b4b9cf416f42ca4b9209a5d0623b52baa6ea70ec20498d694d9749e4af4c7d

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
412
Expires
Wed, 17 Sep 1975 21:32:10 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		213 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
3d219e8fb3092b765558831c629e196128ec3eaca7c8a5a91b57cbab41f08fa9

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.weny.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
213
expires
0
auction
tlx.3lift.com/header/ 		19 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.11.0&referrer=https%3A%2F%2Fwww.weny.com%2F&tmax=1000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.78.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-78-196.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
imp
g2.gumgum.com/hbid/ 		419 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=ghvhu2m5&pi=3&maxw=300&maxh=600&si=95325&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.weny.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.weny.com%2F&ns=10240&gpid=%2F43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a770d5ce267d61a805d904ef2e8c533fb1ac43ed0073104b52a10766aa578b83

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.weny.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.weny.com
date
Mon, 08 Nov 2021 16:02:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		95 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.11.0
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
5de26f41ac2c75ac1f8c75a0f5762de7d195658f862b1765d46370b12b038240

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 08 Nov 2021 16:02:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.weny.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
hb
brightcombid.marphezis.com/ 		0
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.158.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-158-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
access-control-allow-credentials
true
server
nginx
c
prebid.a-mo.net/a/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.weny.com
x-nbr
1
date
Mon, 08 Nov 2021 16:02:10 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
vary
origin, Accept-Encoding
arj
frankly-d.openx.net/w/1.0/ 		172 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://frankly-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.weny.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e2b0e69d-3d71-4246-99d4-dbc2f76c182c&nocache=1636387330807&aus=728x90%2C970x250&divids=WNAd241&aucs=%252F43459271%252Floc-desktop%252Fweny%252Fweb%252Fhomepage&auid=543851177
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
02636e9c4e47c2c6304c2cd3b9f414a7cbfa027bde2f1929a9a414182e98c4a9

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.weny.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aDjwJ2usOr64kqaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
4da50bb36289910e5a4df48dc836e1632292ec61c6359cc2dcd698b214fa6604

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
auction
tlx.3lift.com/header/ 		19 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.11.0&referrer=https%3A%2F%2Fwww.weny.com%2F&tmax=1000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.78.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-78-196.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.weny.com
date
Mon, 08 Nov 2021 16:02:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		411 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13140&site_id=359376&zone_id=1935332&size_id=2&alt_size_ids=57&rf=https%3A%2F%2Fwww.weny.com%2F&tg_i.aupname=loc-desktop%2Fweny%2F&tg_i.dfp_ad_unit_code=43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage&tg_i.pbadslot=43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage&tk_flint=dmpbjs_v5.11.0&x_source.tid=e2b0e69d-3d71-4246-99d4-dbc2f76c182c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7492300634406681
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
37e6d00474be944992a9c72aec25e9724814996afc92d6ae6e7613c815cfe0ea

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
411
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b77bfb088bd0c42654d3475432264c60ba92295a231aff9da21de9c533db3c80
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:10 GMT
X-Proxy-Origin
168.119.25.193; 168.119.25.193; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c9d7b9c7-4e8c-4aa0-ad47-1d9a1397b6b0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/ 		419 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=ghvhu2m5&pi=3&maxw=970&maxh=250&si=95325&bf=728x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.weny.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.weny.com%2F&ns=10240&gpid=%2F43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
692fc0ecd92fdcce906430ffaed1b02125a0dadf731f6ce2dd94af3e9f476c5a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.weny.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
cygnus
htlb.casalemedia.com/ 		26 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=615539&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2210597b2d6e8cbf2c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.weny.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.11.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22106df2b975766fa4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22615539%22%2C%22dfp_ad_unit_code%22%3A%22%2F43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22615539%22%2C%22dfp_ad_unit_code%22%3A%22%2F43459271%2Floc-desktop%2Fweny%2Fweb%2Fhomepage%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%5D%7D
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
06684a944234eaceb2048dff25e395d4dc9f7e400037786113592b9660394953

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.193], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.weny.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
12
expires
Mon, 08 Nov 2021 16:02:10 GMT
prebid
mp.4dex.io/ 		99 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd51b5e73db5ca72f9af9334a9cdd9212e78f0db41f89df6984780b3c325d11
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=63072000
cf-ray
6ab006319db34abc-FRA
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		214 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
effe6bb9a4362af69a57e756a32133305939146e963caf81594abe702db0b058

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:10 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.weny.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
214
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.weny.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.weny.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		463 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3900606530827904&correlator=3490787267437952&output=ldjh&impl=fif&eid=44752541%2C21065725%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=43459271%2Cloc-desktop%2Cweny%2Cweb%2Cweather-current&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=88x31&prev_scp=wnsz%3D124&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.weny.com&cookie_enabled=1&bc=31&abxe=1&lmt=1636387330&dt=1636387330836&dlt=1636387329349&idt=1385&frm=20&biw=1600&bih=1200&oid=2&adxs=1382&adys=47&adks=573697601&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weny.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=88x0&msz=88x0&ga_vid=2103542911.1636387330&ga_sid=1636387331&ga_hid=270671331&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a636e9267aa8f2a3bf247ab5025be0cf59840e9e07b17be6202e49e4cd6584a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
241
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3900606530827904&correlator=2633769507381577&output=ldjh&impl=fif&eid=44752541%2C21065725%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=43459271%2Cloc-desktop%2Cweny%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50&prev_scp=wnsz%3D104&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.weny.com&cookie_enabled=1&bc=31&abxe=1&lmt=1636387330&dt=1636387330842&dlt=1636387329349&idt=1385&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1030025804&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weny.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x40&msz=0x0&ga_vid=2103542911.1636387330&ga_sid=1636387331&ga_hid=270671331&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
38d6fbf0cd3f5d96886a2bcdb1255ac6cd0d98d1fcd5f607c20eb4573b8c333e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11702
x-xss-protection
0
google-lineitem-id
5771554704
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138280657479
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3900606530827904&correlator=2270497457758224&output=ldjh&impl=fif&eid=44752541%2C21065725%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=43459271%2Cloc-desktop%2Cweny%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&prev_scp=wnsz%3D52&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.weny.com&cookie_enabled=1&bc=31&abxe=1&lmt=1636387330&dt=1636387330846&dlt=1636387329349&idt=1385&frm=20&biw=1600&bih=1200&oid=2&adxs=1175&adys=3278&adks=3195374552&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weny.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=330x0&msz=330x0&ga_vid=2103542911.1636387330&ga_sid=1636387331&ga_hid=270671331&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
621e33a669b6b1dc42994a287cedeb0b7c6246a9575829cfaf1ac629a54db89f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11833
x-xss-protection
0
google-lineitem-id
5619635464
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138259660496
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3900606530827904&correlator=3934811843846333&output=ldjh&impl=fif&eid=44752541%2C21065725%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=43459271%2Cloc-desktop%2Cweny%2Cweb%2Cpromotion14&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&prev_scp=wnsz%3D243&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.weny.com&cookie_enabled=1&bc=31&abxe=1&lmt=1636387330&dt=1636387330851&dlt=1636387329349&idt=1385&frm=20&biw=1600&bih=1200&oid=2&adxs=800&adys=3692&adks=3479463519&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weny.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&ga_vid=2103542911.1636387330&ga_sid=1636387331&ga_hid=270671331&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8d6cfd630e590b25e616d161fdc8ba58b63b26d31c5fba7348a8bd4617ce8268
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8378
x-xss-protection
0
google-lineitem-id
5616014345
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339141194
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3757 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 08 Nov 2021 16:02:10 GMT
expires
Tue, 08 Nov 2022 16:02:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
32_sunny_day.png
ngw-static.franklyinc.com/assets/static/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ngw-static.franklyinc.com/assets/static/32_sunny_day.png
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e53d6c11906c3ea9f43148cf428539b30d2e0ed28acd2151d9c5af29d4a80138

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 varnish, 1.1 varnish
age
4630
x-cache
HIT, HIT
content-length
1426
x-amz-id-2
VdPY3TG6t5siA7rXa0olj/gwWrljZ0zlY3ijhmDwGIKlS/5g10yB/JIWlS3flbfH412siQ65EPY=
x-served-by
cache-bwi5171-BWI, cache-fra19129-FRA
last-modified
Tue, 03 Mar 2020 16:10:44 GMT
server
AmazonS3
x-timer
S1636387331.880968,VS0,VE1
etag
"b0ddc9efde9c9681d3e345b951e00c6c"
x-amz-request-id
P9C5GG0XE0TC5WNJ
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/png
x-cache-hits
1, 1
WENYNewsLogo.png
ftpcontent.worldnow.com/professionalservices/clients/weny/images/ 		257 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftpcontent.worldnow.com/professionalservices/clients/weny/images/WENYNewsLogo.png
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6bbdae9d93ad2a575ee79c32ac9210b7f18546a954831b8db1e836197318a8e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
via
1.1 varnish
x-amz-meta-user-agent-id
professionalservices@s-d08b37440bfd4618b
age
0
x-cache
MISS
content-length
263472
x-amz-id-2
jdG1hLlu4mXiMTaC7vv7jxUGqmEZOegO7Y83XODcZW9B9XKvF2fytqD5CV01WIQ4ce7rsVE9RUM=
x-served-by
cache-fra19128-FRA
last-modified
Mon, 28 Oct 2019 19:28:16 GMT
server
AmazonS3
x-timer
S1636387331.890989,VS0,VE577
etag
"383ad343ee30f70fd5e315159e74dcf1"
x-amz-meta-user-agent
AWSTransfer
x-amz-request-id
S2F177WGV75F2FPH
accept-ranges
bytes
content-type
image/png
x-cache-hits
0
21093992_G.png
weny.images.worldnow.com/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weny.images.worldnow.com/images/21093992_G.png
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23f037645d5f8cef7c1edb6e05ee33a1aeb035f5905e677db89e0debce329578

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, HIT
fastly-io-info
ifsz=30072 idim=899x250 ifmt=png ofsz=19908 odim=899x250 ofmt=png
fastly-stats
io=1
content-length
19908
x-amz-id-2
yvPf59C8aNXqbcve9ju2CWKo5SVUONoZDtXjqutZ+uX1KoosBt14GIoWbYjyvq6xNeSJtDUs2i0=
x-served-by
cache-bwi5120-BWI, cache-fra19155-FRA
server
AmazonS3
x-timer
S1636387331.890604,VS0,VE250
etag
"ueYJZQPzGY1LKbaO1yYpec29D4+JLE4AEqzbjy0o4XE"
x-amz-request-id
ZA7DXWHWZBHRVZJ9
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
content-type
image/png
x-cache-hits
3, 1
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 14:54:32 GMT
server
ESF
date
Mon, 08 Nov 2021 16:02:10 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 08 Nov 2021 16:02:10 GMT
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 		2 KB
978 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
256994
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
573
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-882"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xENpaJsGHryiBoyDh%2FFbHPzS6oq9hZ8E%2Fv9eVatIq1Rc1rW9KBdBA5FSwOx50Wk40PPP9sD0%2FwjwCya2q3UWcNSfXS7Ke0VsKmzNlQ5ATK042rErK7pt9X36tF9jmKPNjsl%2FUqjl2qwKKy8bDsI7bJUt"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ab006324f87dfcf-FRA
expires
Sat, 29 Oct 2022 16:02:10 GMT
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer
https://www.weny.com/
Origin
https://www.weny.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:10 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132014
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHbjp3kPl5gJjW0ZbI9C3c93MUsNQZqcK3Bg%2BPuRId73m5uifntNml2kzR%2Baa0VIW%2BdZOx4gIyeusKkgyDL%2BDWfb4e2V2KeWjeb%2BCWrwRoookZyysN7%2BceGqHy4Lu1m3QsSUPSyTj5G8q93kD8qIUdyY5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cf-ray
6ab00632582f4e13-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
-i6qmiU6tEYBHRmeACcXNCFqLLAsBKmiFdg8mOLmfqDPclSNg2bEGA==
view
securepubads.g.doubleclick.net/pcs/ Frame 8643 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK8A4yeyV87p3IX_q4VM2OfTosFOKqcxyF8zIhFu53bLJUDRvZ1y_6BFqW0h5wwF17e1gwbGS1WFgZj4GNT8p8yn8zTmq27ETCryXg-JLYdyiHsU1W5XqmQDE_AV9ghdKI7hBNDTc5JOiqdRWSGthpZ_Ec22VaaKn4FUoHeUFzCRM1Wn2MHWtXMtNuYpwiCHATqFYDSAzl2-bJghkKxRbGy1kj60WTv7OC9_TZMJunn_PQZ5H9xMDt_3hDV6KtP8H0eMHb9uffFmqCZQHaWgKOPPIKB172vSgONPAcymotFYtn87tTOMq6hUMOTfcu5Iy6x_YI_CyohmfRhIk&sai=AMfl-YR8irInsjVUqqyrYzra8uFC7_LoCvmq-rlTbLUVkITxcZ5Cgds09hbA5O3Cgiy6EySIVolowTT1nmetLWKqHvYRwtsKj4Nlj0rdVE_wasauGnTKhv9YJa3pec4hBBw&sig=Cg0ArKJSzBc3YBuR8AZaEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 08 Nov 2021 16:02:10 GMT
dm.js
tag.durationmedia.net/pubs/1000007/ Frame 8643 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.durationmedia.net/pubs/1000007/dm.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9400:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b54d800d0f663fd22d99da381167c78881cdb5d29d3e2017eb03f588c0febc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
4FHewuUUJrhm_sQj5lVcLcqxmz4Bv7k7
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 08:00:23 GMT
server
AmazonS3
age
28
etag
"70be40e80eb6bc897f9ee697e2a06e8c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
public,max-age=900
date
Mon, 08 Nov 2021 16:02:10 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
8001
x-amz-cf-id
2s0gJ4vfYuTpFtlsm9hgD_Jg3fqcWpjsfL_PEY2lgEYVHodk6D1Y5g==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8643 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Nov 2021 16:02:11 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 8643 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4876834796&ord=2700321774&litm=5616014345&scrt=138339141194&splc=/43459271/loc-desktop/weny/web/promotion14&adu=635177911&unit=1x1&btreg=5616014345138339141194&btadsrv=5616014345138339141194&ctx=19955922&cmp=DV451308
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 18:25:49 GMT
Server
Microsoft-IIS/10.0
ETag
"80f4b239e0d0d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3288
586d643d-55b6-4ba2-a548-b9a45fead3b9.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/586d643d-55b6-4ba2-a548-b9a45fead3b9.medium.png
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fe8437cd5a7ada22f5a5991fd0747060211bd514e36f6d41820a68c90c57c633

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:11 GMT
Last-Modified
Sun, 20 Nov 2016 14:00:43 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
AdUghhWaScvgUA0ClW5O/A==
ETag
0x8D4114D9E887B4C
Content-Type
image/png
x-ms-request-id
771331ae-f01e-0076-44b9-d4926a000000
x-ms-version
2009-09-19
Content-Length
35301
O65PhiN5DUmeUKTAfaqUyQ.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/O65PhiN5DUmeUKTAfaqUyQ.medium.jpg
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e711ccacb8db4a890a726ddde24374a88c8d119a035653e8bac55ec0a522cdd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:11 GMT
Last-Modified
Fri, 18 Jun 2021 02:58:27 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
NQfiqnevAsWf0TeMpd91aQ==
ETag
0x8D93204F275CC1A
Content-Type
application/octet-stream
x-ms-request-id
410f9758-401e-0073-08b9-d440b1000000
x-ms-version
2009-09-19
Content-Length
35105
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
_oVojC4mPUi4J3bZY4q7eA.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/_oVojC4mPUi4J3bZY4q7eA.medium.jpg
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
30d3532716df0b69794752134404e43d3d8dcd7df50c93b76d25c42cee237f5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:11 GMT
Last-Modified
Tue, 24 Aug 2021 16:30:03 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
v8s2N/afvqOchUVzF7xAGg==
ETag
0x8D9671C6CD23C4C
Content-Type
application/octet-stream
x-ms-request-id
01f76e27-301e-0034-40b9-d42bea000000
x-ms-version
2009-09-19
Content-Length
24785
_AFSU3VhiU2zdNeL-RnE5g.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/_AFSU3VhiU2zdNeL-RnE5g.medium.jpg
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1ab3514249649f5565a5835cd5f0b60de8de1895ac6ab37101f5f208bb03a33e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:11 GMT
Last-Modified
Sun, 18 Jul 2021 08:31:21 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
CdsSi+GLAqkpJX/j4zWOcQ==
ETag
0x8D949C66C467D43
Content-Type
application/octet-stream
x-ms-request-id
8a56cb38-201e-0028-1bb9-d4798a000000
x-ms-version
2009-09-19
Content-Length
31636
6zvVaDAj2ESCBk3p2_q4Cw.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/6zvVaDAj2ESCBk3p2_q4Cw.medium.jpg
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7533029015f293360e36a1418f4a1f8ebbecedca1609e8f8a72a7e69d0cd71e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:11 GMT
Last-Modified
Fri, 05 Nov 2021 12:22:47 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
kc1W8Mi6oqiM6eUuFy44BA==
ETag
0x8D9A056FA1CE0C9
Content-Type
application/octet-stream
x-ms-request-id
d6773b41-701e-0078-12b9-d4bbda000000
x-ms-version
2009-09-19
Content-Length
80398
7724ff5f-5ea2-42f9-992a-6cae7f742a69.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/7724ff5f-5ea2-42f9-992a-6cae7f742a69.medium.png
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
db9ec9a2487cfea3f9faa6fcc319a7bb5e91a513ab158c22f1727e342aa4538d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:11 GMT
Last-Modified
Sat, 10 May 2014 23:05:35 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
SY9LRg4An8EdTfEXJQlfWA==
ETag
0x8D13ABB7C71B0C5
Content-Type
image/png
x-ms-request-id
76ba6249-001e-003f-31b9-d4d081000000
x-ms-version
2009-09-19
Content-Length
124626
tGDp5gk7K0SzRStwN5aYhw.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/tGDp5gk7K0SzRStwN5aYhw.medium.jpg
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f8922c0ea35774a7bc8131d97ab0635704a57f8e419279bffc18323dddf5998d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:11 GMT
Last-Modified
Mon, 06 Sep 2021 20:16:58 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
5eKnWFFwStESsMr3DnMg6w==
ETag
0x8D971734751812F
Content-Type
application/octet-stream
x-ms-request-id
77133245-f01e-0076-54b9-d4926a000000
x-ms-version
2009-09-19
Content-Length
44438
rtHPjR-4jkKsrsaWMu9F3A.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/rtHPjR-4jkKsrsaWMu9F3A.medium.jpg
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
51e69d38aa29e161b1dda574258e78053efcef62319683a537964a308ce10986

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:12 GMT
Last-Modified
Fri, 15 Oct 2021 21:29:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
5V6e+h+RbekftnHWEKysYg==
ETag
0x8D99022EAEE022A
Content-Type
application/octet-stream
x-ms-request-id
410f97ba-401e-0073-66b9-d440b1000000
x-ms-version
2009-09-19
Content-Length
39739
88a99f4f-ada1-42d5-bb47-309c2b7d7479.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/88a99f4f-ada1-42d5-bb47-309c2b7d7479.medium.JPG
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c0d67e18b2725f39f6643a5b306594db6af52835639b0e44e8cee102c74e50d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:11 GMT
Last-Modified
Sat, 09 Jan 2021 06:07:08 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
NidHWwQQ8WUGrmK1OoIHMw==
ETag
0x8D8B464CBF96217
Content-Type
image/jpeg
x-ms-request-id
01f76e63-301e-0034-76b9-d42bea000000
x-ms-version
2009-09-19
Content-Length
12232
65e01c1c-11a0-4ad6-9e94-4eeddcda3568.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/65e01c1c-11a0-4ad6-9e94-4eeddcda3568.medium.JPG
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cd2e43aa75434602bb6337c44b97a6449eeb1b3707abd0a99c294fa2d323d4c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:11 GMT
Last-Modified
Sat, 09 Jan 2021 06:07:07 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
TbbBNkDEYm6uQYLeN2sVJQ==
ETag
0x8D8B464CB6F9E30
Content-Type
image/jpeg
x-ms-request-id
8a56cb96-201e-0028-76b9-d4798a000000
x-ms-version
2009-09-19
Content-Length
11206
8bd77d4e-6a91-41d0-8be8-21324d18251e.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/8bd77d4e-6a91-41d0-8be8-21324d18251e.medium.JPG
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
67d895c11b5fa3be90a28ff8c2cd540e4bf6fb75889798d63835c1937c65046b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:11 GMT
Last-Modified
Mon, 23 Aug 2021 17:51:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
P6Ma43tCIDsD7Fy1PJC1Cg==
ETag
0x8D9665E989A1E2D
Content-Type
image/jpeg
x-ms-request-id
d6773bf2-701e-0078-32b9-d4bbda000000
x-ms-version
2009-09-19
Content-Length
8400
5115467f-5eb9-462d-bc7b-a08ca9708204.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/5115467f-5eb9-462d-bc7b-a08ca9708204.medium.JPG
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
92e0d304d45e43f08b5b1c0b92420cc29d8e79a4d56bd67a2be344625754c229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:12 GMT
Last-Modified
Thu, 23 Sep 2021 15:14:52 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
OJYlt+FZHmPH9ditavym/A==
ETag
0x8D97EA4E46EDE34
Content-Type
image/jpeg
x-ms-request-id
410f97fc-401e-0073-26b9-d440b1000000
x-ms-version
2009-09-19
Content-Length
12870
67c87cda-ccf7-4147-b919-35b7c39ffd78.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/67c87cda-ccf7-4147-b919-35b7c39ffd78.medium.JPG
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ee79c01cf3e98b75d715ea73295db0072815a45112d68fffd2a803bf7d140ce3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:12 GMT
Last-Modified
Tue, 01 Jun 2021 15:24:45 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
UrEX05QgzdRHImFLLGvL9A==
ETag
0x8D92511631ECA78
Content-Type
image/jpeg
x-ms-request-id
01f76e8b-301e-0034-1bb9-d42bea000000
x-ms-version
2009-09-19
Content-Length
10577
607f2af6-c086-49dc-82f3-0baba78bda84.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/607f2af6-c086-49dc-82f3-0baba78bda84.medium.png
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c041fc2ea8f808d0309f0024d6848892189b6b366dc625bb6a69bb27b200f07d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:11 GMT
Last-Modified
Fri, 02 May 2014 08:43:21 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
QiMAQXH6J09YTfurWJeHpg==
ETag
0x8D133F9B5083C73
Content-Type
image/png
x-ms-request-id
8a56cbc2-201e-0028-1fb9-d4798a000000
x-ms-version
2009-09-19
Content-Length
116237
emN93PrLdUW0Aedko5BScw.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/emN93PrLdUW0Aedko5BScw.medium.jpg
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
38e4480e31f1ee151c5fd75a3892716ab570dd45ef6d4177d54ed66247519c94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:11 GMT
Last-Modified
Mon, 06 Sep 2021 20:16:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
fIHXpdeTIcXlP7810WzSGw==
ETag
0x8D9717344892E21
Content-Type
application/octet-stream
x-ms-request-id
76ba62df-001e-003f-3bb9-d4d081000000
x-ms-version
2009-09-19
Content-Length
65971
68646135-c187-4347-82fb-2e38ce872f78.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/68646135-c187-4347-82fb-2e38ce872f78.medium.png
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ca5a4ca7b6822fac1a6b2b4d11af047d1609b04e5c1fb8fc74b25f518e5d5cac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:12 GMT
Last-Modified
Sat, 10 May 2014 23:30:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
4OLvhznF23NMjPoR6tSPMQ==
ETag
0x8D13ABF02DEDE22
Content-Type
image/png
x-ms-request-id
77133280-f01e-0076-0bb9-d4926a000000
x-ms-version
2009-09-19
Content-Length
88941
43873b2e-d059-49ae-a090-d6bc90c3231f.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/43873b2e-d059-49ae-a090-d6bc90c3231f.medium.JPG
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d7bfb76d58b6b4f80e0c09851bce82baff4700ac09c5731b3c541a62d3a6fae2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:12 GMT
Last-Modified
Sat, 26 Sep 2020 06:32:58 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
rHDy5tWWI+DDrqe9ApzKOg==
ETag
0x8D861E60262D0BE
Content-Type
image/jpeg
x-ms-request-id
d6773c22-701e-0078-5fb9-d4bbda000000
x-ms-version
2009-09-19
Content-Length
6029
03bbfc9b-c38b-48c4-9404-1d998fcbf721.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/03bbfc9b-c38b-48c4-9404-1d998fcbf721.medium.JPG
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
51fbc9acd9aec027b8097e62f49720c325f36735880599297cb71dbaee93fe6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:12 GMT
Last-Modified
Sat, 26 Sep 2020 06:32:57 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
kvcC7Bv5CproIuG6U9KbfA==
ETag
0x8D861E6022D5BC5
Content-Type
image/jpeg
x-ms-request-id
410f982a-401e-0073-51b9-d440b1000000
x-ms-version
2009-09-19
Content-Length
13814
c9315526-eea5-4cdc-b9eb-4ffa8188ea57.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/c9315526-eea5-4cdc-b9eb-4ffa8188ea57.medium.png
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d9b8e0391a6d86a921933e5b0a7a9883c1cefb3cf5b3eea85b49df9836e05944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 08 Nov 2021 16:02:12 GMT
Last-Modified
Fri, 18 Oct 2013 00:14:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
X4e1vVVxI5CHeBqAPMN5MA==
ETag
0x8D099AE376966FD
Content-Type
image/png
x-ms-request-id
01f76ea3-301e-0034-30b9-d42bea000000
x-ms-version
2009-09-19
Content-Length
149490
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.weny.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.weny.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3900606530827904&correlator=2114171715293895&output=ldjh&impl=fif&eid=44752541%2C21065725%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=43459271%2Cnat-external%2Ceviesays%2Cfrankly%2Cweny&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.weny.com%26pubx%3Doff&cookie=ID%3D549a489a20726c7c-221bf6063acb001a%3AT%3D1636387330%3AS%3DALNI_Mbsk0wQbQLtBkNVRdHdloxS30vc8w&bc=31&abxe=1&lmt=1636387331&dt=1636387331071&dlt=1636387329349&idt=1385&frm=20&biw=1600&bih=1200&oid=2&adxs=1190&adys=2529&adks=2193957317&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weny.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H8ZWni_rBGJrdjOncw4QHhNHj-PzT1rchgU0kRZkw_013uH6K5-ZQlhyQtDAbbYOqCwqnMFrWXFZ3hRwJ5TkekAHIctc7qLNu0&ga_vid=2103542911.1636387330&ga_sid=1636387331&ga_hid=270671331&ga_fc=true&fws=4&ohw=300&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9689feb6a54300d45be81c89781074be3ebc1976a15bdd87f8c8dec471922230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8863
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1842655
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx24d8f530058347e593cb7-00616d2a1b
x-amz-id-2
tx24d8f530058347e593cb7-00616d2a1b
last-modified
Mon, 18 Oct 2021 08:01:50 GMT
server
cloudflare
etag
W/"cae476c264f28e37aca638d685ba55b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WispOX89HCoSFaIiziZMSMwJg8SPq7bBfRl7yiPfrzUVqlafuGPtd5%2FcqCwqv9HcEgfWcum1CFS6h%2BSjapv%2Bp4xcnzFgD0pNmQqyRMxwNiPlkXzsko%2BqFeh0qaecwliaETIhJWsDKrFh2rZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1634544110326910
cf-ray
6ab006336a8fc2a4-FRA
access-control-allow-headers
Authorization
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.weny.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:11:57 GMT
x-content-type-options
nosniff
age
586214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 01 Nov 2022 21:11:57 GMT
21659987_G.jpg
images.worldnow.com/ap/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.worldnow.com/ap/images/21659987_G.jpg?auto=webp&disable=upscale&lastEditedDate=1636158397000&width=470
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72f7e439acb37ab82c2c7c6e357936e24445060921f6ee31c84d45a7b18bdd4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, HIT
fastly-io-info
ifsz=45730 idim=512x288 ifmt=jpeg ofsz=19088 odim=470x264 ofmt=webp
fastly-stats
io=1
content-length
19088
x-amz-id-2
PdM7zbh4y33DWft0Av1yXypR4Ak345M+6PChsKazq7/MsYGgxIvLqvMQy/wzSD3AnrQxBwRbXVE=
x-served-by
cache-bwi5172-BWI, cache-fra19128-FRA
server
AmazonS3
x-timer
S1636387331.143637,VS0,VE90
etag
"4rp31g8pduRRM6MsA9ca9QtHjb+CR+Qh/YeEHA4jyho"
x-amz-request-id
PKA0Y0NXH1QWFNND
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1
21659983_G.jpg
weny.images.worldnow.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weny.images.worldnow.com/images/21659983_G.jpg?auto=webp&disable=upscale&lastEditedDate=1636158081000&width=470
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12292ff97b655cc2c4dfd36b751c5eca236ec2fc52967b88913e43b2fd6f8542

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
fastly-io-info
ifsz=109118 idim=1631x914 ifmt=jpeg ofsz=10140 odim=470x263 ofmt=webp
fastly-stats
io=1
content-length
10140
x-amz-id-2
JMoaa1FA6Ewnpr4htO+MDeYH0POrmXzklnlsMSDvK1WqDEhwitSnNGqdBkpgGIP14DMo+fhcQ2g=
x-served-by
cache-bwi5169-BWI, cache-fra19155-FRA
server
AmazonS3
x-timer
S1636387331.133388,VS0,VE89
etag
"xptaazhGnwEm2mai1r0gxG+ZKkx59hSScMUXApnNRdU"
x-amz-request-id
06KQT9MYKRFH56S3
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 0
dm.js
tag.durationmedia.net/sites/10468/ Frame 8643 		109 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.durationmedia.net/sites/10468/dm.js
Requested by
Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/pubs/1000007/dm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9400:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e400db796b3a9c132ab1aa10a407d9d5443143a79d77fbe0b6408db033b07b8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
l2Kx1vSCH1DTGA5eU0b9xhWGB0QbChm7
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 12:30:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"4193fc179105b2b35c8141ea5db4ddb8"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
public,max-age=900
date
Mon, 08 Nov 2021 16:02:12 GMT
accept-ranges
bytes
content-length
30283
x-amz-cf-id
Wu_ABrqnTdKaB2tnRsAhZJgqcOwcIZ8ofe0zG-6AA6aKb8Og8b8kpA==
view
securepubads.g.doubleclick.net/pcs/ Frame 8104 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ48SeshJWFJtyrlWWIuFiaqmTBGFLsS45rqM3TxADIOSiBjXSYasd96cNHSNOnwBvJ0RTngEdD58LHENtW3lZFad-0yNQKrcTVkJlUivJuSdpUH60r0DGy8A9PhFVvnD7pZoSrlPQsHaxWBOs1sdcMWbiDrA3Mp2cq8d9gMPwFjVUlWb2SyLY6RjEti4Uh8ScTd-ndtCs4DcHW6dJRmcw_D5zFSTBuUcoiiWu2NOaqKcJ_zeR4A3cznMK7TNHVZQm3srHyCtEmaEUB8EZnYEmxMMHtAGPefjXzTdHahr4hVZ4nzRuSMWEiRoaqVmPdF7v7gZETnY&sai=AMfl-YSAWCvOgWqFWlhCM02YHaZeYuczOL2l6AtKQREdL2hb_fHhmi8ZxYMvsRFRw90Wifxm5uC7svPh7thxSapsm1nTd7TABtKnBMPhnUxcLQjNrqd_Hft1gzK69iGHLAU&sig=Cg0ArKJSzHv7ufaV0AL4EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 8104 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 15:59:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8104 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Nov 2021 16:02:11 GMT
l
www.google.com/ads/measurement/ Frame 8104 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0Uj9IZrngPhoAbIf0IH5ss_7QSX3Bb392Xws_qVL9x5RWSKFRomWLGKWMzncPlTx7aDWNME6CNPsmK2W4nDJZEjvWHQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
dvtp_src.js
cdn.doubleverify.com/ Frame 8104 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4695479967&ord=2821807413&litm=5619635464&scrt=138259660496&splc=/43459271/loc-desktop/weny/web/homepage&adu=635207671&unit=300x250&btreg=5619635464138259660496&btadsrv=5619635464138259660496&ctx=19955922&cmp=DV451308
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 18:25:49 GMT
Server
Microsoft-IIS/10.0
ETag
"80f4b239e0d0d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3288
14952858516388317053
tpc.googlesyndication.com/simgad/ Frame 8104 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14952858516388317053
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a092550220a1a53c6772f9d2f6869f8633877c48bea9a326cfdb0b0677dfaa70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 23:26:08 GMT
x-content-type-options
nosniff
age
405363
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32149
x-xss-protection
0
last-modified
Mon, 11 Feb 2019 22:10:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Nov 2022 23:26:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2E95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh4imFCPAFOouX_xJaHQL0lFSyWqy7OkyGYT_NL26gJXi2CUiTowl1YfyA1XZRfIr8Po4CvZW3tnG2ASKbh1V6-KHy2IRw1LdwD1vE-f5a_T5otvbRxAGiWLKVHJ7Fhi0z-3dGPgcf1V7YbtOSfKuIr_ga9xxNmrChNqedqV4SySgQo40TUuX7K7XLRlDcxKqqv8hNtMKfmC3eB7en3L6kk8ck4L1W176aBVO8gEpsZ_WzVMxqOuxZW72QVEokc9Dc4HHL4cD0kjnhBQVueCW42am7cWdXDzomzLFpdVFebG7ScS8_sXx5z75dWE_-jVpPjq0-H4d-Duk&sai=AMfl-YSEneyxLaULoZTO3YuAe_Aq5Mq-wxdvTLKJ2kXIGv_MaYsyW82St1tHePp_g_poWTqRdjaD4lL5H24C8SlQYiXyBa9OsEmk7U9z87YSGmFgtw5fq-1i4jeHsRE8E70&sig=Cg0ArKJSzA1u0kHai27GEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2E95 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 15:59:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E95 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Nov 2021 16:02:11 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 2E95 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4774679684&ord=2897731666&litm=5771554704&scrt=138280657479&splc=/43459271/loc-desktop/weny/web/homepage&adu=635207671&unit=320x50&btreg=5771554704138280657479&btadsrv=5771554704138280657479&ctx=19955922&cmp=DV451308
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 18:25:49 GMT
Server
Microsoft-IIS/10.0
ETag
"80f4b239e0d0d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3288
10291382241671373203
tpc.googlesyndication.com/simgad/ Frame 2E95 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10291382241671373203
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d18bca4ae99472809660d479049b4eca233d54d8ce08cb4dfec1f6cb80f1c98c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 19:54:10 GMT
x-content-type-options
nosniff
age
331681
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35028
x-xss-protection
0
last-modified
Fri, 09 Aug 2019 14:13:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 19:54:10 GMT
21273658_G.jpeg
weny.images.worldnow.com/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weny.images.worldnow.com/images/21273658_G.jpeg?auto=webp&disable=upscale&lastEditedDate=1629943904000&width=470
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b9c34a91596d9a7457698a84ff66ca8c93bf09fddb4d925131507b6eff09cf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
fastly-io-info
ifsz=45424 idim=800x533 ifmt=jpeg ofsz=16330 odim=470x313 ofmt=webp
fastly-stats
io=1
content-length
16330
x-amz-id-2
LL6zFAmO2uMNV/303pLc+2ee261be+aF6QSQoPPzpkmAZZ0jpkI6YrXh3G4dhOz7u8DICqevkY0=
x-served-by
cache-bwi5147-BWI, cache-fra19155-FRA
server
AmazonS3
x-timer
S1636387331.286475,VS0,VE90
etag
"Brqv9x+4kzugkP5q1C5tfq7nyor8ebJ/Kdof/DLBnEs"
x-amz-request-id
T2ZMEWDYQQ10JZ8A
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 0
auction
api.pbxai.com/analytics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.pbxai.com/analytics/auction?auctionTimestamp=1636387330804&pubxaiAnalyticsVersion=v1.1.0&prebidVersion=v5.11.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.179.11.203 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-179-11-203.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.weny.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
access-control-allow-headers
Accept,Accept-Language,Content-Language,Content-Type,Authorization,x-correlation-id,Access-Control-Allow-Origin
access-control-expose-headers
x-my-header-out
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.weny.com
apigw-requestid
IfiAjh0zrPEEPcQ=
auction
api.pbxai.com/analytics/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.pbxai.com/analytics/auction?auctionTimestamp=1636387330804&pubxaiAnalyticsVersion=v1.1.0&prebidVersion=v5.11.0
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.179.11.203 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-179-11-203.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/json

Response headers

access-control-allow-origin
https://www.weny.com
date
Mon, 08 Nov 2021 16:02:11 GMT
access-control-allow-headers
Accept,Accept-Language,Content-Language,Content-Type, Authorization,x-correlation-id,Access-Control-Allow-Origin
content-length
0
apigw-requestid
IfiAjjHbrPEEPKw=
access-control-allow-methods
OPTIONS,POST
access-control-expose-headers
x-my-header-out
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3900606530827904&correlator=2364345359168920&output=ldjh&impl=fif&eid=44752541%2C21065725%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=43459271%2Cloc-desktop%2Cweny%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C300x600&prev_scp=wnsz%3D43&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.weny.com%26pubx%3Doff&cookie=ID%3D5d928a9af6ddd3d9-2283d1b939cb0097%3AT%3D1636387330%3AS%3DALNI_MZM_BqrIBNnVBKBh2gLrg7DBZ-qmw&bc=31&abxe=1&lmt=1636387331&dt=1636387331291&dlt=1636387329349&idt=1385&frm=20&biw=1600&bih=1200&oid=2&adxs=1176&adys=1097&adks=2248022975&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weny.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=330x42&msz=328x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-OX4FQgRHsGB9etK8WPJtCf7rwhL3mC22f3bIpJAkl6WGkUN8by9Cy0AJwrVGHcDEBEY4rf_DzKeM2V4_rQpus02EX1K5UX9Q%2CAGkb-H8BetWRHnzUUp-oKnLin3G_2UItwafiobIwaXRDXLKYRRrvOR0BFQca179cmLAvd36dLTvEF01kP3p-KFRsHgERX7ouY_bVmhc%2CAGkb-H8ZWni_rBGJrdjOncw4QHhNHj-PzT1rchgU0kRZkw_013uH6K5-ZQlhyQtDAbbYOqCwqnMFrWXFZ3hRwJ5TkekAHIctc7qLNu0&ga_vid=2103542911.1636387330&ga_sid=1636387331&ga_hid=270671331&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
15bf39cce93fbe540fcb63992bc3c8ea88eb69a20b25b2b0839a9d53c83c3568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11349
x-xss-protection
0
google-lineitem-id
5566085405
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138334297247
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3900606530827904&correlator=2872436789832935&output=ldjh&impl=fif&eid=44752541%2C21065725%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=43459271%2Cloc-desktop%2Cweny%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x250%7C970x90&prev_scp=wnsz%3D46&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.weny.com%26pubx%3Doff&cookie=ID%3D5d928a9af6ddd3d9-2283d1b939cb0097%3AT%3D1636387330%3AS%3DALNI_MZM_BqrIBNnVBKBh2gLrg7DBZ-qmw&bc=31&abxe=1&lmt=1636387331&dt=1636387331297&dlt=1636387329349&idt=1385&frm=20&biw=1600&bih=1200&oid=2&adxs=95&adys=2033&adks=1633161868&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weny.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1050x0&msz=1050x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-OX4FQgRHsGB9etK8WPJtCf7rwhL3mC22f3bIpJAkl6WGkUN8by9Cy0AJwrVGHcDEBEY4rf_DzKeM2V4_rQpus02EX1K5UX9Q%2CAGkb-H8BetWRHnzUUp-oKnLin3G_2UItwafiobIwaXRDXLKYRRrvOR0BFQca179cmLAvd36dLTvEF01kP3p-KFRsHgERX7ouY_bVmhc%2CAGkb-H8ZWni_rBGJrdjOncw4QHhNHj-PzT1rchgU0kRZkw_013uH6K5-ZQlhyQtDAbbYOqCwqnMFrWXFZ3hRwJ5TkekAHIctc7qLNu0&ga_vid=2103542911.1636387330&ga_sid=1636387331&ga_hid=270671331&ga_fc=true&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
33f82d377d3e18654e5448fde37ba7233e8d6d635ebd04f904840fe8e633f8c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11504
x-xss-protection
0
google-lineitem-id
5620166384
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138259626411
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3900606530827904&correlator=1255598156510358&output=ldjh&impl=fif&eid=44752541%2C21065725%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=43459271%2Cloc-desktop%2Cweny%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x250%7C970x90&prev_scp=wnsz%3D241&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.weny.com%26pubx%3Doff&cookie=ID%3D5d928a9af6ddd3d9-2283d1b939cb0097%3AT%3D1636387330%3AS%3DALNI_MZM_BqrIBNnVBKBh2gLrg7DBZ-qmw&bc=31&abxe=1&lmt=1636387331&dt=1636387331302&dlt=1636387329349&idt=1385&frm=20&biw=1600&bih=1200&oid=2&adxs=95&adys=3652&adks=279049777&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weny.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1410x0&msz=1410x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-OX4FQgRHsGB9etK8WPJtCf7rwhL3mC22f3bIpJAkl6WGkUN8by9Cy0AJwrVGHcDEBEY4rf_DzKeM2V4_rQpus02EX1K5UX9Q%2CAGkb-H8BetWRHnzUUp-oKnLin3G_2UItwafiobIwaXRDXLKYRRrvOR0BFQca179cmLAvd36dLTvEF01kP3p-KFRsHgERX7ouY_bVmhc%2CAGkb-H8ZWni_rBGJrdjOncw4QHhNHj-PzT1rchgU0kRZkw_013uH6K5-ZQlhyQtDAbbYOqCwqnMFrWXFZ3hRwJ5TkekAHIctc7qLNu0&ga_vid=2103542911.1636387330&ga_sid=1636387331&ga_hid=270671331&ga_fc=true&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
badd4529bf63efa34241497d3d5239eb25baa6e04c9ce9674061ee1e55721410
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11376
x-xss-protection
0
google-lineitem-id
5566088843
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138334296287
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2E95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrix9U7ORFFsJyVk-hxhTy_W0Q9iaIPHeK2FBBCvRBWxeIjzkMnyaBCSuMoJ-7us8tT62xOpeuFms2xpwtH2SS2S0pT1SYl4LluM_0U7EifaFd3L79PzilrsuhP75pmUipVaGTqqdGfOHHkplWoXJ6j6g8tmaRB_Z7iYADq5LiAAwNzBQdyF9P0HqJ7BIvlgtZZMUM8vAu_EfsEuYDlU89_16wJwNliGrZinATfMaeegQLvkj2A5mWkF06oitLQMfJ5dyN6vCQ_Cgp4tpU8Me5qV-gR6NBtaPcmwSv5dF4qzr9fsPdaIwJWvbgjV4vBWZ8QAnVzGfRqsg50Q&sai=AMfl-YTzkFQ2TCvDCrbCYQEPZW1DzpZBVvwzRsX_XB7mINtETxSP9_PZGrhhOLJqC342cqYDPZJNoyeRhYib00tYDm8S_Np7I1mpkDoPInTi26RnG66tZsUJs3jJiswqcD8&sig=Cg0ArKJSzKXHpOD5nNIvEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 08 Nov 2021 16:02:11 GMT
dv-measurements1800.js
cdn.doubleverify.com/ Frame 84B1 		495 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1800.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Oct 2021 09:46:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fef5397bad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91601
truncated
/ Frame 8643 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
765326925d8c73bf270c519144b0eb36681ac35847caa2ff4adfb139bef6c282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements1800.js
cdn.doubleverify.com/ Frame F8A2 		495 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1800.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Oct 2021 09:46:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fef5397bad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91601
view
securepubads.g.doubleclick.net/pcs/ Frame 8104 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvr3_F1BbNj_VKHyPKBuf4S1wtMgWJ5OWE9ofWZWD2x8WwtahTLndQ2mjFPQMsRhR9Hv4Di-wi6lQbv4rxzqClqtnhvybKsMt9qRQUmwH5C3PfFwouKoP8nZD7v9OHm5ehfsJb7aTFvbKSJ_kWrnf9cx7RJLWjbM1l2WUx1_ulE1_ojdRvBqVBaGGSzXp6EHDIEimIhw7z_7pYRLQsrqSnCBR02ib-xA8Ozfg8I4YKixw5bTZKXTdL0Z7vTxWge-UUfTNMMU0Pdq70t6N7EUnSADNoyUjunT-za7QcLrr3C6EAyhWv_ZxIB_v_oROfL98QxlxtCrlLbUA&sai=AMfl-YTUHTwf9-7xOK0Gw-JpG6u9oxYrXJgJZUQyzaId7toRZvG08bGlSq4G9DkOHCVvKN48qsQkytWPRXVXainVghk3UA9Gm7bKLO709ZoPrzngj6-FmfltiR1lCSCJxa0&sig=Cg0ArKJSzEHxAg6gX-XpEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 08 Nov 2021 16:02:11 GMT
truncated
/ Frame 8104 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
383c959ed28d27628158ba3f92ea44b835c26938249e932f814bc4e3f86ab156

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements1800.js
cdn.doubleverify.com/ Frame D95E 		495 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1800.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Oct 2021 09:46:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fef5397bad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91601
container.html
6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D2F0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 08 Nov 2021 16:02:10 GMT
expires
Tue, 08 Nov 2022 16:02:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3900606530827904&correlator=3082557411639188&output=ldjh&impl=fif&eid=44752541%2C21065725%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=43459271%2Cloc-desktop%2Cweny%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90&prev_scp=wnsz%3D41&eri=1&cust_params=wncid%3D177546%26wnpt%3DNA%26ispartner%3Dtrue%26wndomain%3Dhttps%25253A%252F%252Fwww.weny.com%26pubx%3Doff&cookie=ID%3D549a489a20726c7c%3AT%3D1636387330%3AS%3DALNI_MYfFEzIw73BhFBnp1RBY0CWeSMUDw&bc=31&abxe=1&lmt=1636387331&dt=1636387331428&dlt=1636387329349&idt=1385&frm=20&biw=1600&bih=1200&oid=2&adxs=95&adys=178&adks=4066883272&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.weny.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1410x0&msz=1410x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-OX4FQgRHsGB9etK8WPJtCf7rwhL3mC22f3bIpJAkl6WGkUN8by9Cy0AJwrVGHcDEBEY4rf_DzKeM2V4_rQpus02EX1K5UX9Q%2CAGkb-H8BetWRHnzUUp-oKnLin3G_2UItwafiobIwaXRDXLKYRRrvOR0BFQca179cmLAvd36dLTvEF01kP3p-KFRsHgERX7ouY_bVmhc%2CAGkb-H8ZWni_rBGJrdjOncw4QHhNHj-PzT1rchgU0kRZkw_013uH6K5-ZQlhyQtDAbbYOqCwqnMFrWXFZ3hRwJ5TkekAHIctc7qLNu0&ga_vid=2103542911.1636387330&ga_sid=1636387331&ga_hid=270671331&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
195593dcd29dab456d369118a9bf8321b7bbf8800b62e118d7ac52f233c148e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11323
x-xss-protection
0
google-lineitem-id
5616446599
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339307023
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit.js
tps.doubleverify.com/ Frame 84B1 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=109&ttfrms=26&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETar9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=5&ddur=11&uid=1636387331474302&jsCallback=dvCallback_1636387331474597&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.weny.com%2F&fwc=0&fcl=455&flt=0&fec=1323&fcifrms=5&brh=2&sdf=2&dvp_epl=139&noc=4&ctx=19955922&cmp=DV451308&btreg=5771554704138280657479&btadsrv=5771554704138280657479&adsrv=104&unit=320x50&seltag=1&sadv=4774679684&ord=2897731666&litm=5771554704&scrt=138280657479&splc=/43459271/loc-desktop/weny/web/homepage&adu=635207671&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=32961531.378937863&dvp_tukv=9395913712.44279&dvp_uuid=438782799.4437116&dvp_tuid=1349410029719
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
a958fcdd641e558613fbd1944386b3d3d069d2e3e5a34d775b3ccad94b25269f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/7/2021 4:02:11 PM
visit.js
tps.doubleverify.com/ Frame F8A2 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=129&ttfrms=8&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETar9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=5&ddur=63&uid=1636387331506442&jsCallback=dvCallback_1636387331506337&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.weny.com%2F&fwc=0&fcl=455&flt=0&fec=1323&fcifrms=5&brh=2&sdf=2&dvp_epl=139&noc=4&ctx=19955922&cmp=DV451308&btreg=5616014345138339141194&btadsrv=5616014345138339141194&adsrv=104&unit=1x1&seltag=1&sadv=4876834796&ord=2700321774&litm=5616014345&scrt=138339141194&splc=/43459271/loc-desktop/weny/web/promotion14&adu=635177911&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=77376743106.64816&dvp_tukv=696189342539.612&dvp_uuid=13166540082.697758&dvp_tuid=698751567266
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
9d2a69f40efdab15f64f81ed054f141fe5800f496443085e0f4f50c9ab1de175

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/7/2021 4:02:11 PM
visit.js
tps.doubleverify.com/ Frame D95E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=118&ttfrms=5&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETar9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=5&ddur=9&uid=1636387331521484&jsCallback=dvCallback_1636387331521504&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.weny.com%2F&fwc=0&fcl=455&flt=0&fec=1323&fcifrms=5&brh=2&sdf=2&dvp_epl=139&noc=4&ctx=19955922&cmp=DV451308&btreg=5619635464138259660496&btadsrv=5619635464138259660496&adsrv=104&unit=300x250&seltag=1&sadv=4695479967&ord=2821807413&litm=5619635464&scrt=138259660496&splc=/43459271/loc-desktop/weny/web/homepage&adu=635207671&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=7692917552.484871&dvp_tukv=7263513874.969718&dvp_uuid=79032207625.8609&dvp_tuid=918276038092
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
db51d6742fc5d0d77a8a30bacee625b0168a508e65d2ddaeb8d415bb8ac43f9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/7/2021 4:02:11 PM
scriptloaded
be.durationmedia.net/ Frame 8643 		61 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/scriptloaded?siteId=10468
Requested by
Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10468/dm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.127.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-127-138.compute-1.amazonaws.com
Software
/
Resource Hash
9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection
keep-alive
Content-Type
application/json
Access-Control-Allow-Origin
https://www.weny.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Length
61
X-XSS-Protection
1; mode=block
Expires
0
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.weny.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
view
securepubads.g.doubleclick.net/pcs/ Frame 2984 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxMj_KOeRi-3DqtIi6sNnIsd3zayblxNhlVVy2mzgPsduDcqknI4NpHucs-_zFPJ7Z21r5iwLIFDgUCeSTQ4P6bTUco7OqSM_AHBZhZaf90-56MdnIPlxXjt4mAHkxNHXgvnJ3dJYDyQqAbV2Ts2c978-qGmXrw4vyyvL_Yq0AEixeTBdkyNBxPl1ezGSdefKopqxonR2B77Gf4KfNFjt9UJ-slToxJh50RwBze8cR37IQF50uuaWw4EuDCMUVlyBL7ZKR3HzE6Wc9pzYOi9vBDavlgm_UiEuh8WkHbdhRSKLuugdnxRLLlVcSeAXKFOFyhJO3GvQ&sig=Cg0ArKJSzBrstQtpvGCCEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2984 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 15:59:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2984 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Nov 2021 16:02:11 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 2984 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4468411906&ord=2790220986&litm=5566085405&scrt=138334297247&splc=/43459271/loc-desktop/weny/web/homepage&adu=635207671&unit=300x600&btreg=5566085405138334297247&btadsrv=5566085405138334297247&ctx=19955922&cmp=DV451308
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 18:25:49 GMT
Server
Microsoft-IIS/10.0
ETag
"80f4b239e0d0d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3288
10073263000870426988
tpc.googlesyndication.com/simgad/ Frame 2984 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10073263000870426988
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b52600b282997522a6b47db3501eabbeee9c44830dfd8488328cf688e06d60f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65005
x-xss-protection
0
last-modified
Wed, 16 Dec 2020 15:40:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Nov 2022 16:02:11 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 8643 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLQtWWp4ClUF4jV-HPrxlYYJVURadCFm_Sh6wqCA8cD22Nh-5r193149AV9hbw7Gg-1kYThekbQ8x_yeo-Pa7S2ilbSle6A2nqka72RCOsiiCRbrxzY2bx535nA7m0WZDWTzgZslyYg1hSguGPPGYXBZWRuDXLp_SC7m98JyKNOGYNJRxOzdQ7WjMezW_wjoU9omUpc6T12V2Vu3aZO95QtHvhWqKYLbCcbEPrc_fjOLkma51pkGpsU6h7HzqM-iRWEMc4WpiglEAyKg-LnveFNYdAqfb-lrngpbcC48RE28I3yGHFLbXtJociyLaLJ60DC69hRW__Xfl9C1irdQ&sai=AMfl-YS8nGwm8MzWvN1Kl4EyShgx7lrUxYLho4pbCpAOsDu2j8WTv03vsnQ4XkNOggQdBGezR0AWwap1ZoWaufmtpDwt33Lk7ANiMTBLXi_yXumVOwaLVogwWI1zYSTYHsE&sig=Cg0ArKJSzM8xhNGL3ssqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 08 Nov 2021 16:02:11 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.weny.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
view
securepubads.g.doubleclick.net/pcs/ Frame 44C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZzXBt7n2hBtfnK7oPFuV0-BPh9O6bMqeVs5hvaq7DDron5H7wlTk25Ay7cvpYpRi8r12qzQ2avLzEEFylzFUWfaGU0iiql9Whl_fJ_aw1lu6oqxTpjqACK0kYQ21WIXTWyJeljia-D2sAYy_NVOTnf1s9-6zf9rxgzYbNYHeD5x0ZfvPY3WaBHQh047_sw_mo6xqZiuDipIJsDkDv6wHm2vUA7cwYytIMcwUiw32WnAY4ZCfTjyzcg87AaDR1MGwB9nuAU8p4JLeeFaLxuSu-o8NST2W_DDP2PhEl9tffKoq_Zy5UoKrPU6h03LftZvbTHoboWM-bk0I&sig=Cg0ArKJSzALrYU9Ew5qKEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 44C1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 15:59:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 44C1 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Nov 2021 16:02:11 GMT
l
www.google.com/ads/measurement/ Frame 44C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTC0bu301oNtXl5J5RmuFp7KVINA0Z3f0x71HeIB2j_1XEA-ewnPTjt2ZY8hcQVSzXHyVSB9AZFSAwpbIS-SQuPCH2xOA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
dvtp_src.js
cdn.doubleverify.com/ Frame 44C1 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4695479967&ord=2821807413&litm=5620166384&scrt=138259626411&splc=/43459271/loc-desktop/weny/web/homepage&adu=635207671&unit=728x90&btreg=5620166384138259626411&btadsrv=5620166384138259626411&ctx=19955922&cmp=DV451308
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 18:25:49 GMT
Server
Microsoft-IIS/10.0
ETag
"80f4b239e0d0d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3288
8632724867514840994
tpc.googlesyndication.com/simgad/ Frame 44C1 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8632724867514840994
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbfd18f254b09e17e9bfaf7cc91e7865df57351d8b9ac2162918e1f70a2dd4ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 04:31:33 GMT
x-content-type-options
nosniff
age
127838
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31842
x-xss-protection
0
last-modified
Mon, 11 Feb 2019 22:11:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 07 Nov 2022 04:31:33 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 2984 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqJKHSZT8Qal0NB7lzrxxFPxt209rb51VqC2r5fjvG3T9WTM-0vAMYQU9MaB_vhnWDkCbBVkaImWv2cTZAFnTzP2pfs2OPwWLK87S0uafb_4C4IZTU5b3pkExamL0ngVsOFQ0AVzaOPdko6I14zKlaFQd3wsPh_I1-63gqhG5o7ZMml-SfUmi2A4OEIQd8jbg1iMgHYNgn3_ONs-dnNWv9DJKuYiBzBoizaP-nNCRvXAn5X7WRYXVzB7_71AKpXYsNr7CALz574UxwP-raNX2HPJXcyT7pfbtCiSaXyNubCEcCAbjUna-mLsOIszy1v9v12IllaIfVxQ&sig=Cg0ArKJSzKGl_XjFIgSPEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 08 Nov 2021 16:02:11 GMT
truncated
/ Frame 2984 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a68c9e79fb6737ad320e14b7fc9b91dad1756520aaf308f0000ce217404fac97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements1800.js
cdn.doubleverify.com/ Frame 1FDB 		495 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1800.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Oct 2021 09:46:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fef5397bad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91601
view
securepubads.g.doubleclick.net/pcs/ Frame 6139 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBs3-HfiDYFFMzcM7IJY4wWjA2FbSOLRTMPTYiY8Eiih7Tl_tgq3kf9dBEWi3lkvMcbswQrB2ZmKQ6iXGiutkxpgy7LfgAz8FfZa9Gz7po3mdDpzqHGEjBWe4Ny8ldDuhNXQgS8-VZnGLgJlyXeXnkzm5YcLgV7jpfwEYpHtnIuNZ7G1i8JeezcIud_jocYdLY6pj1nZhpyCaYcvVb2Cy1ko2qzD37E4DMskR15ZchJDhdajeoH3OcrUMmYCL-FWde7zl2EcLx-J97EEnO8xNsNw-a6WOsB4TQ2AqMvWes4YpuPf5hwKhPJXaULXuI70-IbILiSGWL7ZA&sig=Cg0ArKJSzDmDm9rHm9xKEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 6139 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 15:59:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6139 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Nov 2021 16:02:11 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 6139 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4468411906&ord=2790220986&litm=5566088843&scrt=138334296287&splc=/43459271/loc-desktop/weny/web/homepage&adu=635207671&unit=970x90&btreg=5566088843138334296287&btadsrv=5566088843138334296287&ctx=19955922&cmp=DV451308
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 18:25:49 GMT
Server
Microsoft-IIS/10.0
ETag
"80f4b239e0d0d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3288
17024216592035793219
tpc.googlesyndication.com/simgad/ Frame 6139 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17024216592035793219
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bda8d5e1a1ca09e5045460a49a887a46218c71471a6663149a6bce2c0ecf60e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 04:47:56 GMT
x-content-type-options
nosniff
age
299655
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48687
x-xss-protection
0
last-modified
Wed, 16 Dec 2020 15:37:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Nov 2022 04:47:56 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 44C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_f5IEVlM5S-rHCXUxnOTQq3Kucl9t0u8rBEKDVXcrwftKW1htVa5N1RzAc9n77_v-LqerNTZF41YXcXa0G4Z482O2kYrPuEzwQEQCYAqxVnm93QIfgKvIyJvLSawvOWIyBwOglqHr1GAtDmEHjMNtTtn7BEBkGN1q_J1u0cpjEoGNf53TDnbK9UQVvv-ms7_6SHQiuq9OnCtfnmyiaRchQm9E04XF4BkSJOXR9vdLZ4awGCi2VlaQPR71rU2tM8y3G2kGmZIkBqhmASy5f0aiYajDH1i3NwPryBKpo6nFzYD7L8zcB3jSm9-3W7KAY8vNDWgBwZpPJ0u3Ow&sig=Cg0ArKJSzJySLQtVCDCiEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 08 Nov 2021 16:02:11 GMT
truncated
/ Frame 44C1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ce8a5d3084a40f33f4a5b37f775584b97105aca32d0e11378ef5d742b5d2f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements1800.js
cdn.doubleverify.com/ Frame 1F72 		495 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1800.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Oct 2021 09:46:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fef5397bad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91601
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.weny.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
pixel
googleads.g.doubleclick.net/xbbe/ Frame 62CE 		624 B
838 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARir_oG5ATAB&v=APEucNXb4jUN1wBmAQHvHZRxH722pOuRAHtwO-2HwZ9Gk7s9cManK-FPFjDeRiIWbRaXQ8EoD2TXYbJmPYpmkVo0HsmUOX0765FV-f0uUNp9a2TrRnO7vbBNKizbqAftIvqw_hePCGcJ3kgs9T5H4TOs70L-Pijs2Zt1SUjlXMlGEZ17PRa9L4M
Requested by
Host: 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
URL: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 08 Nov 2021 16:02:11 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 08 Nov 2021 16:02:11 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D2F0 		74 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_dHDqTv995ZI-tuCFpccYqrARgDenBR40gBoWuztUHWXKWivK23trjGeijWSOjqCZegRa3HwnvUx-u9SdqY1MV1X0LClTw1r4ITWLSd-00MyoZ4S90_XIUGOS0nadwJYJx_7jSTslT2STIP950zV-RNCBqg&dbm_d=AKAmf-By6bRX5vNRSN2GgwwVvy2rR7ktdg0VaO15lf4DA9e03xXKHXtZ2BFbyexgbtYEtMenbM7uqwCCizR0ZdbGjz1cnzPELfWr3bhUxUo5EtFDrs6r1pc_8WFqB8KpVhgiY0wVdsdAsLRdMT958JPwG2sShie2M2SV9XS1-qp8_EeNgyb06r547JTiMJR5wir8MPn7O8Qoych2mw6tAERODZqGidBvUsbnoIzY4D2hjJzqf1CxGyhEwU5-VAq-3FRHjfvbqaGZVKqls8TEHEvrVN0zBbWklaBGO-jVpKBEElmvFrQg6Bbxv8OHFEDxRtcsn1Cipwn1Cluz-zIbTDjx4EAEUuuzaPByo71zanYFW2U-ZU39f8CslsxHTGJVwdBxEa9sIVADwpp0Tr6ENYP6gQqQeAW7VB1iiMkY06A1IRnE3aW4uA8nFGFAvBpL8Rdbv3agtqxNpdD-EKneGjcuFiR-lO7RbjjXyMvYhg10k70_8qvPBSId6vMrgrOv5rSeLQ9foFBbj_bveSGRAl6Wd1rI21r8_8xSeTw37e_uYhE5uui1RZnmEFFxuCjAL1qiAVDzoH_GvKjRltf8IgJMlg9Ec9y8vshLmk1p3MzcmcvZ91cpemxBWh9nVrsQWtsveSYD10xH6Qpu59wstqGWNwin1XG7NYpsJMPyt6J-ydY4Z_k6hW8syeU0wZ3Eh47mxB_9gXQ-byYkLg_D9WDH1DHtrhorj4puXJdLA-WpMWABALz1CJwkTqJugj4vK-XPaOsDO6HHasS5VuAhWvqlqod8Ewz0CLjBoME1pqeFtDJ4q_78ZsLG9nlridYlD6aoVeknPqQVKYcOsPLjVZ-vQ_yPmph92aQvhjRbf8SRJiOPk81OimpzP3k0tfB34kQeNHlCNSkijAAc3voNrw84cMDgi1UWp9Tcq-T8FL0iq1qKUb31Dhs86Wd1X3uKErV1SNpcnD_qdVCxdzPlcRzUrZcmGiBwmf9iYzQHszQbhra-Qd21t5c9nYEU-7gAfwqN_pLB-AJew4SONfeQrxbglqCs7cSegcrFhXwfaAhyaK6vdIeYH1zYNNnugdHk3z0r8FJCHgjvaTUsvW8pm4M397qxEOBnhxBIrB1QdMGiVBh2pNFtHLssqmx0ERq8SOPBFaVT6BUl0jf9GShTIUqNDQdgVB7lneD8sYyK5gVwGTxQQG08960Qy-eRXW7JTNWdPQH_RkxBAHNuAGrdszEk1YkMf5cRkS8NA_c1C1AlPvgEzNMnchJYNtBqTuKylE8xKzCRhz2nVmJWZjlr_WNtZoktuJcB1MplaFvkCtKKUVFk64ZHyl7Mw6pSa3ZG2RBQoy4KqOYx8NTswM8TVYw4vUmtVJZav_iUhJxI55hL7K9-RGKuvEUaCKiveRXrAyjydtfaZqeCKBsZQraRoqbl8wkbd8jSfMQurcvQz1HrTxRw9ysvYMHkgjNLi8KiZdlSY52ETCXP1qmknZPz9K22fUIw6xPxEpr74nBsi1AXjDyHDd1nUMVQMRCjNLhGJz-1IqwqfhGhlVO0mPRv5HZa7ZUNkD3WM0TA0gtmm6TJ8iuGWVbHu5c85GF4u-Ibx7OfW-KORF_0akCW5w_kzbzo464Tzv7IEM19GYf5gDqkI7SCTEu1GS96Ol1JfDxiKA_urDefCx49tJMvSWcnJ14msrhIYfrGB6R-BtYrM12Y6Ax4riS01KemmnxKtEGfDW79UwN3fCcsmuDsML3Pvewu3ZIbmgw2uv4bcz11jRML90XB02_0zRec556nrMFWceVLny58C98AEZ1biMNCaECIitQ1CFuH_M8HNHc8329Ks4wqOyAZ3IIZfUz55Y_g8LR_rKT6E8C7KPQ8RL82QPOXvQ-rhCdfAbNyYCUCrrSS_kTwEWFNr6Ai9JRd_FA6AoxDVH7m4wfc8TshGaoWeon7yS7to1KI54-pxDFxHwYgJfpuwI9PteK2qL-vJFreHykDHC8XdBW3GAx9w5mbYVBakOcMiUPSllO9vqjvl4rd1kcZqjMOtKTj6iG8WoqjkenN9rEDnxJnLdU0rFDNLPfzzJkN3U8u2zixOX9JPtDmFnARkbcqu4eC55ZeZRvrEMg2XG5S65pUkel7cL6gGg9hDLEig231zHMC9ZPsv8UaWzQS0PnLPWX6NDuOIb6nwcyISb_IJocQ1gohPQja2d9gw6I_p8oUzx7Q12kWO7QTodACTbxbEesnjaK_kbDDvJ3Lm3RR77T9gLkz2fUnQajmDziAzPlkpHok32SmjaTn3hi2NO_sE4TeJ8HrDuMw3pKOC8sI-cyhVfe18fJrjUypCD8t1EolCINRUi6-qsZ-NJVCYG_AZwZ9H4S3fGjvwrxG9RtwFbqJtcaI-3j1ZzHWZdllD9owGjVgorJP-PhwMBtbnOsVSzVoAYDS8MTxJ_pIVa-8VHUfSA0VjZf2VIDaRZ8HIjQc2jNU7iQ_9YZ39CoGIhOSqqVrAKQir0LpFGf5rcjsPgTueoP1QYf3-ln6-W254FCzp2bniDUK_xh0HWYK8jyoMkWlzyLPYDjGHbgtEV1kl__4ZRjZMyrcq8O32Z37hHh8MMh44f_PrQxxmu0-T-It478lThvzP4EqR1iU3cgaxZFVf3oDBAdIZgcW6qSkVLFRraHuZItfnNBDv3dgw3Xyfoq01LkrBjZTwHnuzTh4YE_nMuYuw1KXpusNJm5oooE6btBJvBoL9iim1QVuP6PSqzNwGg-OsTdaGDyv-LgxsKV7XysepuFcebLyuXmlOEVo02cyp_IW87WyHpjvDPEAPgS4rYoJ4-3gM5StIJfZbvbZVz-uGun4C9I3eSfRkDQigWeTGkZhpR944DYPazDhIZaixBVttseSFXXob3CwexZQWx5KxJOv7F56vi5qrABhFl18lDyuyrKeHwcdLQtkqLwpnlyqgb9Fc8TXO000wO9vVMEu1ImDEu0R6vLTwmrmTCS46HFLCubP9d9tEFIANEU&cid=CAASEuRoP5sT0hLx5nm32p5ZeYzxmA&rfl=1%2Chttps%253A%252F%252Fwww.weny.com%252F%240
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec063e5ca96e225b041ee3b86390b3a467844870a6b88ac2158e9f4e431ae2de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29946
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D2F0 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcN7NY_faAJ4cFZUow81s1zSlOdDGevwkdalT7SeqzXL5cADefpqxsXXKLGGNUri2ybpSPzBTmbS0xdrOohh-crEgjjBeg1Qa3aMEudnJvVEbuvno
Requested by
Host: 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
URL: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame D2F0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
URL: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 15:59:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D2F0 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
URL: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Nov 2021 16:02:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame D2F0 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
URL: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 16:01:15 GMT
l
www.google.com/ads/measurement/ Frame D2F0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3k5dMMi7GwBv61vAo_KFB-nFjZ_A6C8g26mWaY_3Yb8XjXs3MNT1NESaUmcLaRGsu2Uz2ZIKt8_PcZc48NuN8UWjKgg
Requested by
Host: 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
URL: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 6139 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv98j0zXkIhyRehwIOijl82aiI0ORuk2-nof2Y5LQvyzknNgvZUil3pkUoXxQWUKxKoDNGvgyItDhoN4Iyy-m68vwbaQo_c0Y50vIySMEWq-oMYgkfnKpLBAy2s4ju2cPIBCfEJVqSCu7P9cy9lehUMWyyiicvxaWQfII_2XIHkse_nXfswxjMYTVUidytlqzkMbjzOSpTa4CeVh_xv-_htRqI_kkwJ707mpCOUwZ7lG0wCJAYhnC0B3pAVl4qKsZs5ExWqchkcuOPVclYDgM0VT2Csizh1yNTglfRgqzc3uCubqYKsIPDAMztDCAfVgfFwLj0TbpUROmBhTQ&sig=Cg0ArKJSzDFyJ-QOC6BoEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 08 Nov 2021 16:02:11 GMT
truncated
/ Frame 6139 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
944f0ba7b222bed6cadc64c13291aed22a6beee3d65e0a0026845f202b4b97ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements1800.js
cdn.doubleverify.com/ Frame EF8A 		495 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1800.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Oct 2021 09:46:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fef5397bad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91601
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.weny.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
view
securepubads.g.doubleclick.net/pcs/ Frame EAE9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGbPbpV3SZIw6GBh2yEeO3oiBt9BOtyJVz3vlgv67k1aoKAKZ1rV9sAnjtvgId9aarxfOpV6cupdVnyj0yv-dGIAncsdUjiowdGiyf7lRx3xv017qZMAU-KAJ7a0Ah6f3Aun-DWXwZvjmiy3ppArAc37IP3YeDAHwMB3ob8MbOhM10RHfXXak7MFLucMoeWMYkIRhwYc8ERgSEXG_32GbTnANWgPg-wCNP4EQXKd8ZI5q-kzX8gx4nEo757w0Kmfx_vis9S7FVapfMDX0-JhH2khxHw3VzdnIsYV9rT3mZZG-jgo1dd4Hj5wbY3Zw-eAd1iCQCYY8bDXA&sig=Cg0ArKJSzMz12w5z8-ZjEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame EAE9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 15:59:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EAE9 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37686
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635939303405469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Nov 2021 16:02:11 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame EAE9 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&sadv=4987351875&ord=2819546807&litm=5616446599&scrt=138339307023&splc=/43459271/loc-desktop/weny/web/homepage&adu=635207671&unit=728x90&btreg=5616446599138339307023&btadsrv=5616446599138339307023&ctx=19955922&cmp=DV451308
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 18:25:49 GMT
Server
Microsoft-IIS/10.0
ETag
"80f4b239e0d0d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3288
14785091026443883451
tpc.googlesyndication.com/simgad/ Frame EAE9 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14785091026443883451
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e02d98eb024d24f30d4c26f187cdfc0a1c7b683a505a86843449db27c1f56cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 12:51:05 GMT
x-content-type-options
nosniff
age
357066
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62938
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 15:36:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 12:51:05 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.26.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-26-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
visit.js
tps.doubleverify.com/ Frame 1FDB 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=175&ttfrms=9&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETar9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=5&ddur=8&uid=1636387331810837&jsCallback=dvCallback_1636387331810178&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.weny.com%2F&fwc=0&fcl=455&flt=0&fec=1327&fcifrms=9&brh=2&sdf=2&dvp_epl=139&noc=4&ctx=19955922&cmp=DV451308&btreg=5566085405138334297247&btadsrv=5566085405138334297247&adsrv=104&unit=300x600&seltag=1&sadv=4468411906&ord=2790220986&litm=5566085405&scrt=138334297247&splc=/43459271/loc-desktop/weny/web/homepage&adu=635207671&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=48013831.31482428&dvp_tukv=21657264.447871324&dvp_uuid=17586537041.378544&dvp_tuid=597860689144
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
896cbcbcf79bea83a451e3da795a8cae4d9a58edcb96d01baee3f89ac7368b2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/7/2021 4:02:11 PM
visit.js
tps.doubleverify.com/ Frame 1F72 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=151&ttfrms=6&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETar9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=4&ddur=10&uid=1636387331833112&jsCallback=dvCallback_1636387331833169&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.weny.com%2F&fwc=0&fcl=455&flt=0&fec=1327&fcifrms=9&brh=2&sdf=2&dvp_epl=139&noc=4&ctx=19955922&cmp=DV451308&btreg=5620166384138259626411&btadsrv=5620166384138259626411&adsrv=104&unit=728x90&seltag=1&sadv=4695479967&ord=2821807413&litm=5620166384&scrt=138259626411&splc=/43459271/loc-desktop/weny/web/homepage&adu=635207671&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=360717929050.29895&dvp_tukv=20390418406.45499&dvp_uuid=38503525693.13616&dvp_tuid=638115021885
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
3f9d16f4fb058ac8a47e7d326be54297ac468657cc7c9852c4adbfad1053693b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/7/2021 4:02:11 PM
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame D2F0 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/
Origin
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 05:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37810
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 05:32:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame D2F0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_dHDqTv995ZI-tuCFpccYqrARgDenBR40gBoWuztUHWXKWivK23trjGeijWSOjqCZegRa3HwnvUx-u9SdqY1MV1X0LClTw1r4ITWLSd-00MyoZ4S90_XIUGOS0nadwJYJx_7jSTslT2STIP950zV-RNCBqg&dbm_d=AKAmf-By6bRX5vNRSN2GgwwVvy2rR7ktdg0VaO15lf4DA9e03xXKHXtZ2BFbyexgbtYEtMenbM7uqwCCizR0ZdbGjz1cnzPELfWr3bhUxUo5EtFDrs6r1pc_8WFqB8KpVhgiY0wVdsdAsLRdMT958JPwG2sShie2M2SV9XS1-qp8_EeNgyb06r547JTiMJR5wir8MPn7O8Qoych2mw6tAERODZqGidBvUsbnoIzY4D2hjJzqf1CxGyhEwU5-VAq-3FRHjfvbqaGZVKqls8TEHEvrVN0zBbWklaBGO-jVpKBEElmvFrQg6Bbxv8OHFEDxRtcsn1Cipwn1Cluz-zIbTDjx4EAEUuuzaPByo71zanYFW2U-ZU39f8CslsxHTGJVwdBxEa9sIVADwpp0Tr6ENYP6gQqQeAW7VB1iiMkY06A1IRnE3aW4uA8nFGFAvBpL8Rdbv3agtqxNpdD-EKneGjcuFiR-lO7RbjjXyMvYhg10k70_8qvPBSId6vMrgrOv5rSeLQ9foFBbj_bveSGRAl6Wd1rI21r8_8xSeTw37e_uYhE5uui1RZnmEFFxuCjAL1qiAVDzoH_GvKjRltf8IgJMlg9Ec9y8vshLmk1p3MzcmcvZ91cpemxBWh9nVrsQWtsveSYD10xH6Qpu59wstqGWNwin1XG7NYpsJMPyt6J-ydY4Z_k6hW8syeU0wZ3Eh47mxB_9gXQ-byYkLg_D9WDH1DHtrhorj4puXJdLA-WpMWABALz1CJwkTqJugj4vK-XPaOsDO6HHasS5VuAhWvqlqod8Ewz0CLjBoME1pqeFtDJ4q_78ZsLG9nlridYlD6aoVeknPqQVKYcOsPLjVZ-vQ_yPmph92aQvhjRbf8SRJiOPk81OimpzP3k0tfB34kQeNHlCNSkijAAc3voNrw84cMDgi1UWp9Tcq-T8FL0iq1qKUb31Dhs86Wd1X3uKErV1SNpcnD_qdVCxdzPlcRzUrZcmGiBwmf9iYzQHszQbhra-Qd21t5c9nYEU-7gAfwqN_pLB-AJew4SONfeQrxbglqCs7cSegcrFhXwfaAhyaK6vdIeYH1zYNNnugdHk3z0r8FJCHgjvaTUsvW8pm4M397qxEOBnhxBIrB1QdMGiVBh2pNFtHLssqmx0ERq8SOPBFaVT6BUl0jf9GShTIUqNDQdgVB7lneD8sYyK5gVwGTxQQG08960Qy-eRXW7JTNWdPQH_RkxBAHNuAGrdszEk1YkMf5cRkS8NA_c1C1AlPvgEzNMnchJYNtBqTuKylE8xKzCRhz2nVmJWZjlr_WNtZoktuJcB1MplaFvkCtKKUVFk64ZHyl7Mw6pSa3ZG2RBQoy4KqOYx8NTswM8TVYw4vUmtVJZav_iUhJxI55hL7K9-RGKuvEUaCKiveRXrAyjydtfaZqeCKBsZQraRoqbl8wkbd8jSfMQurcvQz1HrTxRw9ysvYMHkgjNLi8KiZdlSY52ETCXP1qmknZPz9K22fUIw6xPxEpr74nBsi1AXjDyHDd1nUMVQMRCjNLhGJz-1IqwqfhGhlVO0mPRv5HZa7ZUNkD3WM0TA0gtmm6TJ8iuGWVbHu5c85GF4u-Ibx7OfW-KORF_0akCW5w_kzbzo464Tzv7IEM19GYf5gDqkI7SCTEu1GS96Ol1JfDxiKA_urDefCx49tJMvSWcnJ14msrhIYfrGB6R-BtYrM12Y6Ax4riS01KemmnxKtEGfDW79UwN3fCcsmuDsML3Pvewu3ZIbmgw2uv4bcz11jRML90XB02_0zRec556nrMFWceVLny58C98AEZ1biMNCaECIitQ1CFuH_M8HNHc8329Ks4wqOyAZ3IIZfUz55Y_g8LR_rKT6E8C7KPQ8RL82QPOXvQ-rhCdfAbNyYCUCrrSS_kTwEWFNr6Ai9JRd_FA6AoxDVH7m4wfc8TshGaoWeon7yS7to1KI54-pxDFxHwYgJfpuwI9PteK2qL-vJFreHykDHC8XdBW3GAx9w5mbYVBakOcMiUPSllO9vqjvl4rd1kcZqjMOtKTj6iG8WoqjkenN9rEDnxJnLdU0rFDNLPfzzJkN3U8u2zixOX9JPtDmFnARkbcqu4eC55ZeZRvrEMg2XG5S65pUkel7cL6gGg9hDLEig231zHMC9ZPsv8UaWzQS0PnLPWX6NDuOIb6nwcyISb_IJocQ1gohPQja2d9gw6I_p8oUzx7Q12kWO7QTodACTbxbEesnjaK_kbDDvJ3Lm3RR77T9gLkz2fUnQajmDziAzPlkpHok32SmjaTn3hi2NO_sE4TeJ8HrDuMw3pKOC8sI-cyhVfe18fJrjUypCD8t1EolCINRUi6-qsZ-NJVCYG_AZwZ9H4S3fGjvwrxG9RtwFbqJtcaI-3j1ZzHWZdllD9owGjVgorJP-PhwMBtbnOsVSzVoAYDS8MTxJ_pIVa-8VHUfSA0VjZf2VIDaRZ8HIjQc2jNU7iQ_9YZ39CoGIhOSqqVrAKQir0LpFGf5rcjsPgTueoP1QYf3-ln6-W254FCzp2bniDUK_xh0HWYK8jyoMkWlzyLPYDjGHbgtEV1kl__4ZRjZMyrcq8O32Z37hHh8MMh44f_PrQxxmu0-T-It478lThvzP4EqR1iU3cgaxZFVf3oDBAdIZgcW6qSkVLFRraHuZItfnNBDv3dgw3Xyfoq01LkrBjZTwHnuzTh4YE_nMuYuw1KXpusNJm5oooE6btBJvBoL9iim1QVuP6PSqzNwGg-OsTdaGDyv-LgxsKV7XysepuFcebLyuXmlOEVo02cyp_IW87WyHpjvDPEAPgS4rYoJ4-3gM5StIJfZbvbZVz-uGun4C9I3eSfRkDQigWeTGkZhpR944DYPazDhIZaixBVttseSFXXob3CwexZQWx5KxJOv7F56vi5qrABhFl18lDyuyrKeHwcdLQtkqLwpnlyqgb9Fc8TXO000wO9vVMEu1ImDEu0R6vLTwmrmTCS46HFLCubP9d9tEFIANEU&cid=CAASEuRoP5sT0hLx5nm32p5ZeYzxmA&rfl=1%2Chttps%253A%252F%252Fwww.weny.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 16:00:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame D2F0 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_dHDqTv995ZI-tuCFpccYqrARgDenBR40gBoWuztUHWXKWivK23trjGeijWSOjqCZegRa3HwnvUx-u9SdqY1MV1X0LClTw1r4ITWLSd-00MyoZ4S90_XIUGOS0nadwJYJx_7jSTslT2STIP950zV-RNCBqg&dbm_d=AKAmf-By6bRX5vNRSN2GgwwVvy2rR7ktdg0VaO15lf4DA9e03xXKHXtZ2BFbyexgbtYEtMenbM7uqwCCizR0ZdbGjz1cnzPELfWr3bhUxUo5EtFDrs6r1pc_8WFqB8KpVhgiY0wVdsdAsLRdMT958JPwG2sShie2M2SV9XS1-qp8_EeNgyb06r547JTiMJR5wir8MPn7O8Qoych2mw6tAERODZqGidBvUsbnoIzY4D2hjJzqf1CxGyhEwU5-VAq-3FRHjfvbqaGZVKqls8TEHEvrVN0zBbWklaBGO-jVpKBEElmvFrQg6Bbxv8OHFEDxRtcsn1Cipwn1Cluz-zIbTDjx4EAEUuuzaPByo71zanYFW2U-ZU39f8CslsxHTGJVwdBxEa9sIVADwpp0Tr6ENYP6gQqQeAW7VB1iiMkY06A1IRnE3aW4uA8nFGFAvBpL8Rdbv3agtqxNpdD-EKneGjcuFiR-lO7RbjjXyMvYhg10k70_8qvPBSId6vMrgrOv5rSeLQ9foFBbj_bveSGRAl6Wd1rI21r8_8xSeTw37e_uYhE5uui1RZnmEFFxuCjAL1qiAVDzoH_GvKjRltf8IgJMlg9Ec9y8vshLmk1p3MzcmcvZ91cpemxBWh9nVrsQWtsveSYD10xH6Qpu59wstqGWNwin1XG7NYpsJMPyt6J-ydY4Z_k6hW8syeU0wZ3Eh47mxB_9gXQ-byYkLg_D9WDH1DHtrhorj4puXJdLA-WpMWABALz1CJwkTqJugj4vK-XPaOsDO6HHasS5VuAhWvqlqod8Ewz0CLjBoME1pqeFtDJ4q_78ZsLG9nlridYlD6aoVeknPqQVKYcOsPLjVZ-vQ_yPmph92aQvhjRbf8SRJiOPk81OimpzP3k0tfB34kQeNHlCNSkijAAc3voNrw84cMDgi1UWp9Tcq-T8FL0iq1qKUb31Dhs86Wd1X3uKErV1SNpcnD_qdVCxdzPlcRzUrZcmGiBwmf9iYzQHszQbhra-Qd21t5c9nYEU-7gAfwqN_pLB-AJew4SONfeQrxbglqCs7cSegcrFhXwfaAhyaK6vdIeYH1zYNNnugdHk3z0r8FJCHgjvaTUsvW8pm4M397qxEOBnhxBIrB1QdMGiVBh2pNFtHLssqmx0ERq8SOPBFaVT6BUl0jf9GShTIUqNDQdgVB7lneD8sYyK5gVwGTxQQG08960Qy-eRXW7JTNWdPQH_RkxBAHNuAGrdszEk1YkMf5cRkS8NA_c1C1AlPvgEzNMnchJYNtBqTuKylE8xKzCRhz2nVmJWZjlr_WNtZoktuJcB1MplaFvkCtKKUVFk64ZHyl7Mw6pSa3ZG2RBQoy4KqOYx8NTswM8TVYw4vUmtVJZav_iUhJxI55hL7K9-RGKuvEUaCKiveRXrAyjydtfaZqeCKBsZQraRoqbl8wkbd8jSfMQurcvQz1HrTxRw9ysvYMHkgjNLi8KiZdlSY52ETCXP1qmknZPz9K22fUIw6xPxEpr74nBsi1AXjDyHDd1nUMVQMRCjNLhGJz-1IqwqfhGhlVO0mPRv5HZa7ZUNkD3WM0TA0gtmm6TJ8iuGWVbHu5c85GF4u-Ibx7OfW-KORF_0akCW5w_kzbzo464Tzv7IEM19GYf5gDqkI7SCTEu1GS96Ol1JfDxiKA_urDefCx49tJMvSWcnJ14msrhIYfrGB6R-BtYrM12Y6Ax4riS01KemmnxKtEGfDW79UwN3fCcsmuDsML3Pvewu3ZIbmgw2uv4bcz11jRML90XB02_0zRec556nrMFWceVLny58C98AEZ1biMNCaECIitQ1CFuH_M8HNHc8329Ks4wqOyAZ3IIZfUz55Y_g8LR_rKT6E8C7KPQ8RL82QPOXvQ-rhCdfAbNyYCUCrrSS_kTwEWFNr6Ai9JRd_FA6AoxDVH7m4wfc8TshGaoWeon7yS7to1KI54-pxDFxHwYgJfpuwI9PteK2qL-vJFreHykDHC8XdBW3GAx9w5mbYVBakOcMiUPSllO9vqjvl4rd1kcZqjMOtKTj6iG8WoqjkenN9rEDnxJnLdU0rFDNLPfzzJkN3U8u2zixOX9JPtDmFnARkbcqu4eC55ZeZRvrEMg2XG5S65pUkel7cL6gGg9hDLEig231zHMC9ZPsv8UaWzQS0PnLPWX6NDuOIb6nwcyISb_IJocQ1gohPQja2d9gw6I_p8oUzx7Q12kWO7QTodACTbxbEesnjaK_kbDDvJ3Lm3RR77T9gLkz2fUnQajmDziAzPlkpHok32SmjaTn3hi2NO_sE4TeJ8HrDuMw3pKOC8sI-cyhVfe18fJrjUypCD8t1EolCINRUi6-qsZ-NJVCYG_AZwZ9H4S3fGjvwrxG9RtwFbqJtcaI-3j1ZzHWZdllD9owGjVgorJP-PhwMBtbnOsVSzVoAYDS8MTxJ_pIVa-8VHUfSA0VjZf2VIDaRZ8HIjQc2jNU7iQ_9YZ39CoGIhOSqqVrAKQir0LpFGf5rcjsPgTueoP1QYf3-ln6-W254FCzp2bniDUK_xh0HWYK8jyoMkWlzyLPYDjGHbgtEV1kl__4ZRjZMyrcq8O32Z37hHh8MMh44f_PrQxxmu0-T-It478lThvzP4EqR1iU3cgaxZFVf3oDBAdIZgcW6qSkVLFRraHuZItfnNBDv3dgw3Xyfoq01LkrBjZTwHnuzTh4YE_nMuYuw1KXpusNJm5oooE6btBJvBoL9iim1QVuP6PSqzNwGg-OsTdaGDyv-LgxsKV7XysepuFcebLyuXmlOEVo02cyp_IW87WyHpjvDPEAPgS4rYoJ4-3gM5StIJfZbvbZVz-uGun4C9I3eSfRkDQigWeTGkZhpR944DYPazDhIZaixBVttseSFXXob3CwexZQWx5KxJOv7F56vi5qrABhFl18lDyuyrKeHwcdLQtkqLwpnlyqgb9Fc8TXO000wO9vVMEu1ImDEu0R6vLTwmrmTCS46HFLCubP9d9tEFIANEU&cid=CAASEuRoP5sT0hLx5nm32p5ZeYzxmA&rfl=1%2Chttps%253A%252F%252Fwww.weny.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:01:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9560
x-xss-protection
0
server
cafe
etag
378257483732583304
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Nov 2021 16:01:59 GMT
visit.js
tps.doubleverify.com/ Frame EF8A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=116&ttfrms=6&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETar9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=4&ddur=23&uid=1636387331893447&jsCallback=dvCallback_1636387331893714&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.weny.com%2F&fwc=0&fcl=455&flt=0&fec=1327&fcifrms=9&brh=2&sdf=2&dvp_epl=139&noc=4&ctx=19955922&cmp=DV451308&btreg=5566088843138334296287&btadsrv=5566088843138334296287&adsrv=104&unit=970x90&seltag=1&sadv=4468411906&ord=2790220986&litm=5566088843&scrt=138334296287&splc=/43459271/loc-desktop/weny/web/homepage&adu=635207671&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=53107465931.15558&dvp_tukv=373939498.0721748&dvp_uuid=148563370.642136&dvp_tuid=899123479164
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
5d62ac849712b838970a55cff85bc80779b79c215f0f34dab1ebf228612b546b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/7/2021 4:02:11 PM
rum
dsum-sec.casalemedia.com/ Frame 62CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGD2m4jpPpKZoc8zkvbA_d4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGD2m4jpPpKZoc8zkvbA_d4&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGD2m4jpPpKZoc8zkvbA_d4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARir_oG5ATAB&v=APEucNXb4jUN1wBmAQHvHZRxH722pOuRAHtwO-2HwZ9Gk7s9cManK-FPFjDeRiIWbRaXQ8EoD2TXYbJmPYpmkVo0HsmUOX0765FV-f0uUNp9a2TrRnO7vbBNKizbqAftIvqw_hePCGcJ3kgs9T5H4TOs70L-Pijs2Zt1SUjlXMlGEZ17PRa9L4M
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 16:02:12 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGD2m4jpPpKZoc8zkvbA_d4&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Mon, 08 Nov 2021 16:02:11 GMT
rum
dsum-sec.casalemedia.com/ Frame 62CE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYlKA1eBV3CbXTFX04osWgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGD2m4jpPpKZoc8zkvbA_d4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGD2m4jpPpKZoc8zkvbA_d4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARir_oG5ATAB&v=APEucNXb4jUN1wBmAQHvHZRxH722pOuRAHtwO-2HwZ9Gk7s9cManK-FPFjDeRiIWbRaXQ8EoD2TXYbJmPYpmkVo0HsmUOX0765FV-f0uUNp9a2TrRnO7vbBNKizbqAftIvqw_hePCGcJ3kgs9T5H4TOs70L-Pijs2Zt1SUjlXMlGEZ17PRa9L4M
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 16:02:12 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGD2m4jpPpKZoc8zkvbA_d4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 62CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECOBGP7i9AsQRW69ifrHFtI&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECOBGP7i9AsQRW69ifrHFtI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARir_oG5ATAB&v=APEucNXb4jUN1wBmAQHvHZRxH722pOuRAHtwO-2HwZ9Gk7s9cManK-FPFjDeRiIWbRaXQ8EoD2TXYbJmPYpmkVo0HsmUOX0765FV-f0uUNp9a2TrRnO7vbBNKizbqAftIvqw_hePCGcJ3kgs9T5H4TOs70L-Pijs2Zt1SUjlXMlGEZ17PRa9L4M
Protocol
HTTP/1.1
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
X-Proxy-Origin
168.119.25.193; 168.119.25.193; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1b8f7b26-656d-45b6-bb29-9657e29d2298
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECOBGP7i9AsQRW69ifrHFtI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 62CE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY0MDE1MDkzNzQyNTM4NTE1NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY0MDE1MDkzNzQyNTM4NTE1NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARir_oG5ATAB&v=APEucNXb4jUN1wBmAQHvHZRxH722pOuRAHtwO-2HwZ9Gk7s9cManK-FPFjDeRiIWbRaXQ8EoD2TXYbJmPYpmkVo0HsmUOX0765FV-f0uUNp9a2TrRnO7vbBNKizbqAftIvqw_hePCGcJ3kgs9T5H4TOs70L-Pijs2Zt1SUjlXMlGEZ17PRa9L4M
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:12 GMT
X-Proxy-Origin
168.119.25.193; 168.119.25.193; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
97b68fa7-39ac-4eec-a1d3-9a0d6141fb54
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY0MDE1MDkzNzQyNTM4NTE1NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EAE9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsst-sfX5l-YK8Pa4WUfl73iLE9MHxKYWI6kV7foNMNyQaWuR69nEjRmhfZeSxj2Zwp8eKCFLtHcHNXAcW94eelSN5JxWZB8-JmLy32Qp8Ok7C-TEd0sWc5gvmHPuegSlnxbZXvi_EzoLuDmDGDs52TpYvhsmN-ZKbUK5lQTshsw72uAC7Iw9bNw6cY1CtPHgYylH-bSRS70dWYX4Uz6YvszzsGlqxVN33u9YDdpkH6-TB5b3761w5EPPBZzbrzR5buKB5ZV1upk9KxYKaDwfQaf5dk4t0PeyYVGXIEz8idxhZX__GZ0QBUAsd6vjl6wgxh8x5BivyRfWSH3Iw&sig=Cg0ArKJSzMwDkYxOQ8xnEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 08 Nov 2021 16:02:11 GMT
truncated
/ Frame EAE9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cc484149da28e3796cfa8159fa779261dac5c8cf688b9a2b7d45688acbb9436

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements1800.js
cdn.doubleverify.com/ Frame A08B 		495 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1800.js
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Oct 2021 09:46:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fef5397bad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91601
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/ Frame 9AD3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/index.html?e=69&leftOffset=0&topOffset=0&c=PPE2cfVmYU&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ad7fc2e639efac1b84ddab21e8faec2b12409209ea5bda40b864c784b8183dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
940
date
Mon, 08 Nov 2021 16:02:11 GMT
expires
Tue, 09 Nov 2021 16:02:11 GMT
cache-control
public, max-age=86400
last-modified
Tue, 19 Oct 2021 08:25:43 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame D2F0 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvj-bmVErS23EB4te8On7KJ2VXWBTyCSOpvNigDL7hxilHoA1RkFBy3ee-fUifPWB-P1-9auBYwYoPEUT0ULVeG5LixBOQQsoIAYo_yaTqA237tRyXon4K1O-LDL3gPHNDyIzJxtsZBBlJCZ00s68ac4UnU81TCVvpcnTjc0i5dNHQVUjzjE_UYmp-DaKKNiAD8aEkLPS1lTvoa-_tSKdt6IwyUbd5G4e7Hokr16ZvuTxrtY15g_13yi48LFnlJXCtIt4tksWU8mYEJov_sOjjBSLdOtXPrmkuHsdEv9LZkgxTTOTs5K9NrAIPDTkebLgFZETxTQpBFuRKmQuch1CXjiWldYm1bSdIQAdX2Gcz1_GTnuHcNhlvgqGl-cL23jSsvROmR-SpYfjEuJOERyeSLzENdNcdBrnu_veYvagoIsEMDJJo2DWRezEGmLOHHsEeSXv4p55CEEEF_fXeizLaliLN0ZfQJX6a7MR4JEBF_QOAy208dHyagEyQs8MwS_mRByfQnFf2DaCG0I8tTflBaBxBtlEOZxMOW2vAGXYcFrcwc14ORzf4PJ2yUQxWcxXWZlmJ3SQjlnGq9dwWQqRBHVoQwhxIIZ00ylBdMfmaOr-BDlNpQVcVsqo9iVMRW4kgNw98IybeHDMpU4bHnbEeifjz7iQ3M3xpSXSMCNX0M1M5-gXTXnKYp2w4w1WMZ5zlSAUST24Ioo8XPhv1YVQz0J04fdjmw9Oay9JHx6WJxPKG5qRIFl532CVSlRw6chJ98IMpkX0DsZAR1a2jO8vByTuwFUnsvKBUhtCtLT_zNMUeIVcuzufszAmiv3GDzgoflNwZuBYYqbQRRre9dGfh6kPU2Vi45RAN23M0-WZgga4lQ6Q2WyVw0u9nZpoCD_oiZfYDHrVtY2tO_1D0dpNLI51VfqpV_M1zG5BS6Sb6cawocyNxM1FNEHh4CBFZv5KNJ0VukvFW_Vu99hz2P7s_K2ES-FQmFlV46YGkcP2JOc5IPd5zSkHMB502ptz0BNrzKM_fzJx5QJEpynKze4xAC9Bgv8QXnvipT6pFiDPheZ-82Bk1YLnVY5LTiivu2PbzHcrUsI7Go7bd97dYxfLnQ7TvnzuSbj-pwpH9d8YTs57wKKytPAw5lUboWU39pci7YSF92yYwjqd9uHEmNAvNCO-sSFAumu7UEyC_CL4ZWa0gCIW1wlZlHfdUV7GjWc1-o0NYLiJ-Xo6JVooQyZscqXeTe6ZdrMSpGnsqKIlH1-Q&sai=AMfl-YRr3DpyFZJMnSrrsduPiA3Fc7oLDtfLWdfPowmsJXk4pucY28JBE8i3DXcNb-N014Fz-ZvZKDjcF8Z4wM5dCilddVfS0klSkTmwGmFvEOL4pw9gSxHpmCMlxttbpiNWJSo-79LfNtNlgKu5Lsbc2L_XN3DBIg&sig=Cg0ArKJSzDpBmt7y3eQyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=76&cbvp=1&cstd=71&cisv=r20211103.45391&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 08 Nov 2021 16:02:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D2F0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
URL: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 11:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17490
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 08 Nov 2022 11:10:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 57CB 		1 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
URL: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 07 Nov 2021 18:26:41 GMT
expires
Mon, 08 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
77730
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D2F0 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7b6b632248f0cc3d93e8b0475b8b45dc2b0c2a4eb03218da429e3840a5b59aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
visit.js
tps.doubleverify.com/ Frame A08B 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=77&ttfrms=9&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3ETar9EEADTbpTauTauHHH%5DH6%3FJ%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=4&ddur=10&uid=1636387332007419&jsCallback=dvCallback_1636387332007336&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.weny.com%2F&fwc=0&fcl=455&flt=0&fec=1327&fcifrms=9&brh=2&sdf=2&dvp_epl=139&noc=4&ctx=19955922&cmp=DV451308&btreg=5616446599138339307023&btadsrv=5616446599138339307023&adsrv=104&unit=728x90&seltag=1&sadv=4987351875&ord=2819546807&litm=5616446599&scrt=138339307023&splc=/43459271/loc-desktop/weny/web/homepage&adu=635207671&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=9713176968.5806&dvp_tukv=1098114398.9471002&dvp_uuid=705590317.4413387&dvp_tuid=293185746117
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
f469a1cde408d048475efa39d20337cc6b229bb70b559fcfef5213f9fdf7b1e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/7/2021 4:02:12 PM
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 74AF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 08 Nov 2021 11:10:41 GMT
expires
Tue, 08 Nov 2022 11:10:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
17491
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hp_styles.css
s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/ Frame 9AD3 		3 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/index.html?e=69&leftOffset=0&topOffset=0&c=PPE2cfVmYU&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
020eab227f3a54c908708db97c1f1ddd43675174c54cca9f8144650858079a9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/index.html?e=69&leftOffset=0&topOffset=0&c=PPE2cfVmYU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 12:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:25:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 12:30:05 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9AD3 		113 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/index.html?e=69&leftOffset=0&topOffset=0&c=PPE2cfVmYU&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/index.html?e=69&leftOffset=0&topOffset=0&c=PPE2cfVmYU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 08 Nov 2021 16:02:12 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 9AD3 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/index.html?e=69&leftOffset=0&topOffset=0&c=PPE2cfVmYU&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/index.html?e=69&leftOffset=0&topOffset=0&c=PPE2cfVmYU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 05:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37810
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 05:32:02 GMT
hp_main.js
s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/ Frame 9AD3 		5 KB
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/index.html?e=69&leftOffset=0&topOffset=0&c=PPE2cfVmYU&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d4892fd70bf845b34e85fd509630af6f5447d659b87add79b2cab40318bc25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/index.html?e=69&leftOffset=0&topOffset=0&c=PPE2cfVmYU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 12:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
941
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:25:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 12:30:05 GMT
/
google2waycm.netmng.com/cm/ Frame 57CB 		0
0
dpixel
cms.quantserve.com/ Frame 57CB 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP_yCRUZ0lxaHIscnidK8DE&google_cver=1&google_push=AYg5qPJiSnLHDE5mwT9Of6nyU7vyXb2ybQwlgebOWyqKwNumOANTOWoLbK9B6fd6-ojjl_vZ3_8ypX4pu9_Ku9aAQxrPh5sdeQ
Requested by
Host: 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
URL: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 57CB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMOvteLzogMGrZ3K5-RKj4c&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMOvteLzogMGrZ3K5-RKj4c&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NG5vVXZ3cVUxTUs3NjQ1&google_gid=CAESEMOvteLzogMGrZ3K5-RKj4c&google_cver=1&google_push=AYg5qPKQS6tKBfA_C2EkrfXSdn7D4_jpru8oWSwXLQ68dw1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NG5vVXZ3cVUxTUs3NjQ1&google_gid=CAESEMOvteLzogMGrZ3K5-RKj4c&google_cver=1&google_push=AYg5qPKQS6tKBfA_C2EkrfXSdn7D4_jpru8oWSwXLQ68dw1lk-v9AdQDx8JfFXV4DQNR4utSiUu2iQY2yo5bomla-UXQk2zk5FA
Requested by
Host: 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
URL: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:11 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NG5vVXZ3cVUxTUs3NjQ1&google_gid=CAESEMOvteLzogMGrZ3K5-RKj4c&google_cver=1&google_push=AYg5qPKQS6tKBfA_C2EkrfXSdn7D4_jpru8oWSwXLQ68dw1lk-v9AdQDx8JfFXV4DQNR4utSiUu2iQY2yo5bomla-UXQk2zk5FA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 57CB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEE2BJTtrIO-kF3uuW47a3To&google_cver=1&google_push=AYg5qPJ2wAO_nSKwaFmBbCg-qqOfH9nV0x-RQ4nAqw4dOyhYKOkOE2JajBuiJleaaoL6WQ0loq6x7z_AdzLxLwwY...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ2wAO_nSKwaFmBbCg-qqOfH9nV0x-RQ4nAqw4dOyhYKOkOE2JajBuiJleaaoL6WQ0loq6x7z_AdzLxLwwYsW4ePhqSqO8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ2wAO_nSKwaFmBbCg-qqOfH9nV0x-RQ4nAqw4dOyhYKOkOE2JajBuiJleaaoL6WQ0loq6x7z_AdzLxLwwYsW4ePhqSqO8
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 08 Nov 2021 16:02:12 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x10 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ2wAO_nSKwaFmBbCg-qqOfH9nV0x-RQ4nAqw4dOyhYKOkOE2JajBuiJleaaoL6WQ0loq6x7z_AdzLxLwwYsW4ePhqSqO8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 16:02:11 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 57CB 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAw9pSvgrPyoy-SgfG7xdkU&google_cver=1&google_push=AYg5qPJIZOEOnkZY-N59zkjKGSPQZe1Wcy_IKJ6fGvLGZff_FnTTxH_HFiIJEOzLQvgkE9LXTlh_Jo7ji2sXzHP-WHY4X58s_Q
Requested by
Host: 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
URL: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:11 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 57CB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPzk4kUwwtUCcKv19GKgUJs&google_cver=1&google_push=AYg5qPJ0G6ZK3zU5Rdyz9w6ixIK-B_E_ym5Mr6_DwUuLntOM6QTOSMilGDTT2a40HwbGRQxRkIfFXpmN7-uVxOt6makg...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPzk4kUwwtUCcKv19GKgUJs&google_cver=1&google_push=AYg5qPJ0G6ZK3zU5Rdyz9w6ixIK-B_E_ym5Mr6_DwUuLntOM6QTOSMilGDTT2a40HwbGRQxRkIfFXpmN7-uVxO...
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a84b51c9-ec3e-4f1f-b1cf-454b7275bd2d&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ0G6ZK3zU5Rdyz9w6ixIK-B_E_ym5Mr6_DwUuLntOM6QTOSMilGDTT2a40HwbGRQxRkIfFXpmN7-uVxOt6makgRr1_Hw&google_hm=EZEaduWfT5WY10jyOpOJGA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ0G6ZK3zU5Rdyz9w6ixIK-B_E_ym5Mr6_DwUuLntOM6QTOSMilGDTT2a40HwbGRQxRkIfFXpmN7-uVxOt6makgRr1_Hw&google_hm=EZEaduWfT5WY10jyOpOJGA==
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ0G6ZK3zU5Rdyz9w6ixIK-B_E_ym5Mr6_DwUuLntOM6QTOSMilGDTT2a40HwbGRQxRkIfFXpmN7-uVxOt6makgRr1_Hw&google_hm=EZEaduWfT5WY10jyOpOJGA==
Date
Mon, 08 Nov 2021 16:02:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame 57CB 		43 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEMSV4ZtiUypWSWsANpaDpEA&google_cver=1&google_push=AYg5qPI_kqeARGG5fSp6jIQc6oPEo184ySOwIuXgwt3ySrnF7y_wbC7ApXF7AFocz4U1Rw4ZUDAj01uTsuKxmC6VCFpHd7Sm8t4
Requested by
Host: 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
URL: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 16:02:12 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 57CB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IXGCbzQTY6SjvNysotiI8Ii4-O7vMox35CVy7jlTRBxx5Rf0uWg8Zq1TLAYOohFyFqajWBsQ
Requested by
Host: 6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
URL: https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 74AF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 15:05:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
176209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 06 Nov 2022 15:05:23 GMT
rtl-logo.png
s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/ Frame 9AD3 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/rtl-logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee3ae8a9fdbdd776583fdabad3e261c22131b7f658ca56a2d527177db5b2014c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 12:30:05 GMT
x-content-type-options
nosniff
age
12727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4615
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 12:30:05 GMT
bgImg3.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/ Frame 9AD3 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/bgImg3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
923c2f82d0812fbcd405e66a674b297904c0bbc4145eee10de5a13ebf6c4717d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 12:30:05 GMT
x-content-type-options
nosniff
age
12727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16774
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 12:30:05 GMT
bgImg2.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/ Frame 9AD3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/bgImg2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bac76d11b80c04ee8281decd1a59fd9ac36e895bfe86364c3edfa1632039a255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 12:30:05 GMT
x-content-type-options
nosniff
age
12727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9233
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 12:30:05 GMT
bgImg1.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/ Frame 9AD3 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/bgImg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e503e67bb4e6bf27752d973fe0006f6ba7dbc8d94d2eab4da1d3f6529932965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 12:30:05 GMT
x-content-type-options
nosniff
age
12727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14793
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 12:30:05 GMT
txt_sprite.png
s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/ Frame 9AD3 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/txt_sprite.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b010243e7eeb3a90a05ff4a3f047df99f32332bce0c06b8f31905ee57bdf8282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 12:30:05 GMT
x-content-type-options
nosniff
age
12727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30255
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 12:30:05 GMT
cta_01.png
s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/ Frame 9AD3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/cta_01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
984a6f6dab336dcccc1d0881fd6e8556e95821b7f06ff31c2600053577ef7f4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 12:30:05 GMT
x-content-type-options
nosniff
age
12727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1315
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 12:30:05 GMT
cta_02.png
s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/ Frame 9AD3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/cta_02.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee1f356dc7b2a6cbcafe0bb4a1b03dd2ccc221e9d1748cd308236a78a293e5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 12:30:05 GMT
x-content-type-options
nosniff
age
12727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1293
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 12:30:05 GMT
logo_ende01.png
s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/ Frame 9AD3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/logo_ende01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2f1d18e6543252110c20dbb91356dc1896efba222717a90881669806eb17d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 13:04:09 GMT
x-content-type-options
nosniff
age
10683
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1035
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 13:04:09 GMT
logo_ende02.png
s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/ Frame 9AD3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/logo_ende02.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e3f17e995252d3098d01435f96ec3cd9f53a9c03481378a67fbb57cf11cfad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 12:30:05 GMT
x-content-type-options
nosniff
age
12727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1039
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 12:30:05 GMT
logo_ende03.png
s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/ Frame 9AD3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/logo_ende03.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a87018900370e12c9e03e302e22dc0459417a1b8fdd8815405732e18b93c35f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61919335/20211019012543007/hp_styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 12:30:05 GMT
x-content-type-options
nosniff
age
12727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1026
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 12:30:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D2F0 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvj-bmVErS23EB4te8On7KJ2VXWBTyCSOpvNigDL7hxilHoA1RkFBy3ee-fUifPWB-P1-9auBYwYoPEUT0ULVeG5LixBOQQsoIAYo_yaTqA237tRyXon4K1O-LDL3gPHNDyIzJxtsZBBlJCZ00s68ac4UnU81TCVvpcnTjc0i5dNHQVUjzjE_UYmp-DaKKNiAD8aEkLPS1lTvoa-_tSKdt6IwyUbd5G4e7Hokr16ZvuTxrtY15g_13yi48LFnlJXCtIt4tksWU8mYEJov_sOjjBSLdOtXPrmkuHsdEv9LZkgxTTOTs5K9NrAIPDTkebLgFZETxTQpBFuRKmQuch1CXjiWldYm1bSdIQAdX2Gcz1_GTnuHcNhlvgqGl-cL23jSsvROmR-SpYfjEuJOERyeSLzENdNcdBrnu_veYvagoIsEMDJJo2DWRezEGmLOHHsEeSXv4p55CEEEF_fXeizLaliLN0ZfQJX6a7MR4JEBF_QOAy208dHyagEyQs8MwS_mRByfQnFf2DaCG0I8tTflBaBxBtlEOZxMOW2vAGXYcFrcwc14ORzf4PJ2yUQxWcxXWZlmJ3SQjlnGq9dwWQqRBHVoQwhxIIZ00ylBdMfmaOr-BDlNpQVcVsqo9iVMRW4kgNw98IybeHDMpU4bHnbEeifjz7iQ3M3xpSXSMCNX0M1M5-gXTXnKYp2w4w1WMZ5zlSAUST24Ioo8XPhv1YVQz0J04fdjmw9Oay9JHx6WJxPKG5qRIFl532CVSlRw6chJ98IMpkX0DsZAR1a2jO8vByTuwFUnsvKBUhtCtLT_zNMUeIVcuzufszAmiv3GDzgoflNwZuBYYqbQRRre9dGfh6kPU2Vi45RAN23M0-WZgga4lQ6Q2WyVw0u9nZpoCD_oiZfYDHrVtY2tO_1D0dpNLI51VfqpV_M1zG5BS6Sb6cawocyNxM1FNEHh4CBFZv5KNJ0VukvFW_Vu99hz2P7s_K2ES-FQmFlV46YGkcP2JOc5IPd5zSkHMB502ptz0BNrzKM_fzJx5QJEpynKze4xAC9Bgv8QXnvipT6pFiDPheZ-82Bk1YLnVY5LTiivu2PbzHcrUsI7Go7bd97dYxfLnQ7TvnzuSbj-pwpH9d8YTs57wKKytPAw5lUboWU39pci7YSF92yYwjqd9uHEmNAvNCO-sSFAumu7UEyC_CL4ZWa0gCIW1wlZlHfdUV7GjWc1-o0NYLiJ-Xo6JVooQyZscqXeTe6ZdrMSpGnsqKIlH1-Q&sai=AMfl-YRr3DpyFZJMnSrrsduPiA3Fc7oLDtfLWdfPowmsJXk4pucY28JBE8i3DXcNb-N014Fz-ZvZKDjcF8Z4wM5dCilddVfS0klSkTmwGmFvEOL4pw9gSxHpmCMlxttbpiNWJSo-79LfNtNlgKu5Lsbc2L_XN3DBIg&sig=Cg0ArKJSzDpBmt7y3eQyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=237&vt=11&dtpt=161&dett=3&cstd=71&cisv=r20211103.45391&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9AD3 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0509e7a00e2109bb8bb8ccae38fe9bf3c7fb63039f50b28e0649b65e16d2e24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5186
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9AD3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 08 Nov 2021 16:02:12 GMT
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 43CA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 15:05:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
176209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 06 Nov 2022 15:05:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 74AF 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeokNA0qJYdb0MNWj9u8PyMCP-AgAAAAAOAHgBAI&bg=!n5ylnNjNAAYH3anuB907ACkAdvg8WsyxJhdbfWMtWoDq1fPfR0Ujqy8JPIWt6c7gtk0gK7NqjdmpFwIAAAB6UgAAAApoAQeZAyn0s4w-WDgnhFKeO6pcvsAtzTcUImjCxc_H17RZV7uh5b9IiPfiuu7FboM7WnJTj4PgHqYPW4xxvrOYFAtJjs8i8btIeJr8lntSz_UAFLu5jeMk3JwNcrI_jDI3Q_AINtMfj-E-m4UZTdF0OVAER5B49J3icjWgExHgfycf7-tmx5yVRbJjcidJ8efAWh48zbL_KKc11jUsWpKkvtZBpVmo7qZh_1AAnaiz91azKsZ6CpmgxQ9y7wv6vv41t2EX-EXPdBbjCqJ0njgrTZ5Rwia_KwWwjEJdDRRhJ_bv05e2E5Gp9SNNFcklP1aiwg1Pku63QOt6Q4sBzgfDbiGDNYqBedjDRda0gfkuhNaVd0p-xGa0jsQuUXdRn_MW--sNdLKno7_k8rElh8-gdmDhj9_7gG3g7OG_35s4_DWUXagBhqXuJvNczgYSW2FFYhrT1DwRCIquz9yDP8A7u4U5BcNwEgLYUTR8wQk61vBPxka037jofovqdWgD4qlMkCZt6rAuQzf9KNVfmauQ0C9X4WHxOQBgg2wyvGkgNqHptc4GU4DMSL0dlzqdazbneGIn7y6iUfLihaGlhFNnohzx1vpIUSLe3FbHcanPcTFa5JVw3mS5uat3wQKrzN_4vC7ztRkfr7NeF37xcoGPrw3XiGR37-eZsEef9u2I4TyOhFL9OJXBp0xQi1v0CSSyMz5YbeFdfU0_B8XAHMZErNSX7m8jPMbKLpoe_vWy_2ni6_VOQOFfu-vYfhud7FhOGTNVd1Gil4i7F4HcyJP-vlAiZFd7OXf-iaFBpzG_FufzKpFxSzd2Pjid3Ck8bXQZKuts8KMRxwsSUPHx_xXH19I75mInwBeIP9q9dNjPBVEXGL4BN3a5eE0GUxj8LFSzAZItvZPMqohHKqjTFMVsEsHrnr9fhOa6MtHE4iVoWfP--ZyDgdKU1jwDGdVkhde-qxjufhBL2qgD1BwylR9HrXPf72U99wsCHqAWuqstBdVdl0z69pfhNJzhEtDVvNCiZ_huEXR90PC9vx_T4wD5wpw3Fglf-vwqCzedLRTWoxdeeph14WrWVJmEFUTmww
Requested by
Host: www.weny.com
URL: https://www.weny.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d9f893d0a4853da6372727b0102ec377ace67324e1dd483f0d42270bb4d5000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Nov 2021 16:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9282
x-xss-protection
0
v2yuu5iw6q3zDN3-DNJvHsHEIK2T_TAbazrYh6swgJYz6l9dO4aWKhiKO12o_LT0_ejhWysUtXz4G0sg4kw
begintrain.com/ 		216 B
611 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://begintrain.com/v2yuu5iw6q3zDN3-DNJvHsHEIK2T_TAbazrYh6swgJYz6l9dO4aWKhiKO12o_LT0_ejhWysUtXz4G0sg4kw
Requested by
Host: begintrain.com
URL: https://begintrain.com/v2fzm3DO2tSBnI5kkDZqjZj8W1lqqcfCqSwtyIHx3cy-kQdpxdsyBEwX4pZN06XZM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ec92d95f35e92132ef2d7b6b17b4bd93c487a26ff14a8f3827443d6dbf3659af
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 08 Nov 2021 16:02:12 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
0f8346e1
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Mon, 08 Nov 2021 16:02:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 08 Nov 2021 16:02:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2264 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 08 Nov 2021 14:33:57 GMT
expires
Tue, 08 Nov 2022 14:33:57 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5295
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6103 		783 B
1003 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
31ba8e51303f92d772d148b0cf95e54e73b25ed674cb37b94eaa125bc10ea752
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qPL3fYcRXtILXG4xWi+HVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 08 Nov 2021 16:02:12 GMT
date
Mon, 08 Nov 2021 16:02:12 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-qPL3fYcRXtILXG4xWi+HVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
v2tvk0VBAJHd0GwWjOrR_bs2zZsuuJcmvxLfNS5FXuxBgx1cg-CMSXbqnN05RtCGRwn63tWLVywqzQ55nHw
begintrain.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://begintrain.com/v2tvk0VBAJHd0GwWjOrR_bs2zZsuuJcmvxLfNS5FXuxBgx1cg-CMSXbqnN05RtCGRwn63tWLVywqzQ55nHw
Requested by
Host: begintrain.com
URL: https://begintrain.com/v2fzm3DO2tSBnI5kkDZqjZj8W1lqqcfCqSwtyIHx3cy-kQdpxdsyBEwX4pZN06XZM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 08 Nov 2021 16:02:12 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.weny.com
access-control-allow-credentials
true
x-hostname
0f8346e1
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 2264 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 15:05:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
176209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 06 Nov 2022 15:05:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6103 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110201&jk=3900606530827904&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110201&jk=3900606530827904&bg=!fX6lfjrNAAYH3anuB907ACkAdvg8Wpd07lGcrMuyj99vSh0q1CEvrT6_JLpO7HldQ-YiRGTF4nRKIwIAAABNUgAAAApoAQcKACHgH28s4sc9joSKZuqFt6JOOxlMKDC2Nm-DGSmlHuHTZbCZArEuN2kSLzkZwtF-S3ipvwaTYlYKs5jLOwpTOm2_uVZb9FC14YyT5gqsfaGCjQ7MvC8PRWDKQ25VkrropB0MNL4wLEasrJSgpTsf4dCA2Vkk-6vZUhU73j40f4rFvBj6juHIJYTHCQIuMsJaD7qB07k3ifm96QkejujcJg0ythiJkSxe0D82d8zQuP_9xBUtTHtLYtvMjHSqC9nSsYKavJMfWCHETGlrUrze6-FfW7qOg0SXEcuQoqsR3fIN3AVcdHbQ6Lctp5ZoXI9mgfHqrhKU7SQ6OxvhyB6mc2HS-6PnazmCZD9EPXzJJ0ZAoxcdQeQ3JxYlzrDIaE8shj3HxxI1dH2oeR2dXxociZOo3m1S8DAb6uV7eTRcUFmLT9ngsxjpVq_BvdFLVelWe8ShH_V9Vvfa8UkEtTv1cn9I1oaZKdRa1isjKC1bMufffEjXdxDQsipjGGO_9nsVzi5yGML-exLm16i6YIosVMlS_Bt2LKTvXBJ8t3QfAB7wFpAm1pOAWNjdxxYWhHSE0duJqcucuk4LvVk0TAK-OQd0FFEiCVzXFVDoOQ97nUsf3GTMmiPYicMb4kxv5F3jZivWRhONLrwJhlK1Z_j9rSHrMw68_KA3jgnW4PujT7QtTuX2LxNkPHaR1irK9W8ijfGf-tbUYWZq2qq4PTp2dIeQ7WOqfZmHBw686zftqURk7-Vmzyd00mK6AJTOR1qhD9ZV-iZ_TvRgsxZETDfLZKRcK7mT7NOX18qpVzHdiBOSn_Cz3NSPjVcrfc-I55kbByvi8E2KCAWGAZck5ntJt9IYDD9vtCFtZLUshv3M8PxIJjEpq1P26u8DPGxxhltvbtdmxs_OHHZbjPPYe2hNQYgmjBn4T2ZMIbM-rHKeB9vgPyzUGABwGi3To2f3jZ6ILEAo-C5LGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EAE9 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgPOm1SR5_mWYiFrOfzDtTnMEVCIppwbu47ViHiqP9Al1TSUHFxSoRcCOViM9ghMlVLH4lV1rJaz6Pf-gJQi3hNDxmCCtm1w_Bgsaktn-1KTm8n66v&sig=Cg0ArKJSzFfsIDJQxZuWEAE&id=lidar2&mcvt=1001&p=162,436,252,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4066883272&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636387331790&rpt=132&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tps20225.doubleverify.com/ Frame 84B1 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20225.doubleverify.com/event.png?impid=09abc06724534232a7ed081d8850e95e&gdpr=&gdpr_consent=&vdur=96&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=11&tetms=7&msltms=16&vltms=96&sei=289&vetms=6&engms=1&engisel=1&ttfurm=2132&cbust=1636387333583490
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:13 PM
event.png
tps20229.doubleverify.com/ Frame F8A2 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20229.doubleverify.com/event.png?impid=5e0979dc5788456fa69ad6474ce19317&gdpr=&gdpr_consent=&vdur=72&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=63&tetms=11&msltms=12&vltms=72&sei=289&vetms=2&engms=1&engisel=1&ttfurm=2082&cbust=1636387333583448
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:13 PM
event.png
tps20240.doubleverify.com/ Frame D95E 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20240.doubleverify.com/event.png?impid=d5af08dcab2d4e13a408fc0c8e731dbb&gdpr=&gdpr_consent=&vdur=63&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=9&tetms=7&msltms=11&vltms=63&sei=289&vetms=10&engms=1&engisel=1&ttfurm=2078&cbust=1636387333596154
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:13 PM
event.png
tps20239.doubleverify.com/ Frame 1FDB 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20239.doubleverify.com/event.png?impid=ca82edfb50e4476da5514dabe9776b2e&gdpr=&gdpr_consent=&vdur=15&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=8&tetms=11&msltms=20&vltms=15&sei=289&vetms=79&engms=1&engisel=1&ttfurm=2106&cbust=1636387333910549
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:14 PM
event.png
tps20231.doubleverify.com/ Frame 1F72 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20231.doubleverify.com/event.png?impid=fde7f8ff74ec4a279cc0263ea1d422e2&gdpr=&gdpr_consent=&vdur=16&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=10&tetms=7&msltms=12&vltms=16&sei=289&vetms=60&engms=1&engisel=1&ttfurm=2082&cbust=1636387333911657
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:14 PM
event.png
tps20228.doubleverify.com/ Frame EF8A 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20228.doubleverify.com/event.png?impid=ba28560f70544927ab8d57aa87da067f&gdpr=&gdpr_consent=&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=16&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=23&tetms=7&msltms=12&vltms=16&sei=289&vetms=35&engms=1&engisel=1&ttfurm=2057&cbust=1636387333946502
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:14 PM
event.png
tps20230.doubleverify.com/ Frame A08B 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20230.doubleverify.com/event.png?impid=c7d45383caca4764a9c6db45c2b12554&gdpr=&gdpr_consent=&vdur=13&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=10&tetms=6&msltms=23&vltms=13&sei=289&vetms=24&engms=1&engisel=1&ttfurm=2045&cbust=1636387334046677
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:14 PM
lb
be.durationmedia.net/ Frame 8643 		0
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/lb?s=10468&t=SD&c=7
Requested by
Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10468/dm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.127.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-127-138.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:14 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection
keep-alive
Access-Control-Allow-Origin
https://www.weny.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
0
sponsorships
be.durationmedia.net/ Frame 8643 		790 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/sponsorships
Requested by
Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10468/dm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.127.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-127-138.compute-1.amazonaws.com
Software
/
Resource Hash
ca84c81cacb3406e085cc138b1a26859c5718a975adc08e91c7036c68d7e4653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:14 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection
keep-alive
Content-Type
application/json
Access-Control-Allow-Origin
https://www.weny.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Length
790
X-XSS-Protection
1; mode=block
Expires
0
sponsorships
be.durationmedia.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/sponsorships
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.127.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-127-138.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.weny.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.weny.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Date
Mon, 08 Nov 2021 16:02:15 GMT
Expires
0
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
Content-Length
0
Connection
keep-alive
resources
www.weny.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 		843 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weny.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=16335
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-3799219fe6f138581641.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f3a477fb43fbce55701e9a15c6de35dd6fbd636c7d5092a3c4beaef9a94743d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
HIT, MISS
content-length
467
x-xss-protection
1; mode=block
x-served-by
cache-bwi5175-BWI, cache-fra19177-FRA
x-response-time
54ms
access-control-allow-origin
*
server
nginx/1.16.1
x-timer
S1636387336.680666,VS0,VE88
etag
W/"34b-yYGaG461fK4HYcx8P16gWwvFuu4"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
1, 0
id
sandbox-api.britepool.com/v1/britepool/ 		193 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sandbox-api.britepool.com/v1/britepool/id
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.235.147.241 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a6b0c23a08f2b291c30bb337999fe11799ff51db7b8bc3c841e3650ee6fa60a8

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
x-api-key
8bd8a0e6-1ee1-49d4-98cf-032e35d82d6e
Content-Type
application/json

Response headers

Date
Mon, 08 Nov 2021 16:02:17 GMT
Server
nginx
ETag
W/"c1-6/l/SOpM9emWduxzWp5Q7BThSrg"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.weny.com
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-api-key,x-britepool-checkonly, x-britepool-synced, x-britepool-ignoreoptout
Content-Length
193
x-request-id
45da608c816a885a20452df6b52e46bd
id
sandbox-api.britepool.com/v1/britepool/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sandbox-api.britepool.com/v1/britepool/id
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.235.147.241 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-api-key
Origin
https://www.weny.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Mon, 08 Nov 2021 16:02:17 GMT
Connection
keep-alive
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-api-key,x-britepool-checkonly, x-britepool-synced, x-britepool-ignoreoptout
Content-Type
text/plain charset=UTF-8
Content-Length
0
Access-Control-Allow-Origin
https://www.weny.com
Access-Control-Allow-Credentials
true
sync
eb2.3lift.com/ Frame 3D80
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
7bd381a2357dd5d1b566ca75f138a8693bda60d1b4d90817fd90faa53ae6bb18

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
content-type
text/html; charset=utf-8
content-length
463
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Mon, 08 Nov 2021 16:02:16 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D482 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=135550
expires
Wed, 10 Nov 2021 05:41:26 GMT
date
Mon, 08 Nov 2021 16:02:16 GMT
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 4797 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13416131
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

Server
nginx
Date
Mon, 08 Nov 2021 16:02:16 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
sync
eb2.3lift.com/ Frame AAD2
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
7bd381a2357dd5d1b566ca75f138a8693bda60d1b4d90817fd90faa53ae6bb18

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
content-type
text/html; charset=utf-8
content-length
463
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Mon, 08 Nov 2021 16:02:16 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5FB2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 09 Nov 2021 16:02:18 GMT
Date
Mon, 08 Nov 2021 16:02:16 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 8A7F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 08 Nov 2021 16:02:16 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 9B92 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 08 Nov 2021 16:02:16 GMT
Connection
keep-alive
beacon
ap.lijit.com/ Frame 64A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13416131
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

Server
nginx
Date
Mon, 08 Nov 2021 16:02:16 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
pd
eu-u.openx.net/w/1.0/ Frame A11D 		668 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
da25e4474175c52ea95c0a728c4c20c15e42ab110c71a7d64267e0ae24553c10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 08 Nov 2021 16:02:16 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame EB97 		668 B
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
da25e4474175c52ea95c0a728c4c20c15e42ab110c71a7d64267e0ae24553c10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 08 Nov 2021 16:02:16 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
/
ssc-cms.33across.com/ps/ Frame 3EF9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aDjwJ2usOr64kqaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 -, , ASN (),
Reverse DNS
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Mon, 08 Nov 2021 16:02:16 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 636E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 08 Nov 2021 16:02:16 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 93B5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 Nov 2021 16:02:16 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6460 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 09 Nov 2021 16:02:18 GMT
Date
Mon, 08 Nov 2021 16:02:16 GMT
Connection
keep-alive
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 22D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13416131
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

Server
nginx
Date
Mon, 08 Nov 2021 16:02:16 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3782 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=135550
expires
Wed, 10 Nov 2021 05:41:26 GMT
date
Mon, 08 Nov 2021 16:02:16 GMT
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 29BE 		668 B
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
da25e4474175c52ea95c0a728c4c20c15e42ab110c71a7d64267e0ae24553c10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 08 Nov 2021 16:02:16 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D5BB 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=135550
expires
Wed, 10 Nov 2021 05:41:26 GMT
date
Mon, 08 Nov 2021 16:02:16 GMT
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 5F15
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
7bd381a2357dd5d1b566ca75f138a8693bda60d1b4d90817fd90faa53ae6bb18

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
content-type
text/html; charset=utf-8
content-length
463
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Mon, 08 Nov 2021 16:02:16 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame DAC9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/13140_Frankly_CMS_Wrapper.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.weny.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 09 Nov 2021 16:02:18 GMT
Date
Mon, 08 Nov 2021 16:02:16 GMT
Connection
keep-alive
Vary
Accept-Encoding
ibs:dpid=463291&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr...
dpm.demdex.net/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_5edece26-1556-4deb-a0ab-ded01059e250&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_5edece26-1556-4deb-a0ab-ded01059e250&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=80ec2466-03c1-4648-a4e1-6fd070cf5e21&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=80ec2466-03c1-4648-a4e1-6fd070cf5e21&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=da29ec2e-c6d1-4c8a-a6c4-0b084a77019d&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENpVc3QiuOvU5YLJJ9f-Icc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3640150937425385154&opid=apx&ops=&utidl=tech:goo:CAESENpVc3QiuOvU5YLJJ9f-Icc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22333234230&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=197bee36986b3d7d7f9396c230c26e3f&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
0
0
ibs:dpid=494279&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr...
dpm.demdex.net/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_6bf0e067-715e-494f-b526-44f8175ffeb1&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_6bf0e067-715e-494f-b526-44f8175ffeb1&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=80ec2466-03c1-4648-a4e1-6fd070cf5e21&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=80ec2466-03c1-4648-a4e1-6fd070cf5e21&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=da29ec2e-c6d1-4c8a-a6c4-0b084a77019d&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENpVc3QiuOvU5YLJJ9f-Icc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3640150937425385154&opid=apx&ops=&utidl=tech:goo:CAESENpVc3QiuOvU5YLJJ9f-Icc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22333316871&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F4%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/160/4/6.gif?puid=35612617524358028648703036678281404084&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
0
0
ibs:dpid=463291&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr...
dpm.demdex.net/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_3b3d2294-ccde-4e1c-aabd-261d93a2be32&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_3b3d2294-ccde-4e1c-aabd-261d93a2be32&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=80ec2466-03c1-4648-a4e1-6fd070cf5e21&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=80ec2466-03c1-4648-a4e1-6fd070cf5e21&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=da29ec2e-c6d1-4c8a-a6c4-0b084a77019d&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENpVc3QiuOvU5YLJJ9f-Icc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3640150937425385154&opid=apx&ops=&utidl=tech:goo:CAESENpVc3QiuOvU5YLJJ9f-Icc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22333316871&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=197bee36986b3d7d7f9396c230c26e3f&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
0
0
sd
eu-u.openx.net/w/1.0/ Frame A11D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22096189-4a03-4700-865b-c47333c7c36a
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22096189-4a03-4700-865b-c47333c7c36a
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 08 Nov 2021 16:02:16 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22096189-4a03-4700-865b-c47333c7c36a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 16:02:15 GMT
sd
us-u.openx.net/w/1.0/ Frame A11D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1GdOQ9Y3Rk7PZ0Af1WBbTNJkQE3PM0RI2mW8FgCb
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1GdOQ9Y3Rk7PZ0Af1WBbTNJkQE3PM0RI2mW8FgCb
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1GdOQ9Y3Rk7PZ0Af1WBbTNJkQE3PM0RI2mW8FgCb
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame A11D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2006629915030252444
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2006629915030252444
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2006629915030252444
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame A11D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=f51a1a60-1680-30ea-60c9-19700e838688&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A11D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDk3NWM5YWEtZGZmNy02ZTRlLTc1MjktNDNjOWM0NjE0OGU4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A11D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMsrH6OvIP1blZnpOJoRgDs&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMsrH6OvIP1blZnpOJoRgDs&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMsrH6OvIP1blZnpOJoRgDs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame EB97
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22096189-4a03-4700-865b-c47333c7c36a
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22096189-4a03-4700-865b-c47333c7c36a
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 08 Nov 2021 16:02:16 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x3 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22096189-4a03-4700-865b-c47333c7c36a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 16:02:15 GMT
sd
us-u.openx.net/w/1.0/ Frame EB97
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1GdOQ9Y3Rk7PZ0Af1WBbTNJkQE3PM0RI2mW8FgCb
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1GdOQ9Y3Rk7PZ0Af1WBbTNJkQE3PM0RI2mW8FgCb
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1GdOQ9Y3Rk7PZ0Af1WBbTNJkQE3PM0RI2mW8FgCb
pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame EB97
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=90761867529434984
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=90761867529434984
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=90761867529434984
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame EB97 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=f51a1a60-1680-30ea-60c9-19700e838688&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame EB97 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDk3NWM5YWEtZGZmNy02ZTRlLTc1MjktNDNjOWM0NjE0OGU4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EB97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMsrH6OvIP1blZnpOJoRgDs&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMsrH6OvIP1blZnpOJoRgDs&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMsrH6OvIP1blZnpOJoRgDs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 29BE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22096189-4a03-4700-865b-c47333c7c36a
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22096189-4a03-4700-865b-c47333c7c36a
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 08 Nov 2021 16:02:16 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22096189-4a03-4700-865b-c47333c7c36a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 16:02:15 GMT
sd
us-u.openx.net/w/1.0/ Frame 29BE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1GdOQ9Y3Rk7PZ0Af1WBbTNJkQE3PM0RI2mW8FgCb
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1GdOQ9Y3Rk7PZ0Af1WBbTNJkQE3PM0RI2mW8FgCb
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1GdOQ9Y3Rk7PZ0Af1WBbTNJkQE3PM0RI2mW8FgCb
pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 29BE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2675972084304443727
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2675972084304443727
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2675972084304443727
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 29BE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=f51a1a60-1680-30ea-60c9-19700e838688&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 29BE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDk3NWM5YWEtZGZmNy02ZTRlLTc1MjktNDNjOWM0NjE0OGU4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 29BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMsrH6OvIP1blZnpOJoRgDs&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMsrH6OvIP1blZnpOJoRgDs&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=21efb74e-d031-406e-a71a-109f2ec72591&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMsrH6OvIP1blZnpOJoRgDs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3D80 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 3D80
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSci6m94GI1aqkcNfifzaA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSci6m94GI1aqkcNfifzaA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSci6m94GI1aqkcNfifzaA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D80
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4NTk0NzgxNzk5Mjc4Nzk2OTk%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4NTk0NzgxNzk5Mjc4Nzk2OTk%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4NTk0NzgxNzk5Mjc4Nzk2OTk%3D
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 3D80 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=15859478179927879699&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 -, , ASN (),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:17 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
sjrR85ydtRYw4U49pSsAAA==
xuid
eb2.3lift.com/ Frame 3D80
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/15859478179927879699?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-j0fGFspE2oRR7uGl4kBqArnssxSUvbW_sXQrc5sw6Q--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-j0fGFspE2oRR7uGl4kBqArnssxSUvbW_sXQrc5sw6Q--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 08 Nov 2021 16:02:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-j0fGFspE2oRR7uGl4kBqArnssxSUvbW_sXQrc5sw6Q--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 3D80 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=15859478179927879699&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.230.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-230-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 3D80 		42 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=15859478179927879699&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:15 GMT
etag
"f95a3e4769d2d71:0"
last-modified
Fri, 05 Nov 2021 17:19:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1929A37A56FB4F4EA1A6E108AD615866 Ref B: FRAEDGE1409 Ref C: 2021-11-08T16:02:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 3D80
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=15859478179927879699
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15859478179927879699&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15859478179927879699&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.133.124 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
004NN3A9Q6S7VJM125N2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15859478179927879699&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3D80
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 3D80
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7365271393311050287&dongle=d407
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=7365271393311050287&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=7365271393311050287&dongle=d407
pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame AAD2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame AAD2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSci6m94GI1aqkcNfifzaA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSci6m94GI1aqkcNfifzaA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSci6m94GI1aqkcNfifzaA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AAD2
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4NTk0NzgxNzk5Mjc4Nzk2OTk%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4NTk0NzgxNzk5Mjc4Nzk2OTk%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4NTk0NzgxNzk5Mjc4Nzk2OTk%3D
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame AAD2 		0
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=15859478179927879699&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 -, , ASN (),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:17 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
AOPr85ydtRZwuoZ2pSsAAA==
xuid
eb2.3lift.com/ Frame AAD2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/15859478179927879699?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-_Qk2CGFE2oQ7EOxB0BkqJagfLff6zsvRa2zJDok4KA--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-_Qk2CGFE2oQ7EOxB0BkqJagfLff6zsvRa2zJDok4KA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 08 Nov 2021 16:02:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-_Qk2CGFE2oQ7EOxB0BkqJagfLff6zsvRa2zJDok4KA--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame AAD2 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=15859478179927879699&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.230.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-230-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame AAD2 		42 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=15859478179927879699&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:15 GMT
etag
"f95a3e4769d2d71:0"
last-modified
Fri, 05 Nov 2021 17:19:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F480D3B42217410298236ECF65C6BBD5 Ref B: FRAEDGE1409 Ref C: 2021-11-08T16:02:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame AAD2
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=15859478179927879699
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15859478179927879699&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15859478179927879699&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.133.124 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CBJTEYREDJXFE2YV4SNQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15859478179927879699&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame AAD2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame AAD2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3618557978315508271&dongle=d407
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=3618557978315508271&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=3618557978315508271&dongle=d407
pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame 5F15 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 5F15
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSci6m94GI1aqkcNfifzaA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSci6m94GI1aqkcNfifzaA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDSci6m94GI1aqkcNfifzaA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5F15
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4NTk0NzgxNzk5Mjc4Nzk2OTk%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4NTk0NzgxNzk5Mjc4Nzk2OTk%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU4NTk0NzgxNzk5Mjc4Nzk2OTk%3D
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 5F15 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=15859478179927879699&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 -, , ASN (),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:17 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
VjIG9JydtRZgrYt4pSsAAA==
xuid
eb2.3lift.com/ Frame 5F15
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/15859478179927879699?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.upUz_xE2oS8PLwg.Vmrd7ORmG1Uq25JPlNQbMq9Ow--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.upUz_xE2oS8PLwg.Vmrd7ORmG1Uq25JPlNQbMq9Ow--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 08 Nov 2021 16:02:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.upUz_xE2oS8PLwg.Vmrd7ORmG1Uq25JPlNQbMq9Ow--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 5F15 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=15859478179927879699&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.230.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-230-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 5F15 		42 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=15859478179927879699&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:15 GMT
etag
"f95a3e4769d2d71:0"
last-modified
Fri, 05 Nov 2021 17:19:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CEE7B16EBF3E4772BC873EDC005FCE46 Ref B: FRAEDGE1409 Ref C: 2021-11-08T16:02:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 5F15
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=15859478179927879699
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15859478179927879699&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15859478179927879699&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.133.124 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9VRT2YZJZGSBAPT30Z1G
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15859478179927879699&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5F15
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 5F15
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3546500384277580335&dongle=d407
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=3546500384277580335&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=3546500384277580335&dongle=d407
pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
async_usersync
ib.adnxs.com/ Frame 6460 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:16 GMT
X-Proxy-Origin
168.119.25.193; 168.119.25.193; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9506ddb1-fe1c-4f33-a1c0-be5da7e86b13
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 93B5 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61700
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9506
Expires
Tue, 09 Nov 2021 09:10:36 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 332E 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0f5b6efd4bca3fc23b417cafb4775257b2e5c7e943a49f88406785a5058f3159

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|241|46|190|221|152|13
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1684
Expires
Mon, 08 Nov 2021 16:02:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:16 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame CC4E 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ffd90fa6b5e74e74854741278dc1ac74ad589e35879e5dd7b00f7c719637ac3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|73|130|40|8|152
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1447
Expires
Mon, 08 Nov 2021 16:02:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:16 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame AF98 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
802711a0c74321188fffb1fc52568ed4d8b703d7b286555cabbb0af5993ff12b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|73|221|64|218|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1596
Expires
Mon, 08 Nov 2021 16:02:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:16 GMT
Connection
keep-alive
PugMaster
image6.pubmatic.com/AdServer/ Frame D5BB 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75757543&p=158639&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
024c9952bc79ce3b2e053e8ffa50fad187bc3d8d0245f86233425aea028750f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1809
content-type
text/html; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame DAC9 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:16 GMT
X-Proxy-Origin
168.119.25.193; 168.119.25.193; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2571b434-0846-4f21-a9b8-1b22eab002e5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5FB2 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:16 GMT
X-Proxy-Origin
168.119.25.193; 168.119.25.193; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e5ab9e7c-a3ef-4c3f-b6c4-61c8c191ecb0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame AF98
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.133.124 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EPZDNYGE1YQTKJ0Y5B57
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XP6KV2KCKX4K6DKTHSXC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame AF98 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame AF98
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPztLH0Z6893gHW6tf3vl84&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPztLH0Z6893gHW6tf3vl84&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 08 Nov 2021 16:02:16 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPztLH0Z6893gHW6tf3vl84&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YYlKA1eBV3CbXTFX04osWgAABHIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AF98 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YYlKA1eBV3CbXTFX04osWgAABHIAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:5ad:a774:ca1b:74c5 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
tpid=YYlKA1eBV3CbXTFX04osWgAA%261138
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame AF98
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYlKA1eBV3CbXTFX04osWgAA%261138?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYlKA1eBV3CbXTFX04osWgAA%261138?gdpr_consent=&us_privacy=&gdpr=1
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYlKA1eBV3CbXTFX04osWgAA%261138?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.208.103.128 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:17 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.130
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:17 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYlKA1eBV3CbXTFX04osWgAA%261138?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.28.182
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame AF98
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638979336
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638979336
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 16:02:16 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638979336
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ibs:dpid=23728&dpuuid=YYlKA1eBV3CbXTFX04osWgAA%261138
dpm.demdex.net/ Frame AF98 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YYlKA1eBV3CbXTFX04osWgAA%261138?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.163.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame AF98 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YYlKA1eBV3CbXTFX04osWgAA%261138
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:16 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2932
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 16:51:08 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CC4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPztLH0Z6893gHW6tf3vl84&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPztLH0Z6893gHW6tf3vl84&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 08 Nov 2021 16:02:16 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPztLH0Z6893gHW6tf3vl84&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame CC4E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame CC4E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.133.124 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
F2H1TC2J78ACBN8G2BJZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
M45YTRW1KTPGTRAGJJ90
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YYlKA1eBV3CbXTFX04osWgAABHIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CC4E 		43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YYlKA1eBV3CbXTFX04osWgAABHIAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:5ad:a774:ca1b:74c5 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame CC4E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADxyU7DEpQAABnmTBrE1w&expiration=1637596937&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADxyU7DEpQAABnmTBrE1w&expiration=1637596937&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 16:02:17 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADxyU7DEpQAABnmTBrE1w&expiration=1637596937&gdpr=1
Date
Mon, 08 Nov 2021 16:02:17 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame CC4E
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0ef63eb3-ac65-43ce-9431-7dd9a1d92a68&expiration=1667923337
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0ef63eb3-ac65-43ce-9431-7dd9a1d92a68&expiration=1667923337
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 16:02:17 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0ef63eb3-ac65-43ce-9431-7dd9a1d92a68&expiration=1667923337
date
Mon, 08 Nov 2021 16:02:17 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame CC4E
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=6680c5b3-2cd1-4449-bb49-8919621bbc7d
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=6680c5b3-2cd1-4449-bb49-8919621bbc7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 16:02:17 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=6680c5b3-2cd1-4449-bb49-8919621bbc7d
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame CC4E 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YYlKA1eBV3CbXTFX04osWgAA%261138
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:16 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2932
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 16:51:08 GMT
casale
match.adsrvr.org/track/cmf/ Frame 332E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 332E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPztLH0Z6893gHW6tf3vl84&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPztLH0Z6893gHW6tf3vl84&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 08 Nov 2021 16:02:16 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPztLH0Z6893gHW6tf3vl84&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 332E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.133.124 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BRZ5R6D3GDQ51D1V155J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VN2KHP7H43QB0XEVD71Y
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYlKA1eBV3CbXTFX04osWgAABHIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 332E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
getuid
ib.adnxs.com/ Frame 332E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
tpid=YYlKA1eBV3CbXTFX04osWgAA%261138
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 332E
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYlKA1eBV3CbXTFX04osWgAA%261138?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYlKA1eBV3CbXTFX04osWgAA%261138?gdpr_consent=&us_privacy=&gdpr=1
49 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYlKA1eBV3CbXTFX04osWgAA%261138?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.208.103.128 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:17 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.9.143
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYlKA1eBV3CbXTFX04osWgAA%261138?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.23.231
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 332E
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=34e64ba2-8c8f-46dc-ad56-27703b1adaaa
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=34e64ba2-8c8f-46dc-ad56-27703b1adaaa
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 16:02:17 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=34e64ba2-8c8f-46dc-ad56-27703b1adaaa
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
indexexchange
sync.adotmob.com/cookie/ Frame 332E 		0
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 332E 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YYlKA1eBV3CbXTFX04osWgAA%261138
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 08 Nov 2021 16:02:16 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2932
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 16:51:08 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame AC5D
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.237.203 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbb62d081720e0210a6f152c325981a10bda86397e1767c43cbf64622fd9e9b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Mon, 08 Nov 2021 16:02:17 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 08 Nov 2021 16:02:17 GMT
pragma
no-cache

Redirect headers

date
Mon, 08 Nov 2021 16:02:17 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
match
c1.adform.net/serving/cookie/ Frame EA07 		35 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=3034F838-4FC4-4015-BBD3-5DFC5D010928
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 16:02:16 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame EB72
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8625757600845459465
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8625757600845459465
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 08 Nov 2021 16:02:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug013:0:574
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8625757600845459465
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 9740 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 08 Nov 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
471470
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D5BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MDT4OE_EQBW70138XQEJKA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=135550
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 10 Nov 2021 05:41:26 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D5BB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=22096189-4a03-4700-865b-c47333c7c36a
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=22096189-4a03-4700-865b-c47333c7c36a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 08 Nov 2021 16:02:16 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=22096189-4a03-4700-865b-c47333c7c36a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 16:02:15 GMT
/
pixel.onaudience.com/ Frame D5BB
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=3034F838-4FC4-4015-BBD3-5DFC5D010928
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=197bee36986b3d7d7f9396c230c26e3f
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=3949eaa3e06f154a5c1434d719c7cb33
35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=3949eaa3e06f154a5c1434d719c7cb33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Protocol
HTTP/1.1
Server
51.210.112.236 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Mon, 08 Nov 2021 16:02:17 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=3949eaa3e06f154a5c1434d719c7cb33
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame D5BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzAzNEY4MzgtNEZDNC00MDE1LUJCRDMtNURGQzVEMDEwOTI4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:15 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:357
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D5BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGdUuJHftrkvV6RA7syHL3c&google_cver=1
42 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGdUuJHftrkvV6RA7syHL3c&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:15 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:368
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGdUuJHftrkvV6RA7syHL3c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D5BB 		43 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 07 Nov 2021 16:02:16 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D5BB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:22096189-4a03-4700-865b-c47333c7c36a&gdpr=0&gdpr_consent=
42 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:22096189-4a03-4700-865b-c47333c7c36a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:425
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 08 Nov 2021 16:02:16 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:22096189-4a03-4700-865b-c47333c7c36a&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 16:02:15 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 849D
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.weny.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.237.203 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbb62d081720e0210a6f152c325981a10bda86397e1767c43cbf64622fd9e9b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Mon, 08 Nov 2021 16:02:17 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 08 Nov 2021 16:02:17 GMT
pragma
no-cache

Redirect headers

date
Mon, 08 Nov 2021 16:02:17 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
tap.php
pixel.rubiconproject.com/ Frame 93B5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=22096189-4a03-4700-865b-c47333c7c36a&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=22096189-4a03-4700-865b-c47333c7c36a&expires=28
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

Date
Mon, 08 Nov 2021 16:02:16 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=22096189-4a03-4700-865b-c47333c7c36a&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 Nov 2021 16:02:15 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 93B5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 93B5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ujkCYEIO8aemuejeoUxyO8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7788274991324539317
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7788274991324539317
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

date
Mon, 08 Nov 2021 16:02:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7788274991324539317
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 93B5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZRVVJMTjktMTktNTRIUg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZRVVJMTjktMTktNTRIUg==
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZRVVJMTjktMTktNTRIUg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 93B5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG3OaBlaEOc8M9q3HOfm0f8&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG3OaBlaEOc8M9q3HOfm0f8&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG3OaBlaEOc8M9q3HOfm0f8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 93B5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVQURLN9-19-54HR&sigv=1&esig=2~758ef63cec0c2dd34cf93a7c5d98a5547fad8cc4
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVQURLN9-19-54HR&sigv=1&esig=2~758ef63cec0c2dd34cf93a7c5d98a5547fad8cc4
Protocol
H2
Server
2a00:1288:80:800::7001 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:17 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVQURLN9-19-54HR&sigv=1&esig=2~758ef63cec0c2dd34cf93a7c5d98a5547fad8cc4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 93B5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YYlKCQADC71z6wAz
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYlKCQADC71z6wAz&_test=YYlKCQADC71z6wAz
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYlKCQADC71z6wAz&_test=YYlKCQADC71z6wAz
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636387337.086868,VS0,VE0
x-served-by
cache-fra19147-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYlKCQADC71z6wAz&_test=YYlKCQADC71z6wAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
709414.gif
id.rlcdn.com/ Frame 93B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 6460 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
X-Proxy-Origin
168.119.25.193; 168.119.25.193; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2a94a1cc-e46d-4854-85a8-8358d1bb328c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DAC9 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
X-Proxy-Origin
168.119.25.193; 168.119.25.193; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
342b6ad8-b622-4f35-bdc3-2b329a1f5f89
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5FB2 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
X-Proxy-Origin
168.119.25.193; 168.119.25.193; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c4999abe-a49e-4e1d-89b0-748e6436be36
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 849D 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=3416fa80-acdf-4990-93fa-6e3f153d35ff&expiration=1644336137
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 16:02:17 GMT
crum
dsum-sec.casalemedia.com/ Frame AC5D 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=3416fa80-acdf-4990-93fa-6e3f153d35ff&expiration=1644336137
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Nov 2021 16:02:17 GMT
event.png
tps20225.doubleverify.com/ Frame 84B1 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20225.doubleverify.com/event.png?impid=09abc06724534232a7ed081d8850e95e&gdpr=&gdpr_consent=&msrcanlm=264&msrcannum=2&eoid=11&ismms=41&isumms=41&isvelg=1&nvr=2&isgmmims=41&isgmv4mims=41&elmtp=1&isbxdms=3041&b0=3171&engisel=1&dvp_vsosnmr=3&dvp_mvpw=device-width&lftb=3171&sftb=3171&naral=256&vct=1&vphgt=1200&vpwdth=1600&chgt=1200&cwdth=1600&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=40&dvp_hdnAd=0&dvp_dpr=1&dvp_itg=HEAD:1,SCRIPT:20,STYLE:1,BODY:1,SPAN:1,DIV:2,A:1,IMG:1,IFRAME:1,&cbust=1636387337582433
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:17 PM
event.png
tps20229.doubleverify.com/ Frame F8A2 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20229.doubleverify.com/event.png?impid=5e0979dc5788456fa69ad6474ce19317&gdpr=&gdpr_consent=&msrcanlm=264&msrcannum=2&eoid=11&ismms=15&isumms=15&isvelg=1&nvr=2&isgmmims=15&isgmv4mims=15&elmtp=1&isbxdms=3015&b0=3207&adhgt=1&adwdth=1&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&lftb=3207&sftb=3207&naral=256&vct=1&vphgt=1200&vpwdth=1600&chgt=1200&cwdth=1600&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=15&engscrlms=159&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&dvp_itg=HEAD:1,SCRIPT:9,BODY:1,SPAN:1,DIV:3,IFRAME:1,&cbust=1636387337610298
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:17 PM
event.png
tps20240.doubleverify.com/ Frame D95E 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20240.doubleverify.com/event.png?impid=d5af08dcab2d4e13a408fc0c8e731dbb&gdpr=&gdpr_consent=&msrcanlm=8648&msrcannum=4&eoid=10&ismms=7&isumms=7&isvelg=1&nvr=2&isgmmims=7&isgmv4mims=7&elmtp=3&isbxdms=3010&b0=3213&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&lftb=3213&sftb=3213&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=7&engscrlms=142&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&cbust=1636387337624998
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:17 PM
event.png
tps20239.doubleverify.com/ Frame 1FDB 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20239.doubleverify.com/event.png?impid=ca82edfb50e4476da5514dabe9776b2e&gdpr=&gdpr_consent=&msrcanlm=8648&msrcannum=4&eoid=10&ismms=14&isumms=14&isvelg=1&nvr=2&isgmmims=14&isgmv4mims=14&elmtp=3&isbxdms=3014&b0=3138&adhgt=600&adwdth=300&norwdth=300&norhgt=600&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&lftb=3138&sftb=3138&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=600&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=13&dvp_hdnAd=0&dvp_dpr=1&cbust=1636387337917710
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:17 PM
event.png
tps20231.doubleverify.com/ Frame 1F72 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20231.doubleverify.com/event.png?impid=fde7f8ff74ec4a279cc0263ea1d422e2&gdpr=&gdpr_consent=&msrcanlm=8648&msrcannum=4&eoid=10&ismms=8&isumms=8&isvelg=1&nvr=2&isgmmims=8&isgmv4mims=8&elmtp=3&isbxdms=3008&b0=3114&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&lftb=3114&sftb=3114&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=7&dvp_hdnAd=0&dvp_dpr=1&cbust=1636387337936258
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:17 PM
event.png
tps20228.doubleverify.com/ Frame EF8A 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20228.doubleverify.com/event.png?impid=ba28560f70544927ab8d57aa87da067f&gdpr=&gdpr_consent=&msrcanlm=786824&msrcannum=4&eoid=10&ismms=8&isumms=8&isvelg=1&nvr=2&isgmmims=8&isgmv4mims=8&elmtp=3&isbxdms=3008&b0=3163&adhgt=90&adwdth=970&norwdth=970&norhgt=90&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&lftb=3163&sftb=3163&msrdp=1&naral=786432&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=970&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=8&dvp_hdnAd=0&dvp_dpr=1&cbust=1636387337996914
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:17 PM
event.png
tps20230.doubleverify.com/ Frame A08B 		67 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20230.doubleverify.com/event.png?impid=c7d45383caca4764a9c6db45c2b12554&gdpr=&gdpr_consent=&msrcanlm=8648&msrcannum=4&eoid=10&ismms=12&isumms=11&isvelg=1&nvr=6&isgmmims=12&isgmv4mims=12&elmtp=3&isbxdms=3011&b11=3130&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&lftb=3130&sftb=3130&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=911&isuiabvms=911&isgmpims=11&isgmv4dpims=911&ispmxpms=911&engalms=11&dvp_hdnAd=0&dvp_dpr=1&cbust=1636387338111708
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.18 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 08 Nov 2021 16:02:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://www.weny.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
11/7/2021 4:02:18 PM
SPug
simage4.pubmatic.com/AdServer/ Frame D5BB 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158639&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
resources
www.weny.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/ 		843 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.weny.com/api/componentInstances/header[0].cols[0].components[3].props.weatherWidget.props.zipcodeData,/resources?zipcode=14850
Requested by
Host: ngw-static.franklyinc.com
URL: https://ngw-static.franklyinc.com/assets/10725/app-3799219fe6f138581641.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
85b09039d6bb7fd37300754b46490f6fbbfef35db3ce63d6f04919f13fc276f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.weny.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:02:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
HIT, MISS
content-length
462
x-xss-protection
1; mode=block
x-served-by
cache-bwi5120-BWI, cache-fra19177-FRA
x-response-time
988ms
access-control-allow-origin
*
server
nginx/1.16.1
x-timer
S1636387341.695563,VS0,VE86
etag
W/"34b-ZA8jbUqPrvC2NKbUCK3RzteCVkg"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
1, 0
dc_oe=ChMIloKC7ZGJ9AIV1ZH9Bx1I4AOPEAAYACCf04pMQhMIjezX7JGJ9AIVsv-7CB3e7wMt;met=1;&timestamp=1636387342182;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame D2F0 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIloKC7ZGJ9AIV1ZH9Bx1I4AOPEAAYACCf04pMQhMIjezX7JGJ9AIVsv-7CB3e7wMt;met=1;&timestamp=1636387342182;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Nov 2021 16:02:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEBcg8LHGbaeQ-f3dfmfsBGQ&google_cver=1&google_push=AYg5qPLRRAf9bDQHcQ3tvo_JZQiZ_4aR5TnCop3Eqitg61DTY6WTOjicVZTLT6t0hJ704flm3OVcTrZ-H4ctkbHoHM5FzfNnFw
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQh-GkgtAvCgoI4gEQh-GkgtAvCgoI5gEQh-GkgtAvCgoIhwIQh-GkgtAvCgkICRCH4aSC0C8KCQg6EIfhpILQLwoJCAsQh-GkgtAvCgoIjAIQh-GkgtAvCgoIzgEQh-GkgtAvCgkIXxCH4aSC0C8=
www.weny.com/ Name: __utma
Value: 1.2103542911.1636387330.1636387330.1636387330.1
www.weny.com/ Name: __utmc
Value: 1
www.weny.com/ Name: __utmz
Value: 1.1636387330.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
www.weny.com/ Name: __utmt
Value: 1
www.weny.com/ Name: __utmb
Value: 1.1.10.1636387330
www.weny.com/ Name: _lang
Value: en
.weny.com/ Name: _ga_frankly
Value: GA1.2.2103542911.1636387330
.weny.com/ Name: _ga_frankly_gid
Value: GA1.2.1638309972.1636387331
www.weny.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.openx.net/ Name: i
Value: 26b62539-bf07-0f1d-3a1f-d1986aa4b575|1636387330
www.weny.com/ Name: _ga
Value: GA1.1.2103542911.1636387330
www.weny.com/ Name: _gid
Value: GA1.1.920822355.1636387331
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPt4unIug7NGHTHprMos3ZuqTBxlXamrm845wFyC1nEdJe_i0vbL1iSxv_BAMOjyAWXcU5g4XObNUfgtsx6P2hY7LEeTvlMuIM
.gumgum.com/ Name: vst
Value: e_3406ce37-78c3-465d-a6fe-cf09b44dd7bf
.doubleclick.net/ Name: IDE
Value: AHWqTUmUeu-wAVsPjmmRkAGu9GkMiPK0v6t2FlZx1fWDq6h--FuaV8nzo7FSW0w3obk
.rubiconproject.com/ Name: rsid
Value: 1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxp8EvrzPAh1r4z5NGroQMTyZLOPgOikSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GKFQIioAWpDL9dOsX4JPWMcjCRbro=
.rubiconproject.com/ Name: khaos
Value: KVQURLN9-19-54HR
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bGDLCslPqIFiq3T44WD0xC8rrUfOpRTiXH24WPzaViPwUC9oY7hz+e5FPp6Z2roexXAUJ+gL7gixRrwQwbVLD5YG7JtXJVTTK0=
.weny.com/ Name: __gads
Value: ID=5d928a9af6ddd3d9:T=1636387330:S=ALNI_MZ1mdlRS0Ev1ZhVtZ7v8RAF8pj8oA
.adnxs.com/ Name: uuid2
Value: 3640150937425385154
.casalemedia.com/ Name: CMPS
Value: 5205
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb=nraE]!@wnfH8K6pQK`!5=E<*L5?%M7mtW%x7Sdee6'zh=gZGzZfQ^0z?pWI^iR4>UP(hw9P-HC_#u#Ob)U]9W
.casalemedia.com/ Name: CMID
Value: YYlKA1eBV3CbXTFX04osWgAA
.casalemedia.com/ Name: CMPRO
Value: 1138
.casalemedia.com/ Name: CMRUM3
Value: 2d61894a042760CAESEGD2m4jpPpKZoc8zkvbA_d4
.casalemedia.com/ Name: CMST
Value: YYlKA2GJSgQA
.w55c.net/ Name: wfivefivec
Value: 4noUvwqU1MK7645
.quantserve.com/ Name: mc
Value: 61894a04-16e76-60267-e2283
.bidswitch.net/ Name: tuuid
Value: 11911a76-e59f-4f95-98d7-48f23a938918
.bidswitch.net/ Name: c
Value: 1636387332
.bidswitch.net/ Name: tuuid_lu
Value: 1636387332
.w55c.net/ Name: matchgoogle
Value: 5
.mathtag.com/ Name: uuid
Value: 22096189-4a03-4700-865b-c47333c7c36a
.mathtag.com/ Name: mt_mop
Value: 4:1636387331
.scoota.co/ Name: tuuid
Value: a84b51c9-ec3e-4f1f-b1cf-454b7275bd2d
.scoota.co/ Name: c
Value: 1636387332
.scoota.co/ Name: tuuid_lu
Value: 1636387332
.weny.com/ Name: _awl
Value: 2.1636387332.0.4-bd1bc3ae-3c16d5b5df96737a93c36e6202b67387-6763652d6575726f70652d7765737431-61894a04-0
.openx.net/ Name: pd
Value: v2|1636387336|gekin0vNiygu
.3lift.com/ Name: tluid
Value: 15859478179927879699
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.id5-sync.com/ Name: id5
Value: a28dfcb3-6304-4e8c-abdf-4e9dc940ab43#1636387329028#1
.quantserve.com/ Name: d
Value: ECoBDwHWJIEPisMA
.id5-sync.com/ Name: 3pi
Value: 441#1636387329103#1332844665
.ads.pubmatic.com/ Name: KCCH
Value: YES

11 Console Messages

Source Level URL
Text
javascript warning URL: https://weny.images.worldnow.com/interface/js/WNVideo.js(Line 24)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/weny.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://weny.images.worldnow.com/interface/js/WNVideo.js(Line 24)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/weny.config.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://weny.images.worldnow.com/interface/js/WNVideo.js(Line 25)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://weny.images.worldnow.com/interface/js/wnaffiliateconfig.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://weny.images.worldnow.com/interface/js/WNVideo.js(Line 26)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://content.worldnow.com/global/js/_pub/off-platform.min.js?ver=7.15.0-5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sandbox-api.britepool.com/v1/britepool/id
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOZWqbT2Dyht51OTaDMDTJgUcsNehTfS2yLJlEyA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6330ce752386455a3a3207234a95a54a.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.pbxai.com
b1sync.zemanta.com
bcp.crwdcntrl.net
be.durationmedia.net
beacon.lynx.cognitivlabs.com
begintrain.com
brightcombid.marphezis.com
c.bing.com
c1.adform.net
cdn.cityspark.com
cdn.doubleverify.com
cdnjs.cloudflare.com
citysparkstorage.blob.core.windows.net
clientcontent.franklyinc.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
content.worldnow.com
csp.azureedge.net
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
frankly-d.openx.net
ftpcontent.worldnow.com
g2.gumgum.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.worldnow.com
imasdk.googleapis.com
js-sec.indexww.com
ka-f.fontawesome.com
kit.fontawesome.com
loada.exelator.com
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
mp.4dex.io
ngw-static.franklyinc.com
p.cityspark.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.a-mo.net
px.ads.linkedin.com
r.scoota.co
s.amazon-adsystem.com
s0.2mdn.net
sandbox-api.britepool.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
sync-tm.everesttech.net
sync.adotmob.com
sync.crwdcntrl.net
sync.extend.tv
sync.mathtag.com
tag.durationmedia.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20225.doubleverify.com
tps20228.doubleverify.com
tps20229.doubleverify.com
tps20230.doubleverify.com
tps20231.doubleverify.com
tps20239.doubleverify.com
tps20240.doubleverify.com
um.simpli.fi
um2.eqads.com
us-u.openx.net
web.hb.ad.cpe.dotomi.com
weny.com
weny.images.worldnow.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.weny.com
x.bidswitch.net
dpm.demdex.net
google2waycm.netmng.com
sync.adotmob.com
142.250.181.226
142.250.184.226
142.250.186.130
142.250.186.98
147.75.61.140
151.101.130.133
151.101.194.133
151.101.2.110
151.101.66.133
151.101.66.49
159.122.14.34
178.250.2.151
18.193.230.138
185.29.132.245
185.33.221.15
185.33.221.50
185.64.189.110
185.64.189.112
185.64.190.81
198.47.127.19
198.47.127.20
199.232.194.110
2.18.232.130
2.18.233.180
2.18.234.21
20.60.80.2
2001:4de0:ac18::1:a:1b
2001:678:cb4:bbbb::11
213.155.156.181
213.254.244.18
216.52.2.30
23.37.38.181
23.37.42.132
23.79.143.124
2600:9000:2156:9400:10:ce97:9fc0:93a1
2600:9000:2156:f400:8:48e:53c0:93a1
2602:803:c002:200::52
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::ac43:4bf1
2606:4700:3030::6815:5183
2606:4700::6810:135e
2606:4700::6812:1734
2606:4700::6812:272
2606:4700::6812:acf
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:119:50e1:101::6cae:b25
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2006
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2004
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a02:26f0:1700:d::1737:6e8f
2a02:26f0:6c00:286::4469
2a02:fa8:8806:12::1460
2a05:d018:d29:3605:5ad:a774:ca1b:74c5
34.149.20.76
34.192.127.138
34.235.147.241
34.241.163.173
34.254.143.3
34.98.64.218
35.156.78.196
35.179.11.203
35.190.62.199
35.244.174.68
35.71.131.137
37.157.6.251
51.210.112.236
52.160.40.218
52.20.156.159
52.208.103.128
52.215.68.151
52.4.158.112
52.45.237.203
52.46.133.124
52.57.110.162
52.57.26.239
54.145.205.131
54.236.220.178
54.77.19.59
64.74.236.159
66.155.71.149
67.202.105.22
69.173.144.138
69.173.144.165
76.223.111.18
99.80.151.46
00aa0c3fc4214585f5201118ea35ea458a190f4fefe7a10cbc83a8f46db899dc
0156244dc816695c5084dbc2121497b0e25faf6865a076eb3651b81e236cdaf1
020eab227f3a54c908708db97c1f1ddd43675174c54cca9f8144650858079a9a
024c9952bc79ce3b2e053e8ffa50fad187bc3d8d0245f86233425aea028750f9
02636e9c4e47c2c6304c2cd3b9f414a7cbfa027bde2f1929a9a414182e98c4a9
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06684a944234eaceb2048dff25e395d4dc9f7e400037786113592b9660394953
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486
0b54d800d0f663fd22d99da381167c78881cdb5d29d3e2017eb03f588c0febc4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbff299697c60a85240567e5742bd4ea192dab3fad581fafe0b82baa58b1a39
0f5b6efd4bca3fc23b417cafb4775257b2e5c7e943a49f88406785a5058f3159
12292ff97b655cc2c4dfd36b751c5eca236ec2fc52967b88913e43b2fd6f8542
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ccf827ffd5452b891e6219a9d3be8222aea9ab9d2277bfb9cf06e745dc2159
151c12b3ccf32ec5b2fc32f22e26a24b01884e7a387430b964fd013ee3500836
15bf39cce93fbe540fcb63992bc3c8ea88eb69a20b25b2b0839a9d53c83c3568
168ee1d2327265c7e417b9835cae716191fbe3af9c025191a170b0a1868dbeeb
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
195593dcd29dab456d369118a9bf8321b7bbf8800b62e118d7ac52f233c148e7
1ab3514249649f5565a5835cd5f0b60de8de1895ac6ab37101f5f208bb03a33e
1e503e67bb4e6bf27752d973fe0006f6ba7dbc8d94d2eab4da1d3f6529932965
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23f037645d5f8cef7c1edb6e05ee33a1aeb035f5905e677db89e0debce329578
26dc4e8a3bf6f660025f26685d625cbc4539a89bb160b15cefa31b4577b16d27
27b4b9cf416f42ca4b9209a5d0623b52baa6ea70ec20498d694d9749e4af4c7d
294b1ad62a52983c3ba707f0472901fad023bf84ef6b30967d21ba770a3a2c73
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
29b7e362e502378263e531c3288ad611209396ee7eb174dab2af8c560d6bb8a6
2a12baf864d29f1fe05f1b1ac339d673b526281ff856de34c1c49159419421c5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d3532716df0b69794752134404e43d3d8dcd7df50c93b76d25c42cee237f5f
31ba8e51303f92d772d148b0cf95e54e73b25ed674cb37b94eaa125bc10ea752
33f82d377d3e18654e5448fde37ba7233e8d6d635ebd04f904840fe8e633f8c3
346fca23852fd8e4cf6311385df61d0811ebc7296b58cf9f681c3d49b0340fe0
349da1799fdd42956b23baec2d20d6f5c9fe75b8f0fba96250ff3af556132e1d
37e6d00474be944992a9c72aec25e9724814996afc92d6ae6e7613c815cfe0ea
383c959ed28d27628158ba3f92ea44b835c26938249e932f814bc4e3f86ab156
38d6fbf0cd3f5d96886a2bcdb1255ac6cd0d98d1fcd5f607c20eb4573b8c333e
38e4480e31f1ee151c5fd75a3892716ab570dd45ef6d4177d54ed66247519c94
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733
3cdbb68e93d9fb8a81d427448443a41d21a66c151d4d7ec865e648833f854b2c
3d219e8fb3092b765558831c629e196128ec3eaca7c8a5a91b57cbab41f08fa9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d88fda7e47f2681de6a750de93dc7c2ede7aabd274f467f8161cd50d3efdb9e
3f9d16f4fb058ac8a47e7d326be54297ac468657cc7c9852c4adbfad1053693b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43264eee45c4715993bf08624e216977bbb9f547cacc9d9d6062255de83c0a0a
43302c15e4cf3bfb27e03ad988b3cfef303d7307ec18624e9819df48353dc89c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9ddf7420489fbd37567cca1557de5745e0e8c53802ae8b7a8f81f7de95aeec
4da50bb36289910e5a4df48dc836e1632292ec61c6359cc2dcd698b214fa6604
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3f17e995252d3098d01435f96ec3cd9f53a9c03481378a67fbb57cf11cfad0
4f3798fda606318f77c6558057b8ff7abafe73bd30332fe8cfa4d177d3682785
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4faae12a5a8f1f0439f11330f88444ccdaf7248d55ebc9bca8a1ced6869d1662
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
51e69d38aa29e161b1dda574258e78053efcef62319683a537964a308ce10986
51fbc9acd9aec027b8097e62f49720c325f36735880599297cb71dbaee93fe6e
53bba9f3ca86a5629b06ba6f3b11258378bebeda2a460c7413cca82d8db0a637
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d807790bcbf15abe7d489b4fbd7ad1d0f4147da92b5a66e6b33c109348e42a
591af985afbb3b3725bb92a711a4ff886ef771f43327f15dc836cc94f5fa3981
597c40212b7c734670b5fc4507944090254078b9957f3fd776479af12dd5635e
5cca64bdd02d7536cd55db209e5ea08940431ce48d1e6e16d156cbb68a8e19ec
5d62ac849712b838970a55cff85bc80779b79c215f0f34dab1ebf228612b546b
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5
5de26f41ac2c75ac1f8c75a0f5762de7d195658f862b1765d46370b12b038240
607d25fcb061b48d9b5b0b123eae21444d9202de0de48e83d20fd18ab9e91b7a
621e33a669b6b1dc42994a287cedeb0b7c6246a9575829cfaf1ac629a54db89f
65a01d82c5dcd40bffd1802ad595a1928215886c59eca635d12ca36436bb7032
67d895c11b5fa3be90a28ff8c2cd540e4bf6fb75889798d63835c1937c65046b
692fc0ecd92fdcce906430ffaed1b02125a0dadf731f6ce2dd94af3e9f476c5a
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
69d65845e3f063c7f6f0187d447d6dc40d02c6cbbddeed908c8bc303caca8d5d
6ad7fc2e639efac1b84ddab21e8faec2b12409209ea5bda40b864c784b8183dc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bbdae9d93ad2a575ee79c32ac9210b7f18546a954831b8db1e836197318a8e3
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6df246e4fabdf7a9df9f073e82e483baeb8c87b2cbddd4605d7d32744b07a878
6e2dcf995382bae2a4ea67ef0136dd790196be48b1e4ca147ee7a2e0f1c4b549
6ffd90fa6b5e74e74854741278dc1ac74ad589e35879e5dd7b00f7c719637ac3
72f7e439acb37ab82c2c7c6e357936e24445060921f6ee31c84d45a7b18bdd4c
730cba4aaf11bdb8de35ef694f6512cbedd754b8a3f50726e8d5cc900719631c
7533029015f293360e36a1418f4a1f8ebbecedca1609e8f8a72a7e69d0cd71e3
765326925d8c73bf270c519144b0eb36681ac35847caa2ff4adfb139bef6c282
77a5d9779dcb0be4bbbcbc8cad48b48785bfaf60ec72b748f099e685dc62184d
7bd381a2357dd5d1b566ca75f138a8693bda60d1b4d90817fd90faa53ae6bb18
7c890f10a781dbc04a4c256303456eda463e9496ae48072c37e7a0c099fa890f
7d718cf85229db24035168ea89d8fe7bbb13c97759b7c5a4f608142eaf0222d5
7e1f2bde115ca87d77c057a039bd8b9fa6ee0dfe062c547857ceb6a6a585b5ac
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
802711a0c74321188fffb1fc52568ed4d8b703d7b286555cabbb0af5993ff12b
81dfc926d06fe7b1e13c87ab635c500e698662d087a00eff1947c05627d4593d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a1d9d260f063b2943578f9eac1a233da7f203fa1484645f31f4ad2e52750e7
85b09039d6bb7fd37300754b46490f6fbbfef35db3ce63d6f04919f13fc276f2
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
896cbcbcf79bea83a451e3da795a8cae4d9a58edcb96d01baee3f89ac7368b2f
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b9c34a91596d9a7457698a84ff66ca8c93bf09fddb4d925131507b6eff09cf1
8d4892fd70bf845b34e85fd509630af6f5447d659b87add79b2cab40318bc25e
8d6cfd630e590b25e616d161fdc8ba58b63b26d31c5fba7348a8bd4617ce8268
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9f893d0a4853da6372727b0102ec377ace67324e1dd483f0d42270bb4d5000
8dd51b5e73db5ca72f9af9334a9cdd9212e78f0db41f89df6984780b3c325d11
908b70b9bad1e47b0fcaec3948d733e2a19aef9d203e309d36935579a8c83844
91fa1fe4e320d5b987cc982f8d5000a62fd90748f69e322042c63f1d4728457b
923c2f82d0812fbcd405e66a674b297904c0bbc4145eee10de5a13ebf6c4717d
92e0d304d45e43f08b5b1c0b92420cc29d8e79a4d56bd67a2be344625754c229
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
944f0ba7b222bed6cadc64c13291aed22a6beee3d65e0a0026845f202b4b97ec
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
961f9c4e2e5c2e288b8c4235bf33bedea79c8a64dab3eec62641ea1225c56ca8
9689feb6a54300d45be81c89781074be3ebc1976a15bdd87f8c8dec471922230
971a78824a18f04ed921e851bf9fc37257aeb92f6720d00d58592477a3d215cb
981ddcc0833eaf83148de9bb9a3b30eaa0e405e1919b7076d9933671d818fdb4
984a6f6dab336dcccc1d0881fd6e8556e95821b7f06ff31c2600053577ef7f4e
9903035e5b61b366e5709819a66349add4a4d132af460c00dc37babc30774ebb
996cab7e77b5c0168f238c95a5a4fff6baa5a1dea34a124bf422a0bbcfd9e46b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cc484149da28e3796cfa8159fa779261dac5c8cf688b9a2b7d45688acbb9436
9d2a69f40efdab15f64f81ed054f141fe5800f496443085e0f4f50c9ab1de175
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a092550220a1a53c6772f9d2f6869f8633877c48bea9a326cfdb0b0677dfaa70
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a468a35eb24d9586536db019a68c7eece5ea6ea1d154ff7ce4e9dc3f9a600590
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a636e9267aa8f2a3bf247ab5025be0cf59840e9e07b17be6202e49e4cd6584a0
a68c9e79fb6737ad320e14b7fc9b91dad1756520aaf308f0000ce217404fac97
a6b0c23a08f2b291c30bb337999fe11799ff51db7b8bc3c841e3650ee6fa60a8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a770d5ce267d61a805d904ef2e8c533fb1ac43ed0073104b52a10766aa578b83
a7b6b632248f0cc3d93e8b0475b8b45dc2b0c2a4eb03218da429e3840a5b59aa
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a87018900370e12c9e03e302e22dc0459417a1b8fdd8815405732e18b93c35f6
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
a958fcdd641e558613fbd1944386b3d3d069d2e3e5a34d775b3ccad94b25269f
ae22c3d9868bbf00ceda3307084254c28c442f84ae801d868f110d640c3b1195
b0096f769c4a8f869b355e861247dd3599a34bfeb28c9dac46a5a599511b51e5
b010243e7eeb3a90a05ff4a3f047df99f32332bce0c06b8f31905ee57bdf8282
b0509e7a00e2109bb8bb8ccae38fe9bf3c7fb63039f50b28e0649b65e16d2e24
b0b9f2ab63d5d0b9facfae89f0dda7c6a8ed0a6e02226e93ab67f3d767c48a43
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e09393d8785e76020c989bdc4f616826f67007f68c18f0855d656dc950a85a
b31909e6918ca9fd756f89517929aedbd9f977fc7863ca12a92e335e2fe183be
b40175f360a2a073e1ae8e4ba504945023ae6733d2edff21d895c9165f65997b
b49a6a2c0ebc6c940b6c76464d4d7bed85e2cd3767d8d2a330c6f16dbd51a972
b52600b282997522a6b47db3501eabbeee9c44830dfd8488328cf688e06d60f0
b5ffb6dd0ff8f483214eb680e533536c88c3964fd6f29ebcdcdd9d33b2f82a1d
b77bfb088bd0c42654d3475432264c60ba92295a231aff9da21de9c533db3c80
b7921156514eac9c7725ef0c6a4f18ca92f7afec6b64473b7fff9b44641cdfca
b7a79131da789330e85d744b628ba1567ef5b5ac3e7060ea1a29c7e8adaeb179
b86b5353ce6df4744c48587b90a10bb3f034162630dc1978102a53192ef15b5e
b9e07bb9ad4968a1fbe6e7333850431a4d258b4636fab75e946ffdd848ae9f69
bac76d11b80c04ee8281decd1a59fd9ac36e895bfe86364c3edfa1632039a255
badd4529bf63efa34241497d3d5239eb25baa6e04c9ce9674061ee1e55721410
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb62d081720e0210a6f152c325981a10bda86397e1767c43cbf64622fd9e9b4
bbfd18f254b09e17e9bfaf7cc91e7865df57351d8b9ac2162918e1f70a2dd4ea
bda8d5e1a1ca09e5045460a49a887a46218c71471a6663149a6bce2c0ecf60e8
c018125c1a5cc37b89cebe560dea5ad408baf81e2f1d8dedf550f812cc4183bd
c041fc2ea8f808d0309f0024d6848892189b6b366dc625bb6a69bb27b200f07d
c0d67e18b2725f39f6643a5b306594db6af52835639b0e44e8cee102c74e50d3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
ca1cb59cc3b69c5722e1f69a2ba65a15ca125e61c5cdc0b97888875d4be0a167
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca5a4ca7b6822fac1a6b2b4d11af047d1609b04e5c1fb8fc74b25f518e5d5cac
ca84c81cacb3406e085cc138b1a26859c5718a975adc08e91c7036c68d7e4653
cce471b643225fb35b245b8c383dc6da3af7b2ad6ec5fd6229d3045c48acc10c
cd2e43aa75434602bb6337c44b97a6449eeb1b3707abd0a99c294fa2d323d4c8
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
ce418b1a84c7b43dc9942db3dd4712a7014183680291fa359dbf224e06ed47f4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18bca4ae99472809660d479049b4eca233d54d8ce08cb4dfec1f6cb80f1c98c
d212c4e67cb437939d8af0fff3f3d30f58fda432be6f0cd03107855c1b8aa057
d2ce8a5d3084a40f33f4a5b37f775584b97105aca32d0e11378ef5d742b5d2f2
d2ddec704ef91119ca3a5b33e5e93bfd7b7b0c7dcd6087fdd1f7cc5639980d98
d3826d782eda23ff45cc5339fd856c9eccf9cd057b7c576c387a4cf577edc1f9
d435fb9000f4dad92adc9c32b6e809c84b482aa719becea6ca59584ea0942087
d7bfb76d58b6b4f80e0c09851bce82baff4700ac09c5731b3c541a62d3a6fae2
d9b8e0391a6d86a921933e5b0a7a9883c1cefb3cf5b3eea85b49df9836e05944
da25e4474175c52ea95c0a728c4c20c15e42ab110c71a7d64267e0ae24553c10
db51d6742fc5d0d77a8a30bacee625b0168a508e65d2ddaeb8d415bb8ac43f9d
db9ec9a2487cfea3f9faa6fcc319a7bb5e91a513ab158c22f1727e342aa4538d
e02d98eb024d24f30d4c26f187cdfc0a1c7b683a505a86843449db27c1f56cb6
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e400db796b3a9c132ab1aa10a407d9d5443143a79d77fbe0b6408db033b07b8b
e53d6c11906c3ea9f43148cf428539b30d2e0ed28acd2151d9c5af29d4a80138
e711ccacb8db4a890a726ddde24374a88c8d119a035653e8bac55ec0a522cdd3
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ea36ec6a3749e392d7389f8fe60fdc399520e595763348f33b366d615dc568a9
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec063e5ca96e225b041ee3b86390b3a467844870a6b88ac2158e9f4e431ae2de
ec92d95f35e92132ef2d7b6b17b4bd93c487a26ff14a8f3827443d6dbf3659af
edcc1a87d8f9b63ccefb58e73238536f3f973294b257ae4b457144897a8c6554
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee1f356dc7b2a6cbcafe0bb4a1b03dd2ccc221e9d1748cd308236a78a293e5fe
ee3ae8a9fdbdd776583fdabad3e261c22131b7f658ca56a2d527177db5b2014c
ee68628bef0217951217a5b5377593ba72cfb8f28d1472dad4c95455efbf79b4
ee79c01cf3e98b75d715ea73295db0072815a45112d68fffd2a803bf7d140ce3
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2f1d18e6543252110c20dbb91356dc1896efba222717a90881669806eb17d7
effe6bb9a4362af69a57e756a32133305939146e963caf81594abe702db0b058
f3a477fb43fbce55701e9a15c6de35dd6fbd636c7d5092a3c4beaef9a94743d0
f40a6451a08dd61aab22d6009d1e63ab3881c30d2f5a5c59dfab2abe76b3ddb6
f469a1cde408d048475efa39d20337cc6b229bb70b559fcfef5213f9fdf7b1e5
f62cef78a4bb90c983a0384ddb12b1481698738b8c685aa20f8bcf1ee642b4fd
f8922c0ea35774a7bc8131d97ab0635704a57f8e419279bffc18323dddf5998d
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
fbe4296cb4455a0f86c6cc4384465a1edb308b03d26a720442549e3ec6021fb5
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe8437cd5a7ada22f5a5991fd0747060211bd514e36f6d41820a68c90c57c633
fe95bfb377d2095d29d05b8cc21059a05245675ff2b6fe9517484c220da7682b